carrierwave_securefile 0.3.1 → 0.4.2
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +1 -1
- data/Gemfile.lock +11 -4
- data/README.md +10 -5
- data/VERSION +1 -1
- data/carrierwave_securefile.gemspec +4 -5
- data/lib/carrierwave/securefile/aes_file.rb +138 -0
- data/lib/carrierwave/securefile/configuration.rb +12 -6
- data/lib/carrierwave/securefile/downloader.rb +14 -5
- data/lib/carrierwave/securefile/uploader.rb +14 -5
- data/lib/carrierwave_securefile.rb +24 -18
- metadata +5 -6
- data/.rvmrc +0 -1
- data/carrierwave_securefile-0.1.2.gem +0 -0
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,17 +1,24 @@
|
|
1
1
|
GEM
|
2
2
|
remote: http://rubygems.org/
|
3
3
|
specs:
|
4
|
-
|
4
|
+
activemodel (3.2.8)
|
5
|
+
activesupport (= 3.2.8)
|
6
|
+
builder (~> 3.0.0)
|
7
|
+
activesupport (3.2.8)
|
8
|
+
i18n (~> 0.6)
|
5
9
|
multi_json (~> 1.0)
|
6
|
-
|
7
|
-
|
10
|
+
builder (3.0.3)
|
11
|
+
carrierwave (0.6.2)
|
12
|
+
activemodel (>= 3.2.0)
|
13
|
+
activesupport (>= 3.2.0)
|
8
14
|
crypt19 (1.2.1)
|
9
15
|
git (1.2.5)
|
16
|
+
i18n (0.6.1)
|
10
17
|
jeweler (1.6.4)
|
11
18
|
bundler (~> 1.0)
|
12
19
|
git (>= 1.2.5)
|
13
20
|
rake
|
14
|
-
multi_json (1.
|
21
|
+
multi_json (1.3.6)
|
15
22
|
rake (0.9.2.2)
|
16
23
|
rcov (0.9.11)
|
17
24
|
shoulda (2.11.3)
|
data/README.md
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
# CarrierWave_SecureFile
|
2
2
|
|
3
|
-
A gem to add secured file uploading to CarrierWave. Uses
|
3
|
+
A gem to add secured file uploading to CarrierWave. Uses Crypt19 and OpenSSL to encrypt and decrypt files, and offers multiple
|
4
|
+
methods of encryption.
|
4
5
|
|
5
6
|
I needed this functionality for a project, and simply couldn't find a viable solution. So I rolled out my own. Then I got tired of
|
6
7
|
dirtying up my /lib/ folder, so I made a gem out of it. This is my first attempt at writing a gem, and for my project, it works
|
@@ -11,13 +12,17 @@ it should work fine just the same.
|
|
11
12
|
|
12
13
|
## Requirements
|
13
14
|
|
14
|
-
Ruby 1.9.3 w/ Rails 3.1.3. Realistically, it should work on Ruby 1.9.x and Rails 3.
|
15
|
-
It hasn't been tested.
|
15
|
+
Ruby 1.9.3 w/ Rails 3.1.3. Realistically, it should work on Ruby 1.9.x and Rails 3.x, but may work on other configurations.
|
16
|
+
It hasn't been tested. I'm currently using this with CarrierWave 0.6.2, Rails 3.2.8, and Ruby 1.9.3.
|
16
17
|
|
17
18
|
## Installation and Usage
|
18
19
|
|
19
20
|
[Please refer to the Wiki For Installation and Usage.](https://github.com/dougc84/carrierwave_securefile/wiki/Usage)
|
20
21
|
|
22
|
+
## Changes in 0.4.x
|
23
|
+
|
24
|
+
* Added AES file encryption using OpenSSL
|
25
|
+
|
21
26
|
## Changes in 0.2.0
|
22
27
|
|
23
28
|
* Changed syntax for Downloader so, you know, it actually works. Would expect a "user_file" field before, now you specify
|
@@ -27,7 +32,7 @@ It hasn't been tested.
|
|
27
32
|
# To Do
|
28
33
|
|
29
34
|
* Integrate with 'process' method in uploader to make 4 lines of code into 1
|
30
|
-
* Refactoring and
|
35
|
+
* Refactoring and testing
|
31
36
|
|
32
37
|
# Contributing to carrierwave_securefile
|
33
38
|
|
@@ -45,5 +50,5 @@ It hasn't been tested.
|
|
45
50
|
|
46
51
|
### Copyright
|
47
52
|
|
48
|
-
Copyright (c) 2011 Doug Clark. See LICENSE.txt for further details.
|
53
|
+
Copyright (c) 2011-2012 Doug Clark. See LICENSE.txt for further details.
|
49
54
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
0.4.2
|
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = "carrierwave_securefile"
|
8
|
-
s.version = "0.
|
8
|
+
s.version = "0.4.2"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Doug Clark"]
|
12
|
-
s.date = "2012-
|
12
|
+
s.date = "2012-09-14"
|
13
13
|
s.description = "Secure, encrypted file uploads using Crypt19 and CarrierWave"
|
14
14
|
s.email = "doug@dougclarkonline.com"
|
15
15
|
s.extra_rdoc_files = [
|
@@ -18,7 +18,6 @@ Gem::Specification.new do |s|
|
|
18
18
|
]
|
19
19
|
s.files = [
|
20
20
|
".document",
|
21
|
-
".rvmrc",
|
22
21
|
"Gemfile",
|
23
22
|
"Gemfile.lock",
|
24
23
|
"Icon\r",
|
@@ -26,9 +25,9 @@ Gem::Specification.new do |s|
|
|
26
25
|
"README.md",
|
27
26
|
"Rakefile",
|
28
27
|
"VERSION",
|
29
|
-
"carrierwave_securefile-0.1.2.gem",
|
30
28
|
"carrierwave_securefile.gemspec",
|
31
29
|
"lib/carrierwave/securefile.rb",
|
30
|
+
"lib/carrierwave/securefile/aes_file.rb",
|
32
31
|
"lib/carrierwave/securefile/configuration.rb",
|
33
32
|
"lib/carrierwave/securefile/downloader.rb",
|
34
33
|
"lib/carrierwave/securefile/uploader.rb",
|
@@ -39,7 +38,7 @@ Gem::Specification.new do |s|
|
|
39
38
|
s.homepage = "http://github.com/dougc84/carrierwave_securefile"
|
40
39
|
s.licenses = ["MIT"]
|
41
40
|
s.require_paths = ["lib"]
|
42
|
-
s.rubygems_version = "1.8.
|
41
|
+
s.rubygems_version = "1.8.24"
|
43
42
|
s.summary = "Secure, encrypted file uploads using Crypt19 and CarrierWave"
|
44
43
|
|
45
44
|
if s.respond_to? :specification_version then
|
@@ -0,0 +1,138 @@
|
|
1
|
+
# AES File Encrypton using openssl and aes-256-cbc
|
2
|
+
# written by Doug Clark - www.dougclarkonline.com
|
3
|
+
#
|
4
|
+
# Usage:
|
5
|
+
#
|
6
|
+
# generate keys:
|
7
|
+
# keys = AESFileKeygen.new
|
8
|
+
# key = keys.key
|
9
|
+
# iv = keys.iv
|
10
|
+
#
|
11
|
+
# encrypt files (after generating keys):
|
12
|
+
# encryptor = AESFileEncrypt.new(key, iv)
|
13
|
+
# encryptor.do "file.to.be.encrypted", "encrypted.file.aes"
|
14
|
+
#
|
15
|
+
# decrypt files (after generating keys):
|
16
|
+
# decryptor = AESFileDecrypt.new(key, iv)
|
17
|
+
# decryptor.do "file.to.be.decrypted", "decrypted.file"
|
18
|
+
|
19
|
+
require 'openssl'
|
20
|
+
|
21
|
+
module CarrierWave
|
22
|
+
module SecureFile
|
23
|
+
module AESFile
|
24
|
+
|
25
|
+
attr_accessor :cipher, :key, :iv, :cipher_type
|
26
|
+
|
27
|
+
def init_cipher(the_cipher)
|
28
|
+
unless self.cipher
|
29
|
+
self.cipher = OpenSSL::Cipher.new(the_cipher)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def set_cipher_method(the_cipher_method)
|
34
|
+
if [:encrypt, :decrypt].include? the_cipher_method.to_sym
|
35
|
+
self.cipher.send(the_cipher_method)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def set_cipher_key(the_cipher_key=nil)
|
40
|
+
if self.key
|
41
|
+
self.cipher.key = self.key
|
42
|
+
elsif the_cipher_key.nil?
|
43
|
+
self.cipher.key = self.key = self.cipher.random_key
|
44
|
+
else
|
45
|
+
self.cipher.key = self.key = the_cipher_key
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def set_cipher_iv(the_cipher_iv=nil)
|
50
|
+
if self.iv
|
51
|
+
self.cipher.iv = self.iv
|
52
|
+
elsif the_cipher_iv.nil?
|
53
|
+
self.cipher.iv = self.iv = self.cipher.random_key
|
54
|
+
else
|
55
|
+
self.cipher.iv = self.iv = the_cipher_iv
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
def initialize(module_name)
|
60
|
+
require module_name
|
61
|
+
eval("#{module_name}.init")
|
62
|
+
end
|
63
|
+
|
64
|
+
end
|
65
|
+
|
66
|
+
class AESFileKeygen
|
67
|
+
|
68
|
+
include CarrierWave::SecureFile::AESFile
|
69
|
+
|
70
|
+
def initialize
|
71
|
+
self.cipher_type = "aes-256-cbc"
|
72
|
+
self.cipher = OpenSSL::Cipher.new(self.cipher_type)
|
73
|
+
set_cipher_key
|
74
|
+
set_cipher_iv
|
75
|
+
end
|
76
|
+
|
77
|
+
end
|
78
|
+
|
79
|
+
|
80
|
+
class AESFileEncrypt
|
81
|
+
|
82
|
+
include CarrierWave::SecureFile::AESFile
|
83
|
+
|
84
|
+
def initialize(key, iv)
|
85
|
+
self.cipher_type = 'aes-256-cbc'
|
86
|
+
init_cipher self.cipher_type
|
87
|
+
set_cipher_method :encrypt
|
88
|
+
set_cipher_key key
|
89
|
+
set_cipher_iv iv
|
90
|
+
end
|
91
|
+
|
92
|
+
def do(from_file, to_file)
|
93
|
+
|
94
|
+
buf = ""
|
95
|
+
File.open(to_file, "wb") do |outf|
|
96
|
+
File.open(from_file, "rb") do |inf|
|
97
|
+
while inf.read(4096, buf)
|
98
|
+
outf << self.cipher.update(buf)
|
99
|
+
end
|
100
|
+
outf << self.cipher.final
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
end
|
106
|
+
|
107
|
+
class AESFileDecrypt
|
108
|
+
|
109
|
+
include CarrierWave::SecureFile::AESFile
|
110
|
+
|
111
|
+
def initialize(key, iv)
|
112
|
+
self.cipher_type = 'aes-256-cbc'
|
113
|
+
init_cipher self.cipher_type
|
114
|
+
set_cipher_method :decrypt
|
115
|
+
set_cipher_key key
|
116
|
+
set_cipher_iv iv
|
117
|
+
end
|
118
|
+
|
119
|
+
def do(from_file, to_file)
|
120
|
+
buf = ""
|
121
|
+
File.open(to_file, "wb") do |outf|
|
122
|
+
File.open(from_file, "rb") do |inf|
|
123
|
+
while inf.read(4096, buf)
|
124
|
+
outf << self.cipher.update(buf)
|
125
|
+
end
|
126
|
+
outf << self.cipher.final
|
127
|
+
end
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
end
|
132
|
+
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
|
137
|
+
|
138
|
+
|
@@ -10,22 +10,28 @@ module CarrierWave
|
|
10
10
|
end
|
11
11
|
|
12
12
|
class Configuration
|
13
|
-
attr_accessor :cypher, :encryption_type
|
13
|
+
attr_accessor :cypher, :encryption_type, :aes_iv, :aes_key
|
14
14
|
end
|
15
15
|
|
16
16
|
class << self
|
17
17
|
|
18
|
+
def cypher
|
19
|
+
configuration = CarrierWave::SecureFile.configuration
|
20
|
+
configuration.cypher[0..55]
|
21
|
+
end
|
22
|
+
|
18
23
|
def cryptable
|
19
24
|
configuration = CarrierWave::SecureFile.configuration
|
20
25
|
begin
|
21
|
-
|
26
|
+
case configuration.encryption_type.downcase.to_sym
|
27
|
+
when :blowfish
|
22
28
|
Crypt::Blowfish
|
23
|
-
|
24
|
-
# Crypt::IDEA
|
25
|
-
elsif configuration.encryption_type.downcase == "rijndael"
|
29
|
+
when :rijndael
|
26
30
|
Crypt::Rijndael
|
27
|
-
|
31
|
+
when :gost
|
28
32
|
Crypt::Gost
|
33
|
+
when :aes
|
34
|
+
CarrierWave::SecureFile::AESFile
|
29
35
|
else
|
30
36
|
Crypt::Blowfish
|
31
37
|
end
|
@@ -6,7 +6,7 @@ module CarrierWave
|
|
6
6
|
|
7
7
|
def call(uploader_model, activerecord_record, file_field)
|
8
8
|
Rails.logger.debug "Downloading using #{CarrierWave::SecureFile.cryptable}..."
|
9
|
-
file =
|
9
|
+
file = nil
|
10
10
|
downloader = uploader_model.new
|
11
11
|
uploaded_file = activerecord_record
|
12
12
|
filename = eval("uploaded_file.#{file_field.to_s}").to_s
|
@@ -15,15 +15,24 @@ module CarrierWave
|
|
15
15
|
file = downloader.file.path.to_s
|
16
16
|
rescue Exception => e
|
17
17
|
Rails.logger.debug "Unable to download file: #{e}"
|
18
|
-
file = filename
|
19
18
|
end
|
19
|
+
|
20
20
|
if File.exists? file
|
21
21
|
ext_file = file + ".x1"
|
22
22
|
File.rename(file,ext_file)
|
23
23
|
configuration = CarrierWave::SecureFile.configuration
|
24
|
-
|
25
|
-
|
26
|
-
|
24
|
+
if configuration.encryption_type.downcase.to_sym == :aes
|
25
|
+
aes_key = configuration.aes_key
|
26
|
+
if activerecord_record.respond_to? :aes_key
|
27
|
+
aes_key = activerecord_record.aes_key
|
28
|
+
end
|
29
|
+
bf = CarrierWave::SecureFile::AESFileDecrypt.new(aes_key, configuration.aes_iv)
|
30
|
+
bf.do ext_file, file
|
31
|
+
else
|
32
|
+
bf = CarrierWave::SecureFile.cryptable.new(configuration.cypher)
|
33
|
+
bf.decrypt_file ext_file, file
|
34
|
+
end
|
35
|
+
File.unlink ext_file
|
27
36
|
return { :file => file, :content_type => uploaded_file.content_type }
|
28
37
|
else
|
29
38
|
# return nil if no file was found
|
@@ -2,21 +2,30 @@ module CarrierWave
|
|
2
2
|
module SecureFile
|
3
3
|
module Uploader
|
4
4
|
|
5
|
-
|
6
5
|
def self.secure_file(model=nil, file)
|
7
|
-
if model
|
6
|
+
if !model.nil? && model.id.nil?
|
8
7
|
Rails.logger.debug "Uploading using #{CarrierWave::SecureFile.cryptable}..."
|
9
8
|
ext_file = file + ".x1"
|
10
9
|
File.rename(file, ext_file)
|
11
10
|
configuration = CarrierWave::SecureFile.configuration
|
12
|
-
|
13
|
-
|
11
|
+
if configuration.encryption_type.downcase.to_sym == :aes
|
12
|
+
aes_key = configuration.aes_key
|
13
|
+
if model.respond_to? :aes_key
|
14
|
+
digest = Digest::SHA256.new
|
15
|
+
digest.update(file.to_s)
|
16
|
+
model.aes_key = aes_key = digest.to_s
|
17
|
+
end
|
18
|
+
encryptor = CarrierWave::SecureFile::AESFileEncrypt.new(aes_key, configuration.aes_iv)
|
19
|
+
encryptor.do ext_file, file
|
20
|
+
else
|
21
|
+
encryptor = CarrierWave::SecureFile.cryptable.new(CarrierWave::SecureFile.cypher)
|
22
|
+
encryptor.encrypt_file(ext_file, file)
|
23
|
+
end
|
14
24
|
File.unlink(ext_file)
|
15
25
|
file
|
16
26
|
end
|
17
27
|
end
|
18
28
|
|
19
|
-
|
20
29
|
end
|
21
30
|
end
|
22
31
|
end
|
@@ -5,26 +5,32 @@ require 'carrierwave/securefile/uploader.rb'
|
|
5
5
|
require 'carrierwave/securefile/downloader.rb'
|
6
6
|
require 'carrierwave/securefile/configuration.rb'
|
7
7
|
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
end
|
8
|
+
begin # require aes
|
9
|
+
require 'carrierwave/securefile/aes_file.rb'
|
10
|
+
rescue LoadError
|
11
|
+
puts "WARNING: Failed to require aes_file or openssl, AES encryption may fail!"
|
12
|
+
end
|
14
13
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
14
|
+
begin # require blowfish
|
15
|
+
require 'crypt/blowfish'
|
16
|
+
rescue LoadError
|
17
|
+
puts "WARNING: Failed to require crypt/blowfish, encryption may fail!"
|
18
|
+
puts " You may need to add the crypt19 gem."
|
19
|
+
end
|
21
20
|
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
21
|
+
begin # require gost
|
22
|
+
require 'crypt/gost'
|
23
|
+
rescue LoadError
|
24
|
+
puts "WARNING: Failed to require crypt/gost, encryption may fail!"
|
25
|
+
puts " You may need to add the crypt19 gem."
|
26
|
+
end
|
27
|
+
|
28
|
+
begin # require rijndael
|
29
|
+
require 'crypt/rijndael'
|
30
|
+
rescue LoadError
|
31
|
+
puts "WARNING: Failed to require crypt/rijndael, encryption may fail!"
|
32
|
+
puts " You may need to add the crypt19 gem."
|
33
|
+
end
|
28
34
|
|
29
35
|
module CarrierWave
|
30
36
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: carrierwave_securefile
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.2
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-09-14 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: carrierwave
|
@@ -116,7 +116,6 @@ extra_rdoc_files:
|
|
116
116
|
- README.md
|
117
117
|
files:
|
118
118
|
- .document
|
119
|
-
- .rvmrc
|
120
119
|
- Gemfile
|
121
120
|
- Gemfile.lock
|
122
121
|
- ! "Icon\r"
|
@@ -124,9 +123,9 @@ files:
|
|
124
123
|
- README.md
|
125
124
|
- Rakefile
|
126
125
|
- VERSION
|
127
|
-
- carrierwave_securefile-0.1.2.gem
|
128
126
|
- carrierwave_securefile.gemspec
|
129
127
|
- lib/carrierwave/securefile.rb
|
128
|
+
- lib/carrierwave/securefile/aes_file.rb
|
130
129
|
- lib/carrierwave/securefile/configuration.rb
|
131
130
|
- lib/carrierwave/securefile/downloader.rb
|
132
131
|
- lib/carrierwave/securefile/uploader.rb
|
@@ -148,7 +147,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
148
147
|
version: '0'
|
149
148
|
segments:
|
150
149
|
- 0
|
151
|
-
hash: -
|
150
|
+
hash: -4337919520585586388
|
152
151
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
153
152
|
none: false
|
154
153
|
requirements:
|
@@ -157,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
157
156
|
version: '0'
|
158
157
|
requirements: []
|
159
158
|
rubyforge_project:
|
160
|
-
rubygems_version: 1.8.
|
159
|
+
rubygems_version: 1.8.24
|
161
160
|
signing_key:
|
162
161
|
specification_version: 3
|
163
162
|
summary: Secure, encrypted file uploads using Crypt19 and CarrierWave
|
data/.rvmrc
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
rvm use 1.9.3-p194
|
Binary file
|