carrierwave_securefile 0.3.1 → 0.4.2

data/Gemfile

@@ -13,4 +13,4 @@ group :development do
 end
 
 gem 'carrierwave', '>= 0.5.8'
-gem 'crypt19', '1.2.1'
+gem 'crypt19', '1.2.1'

data/Gemfile.lock

@@ -1,17 +1,24 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    activesupport (3.1.3)
+    activemodel (3.2.8)
+      activesupport (= 3.2.8)
+      builder (~> 3.0.0)
+    activesupport (3.2.8)
+      i18n (~> 0.6)
       multi_json (~> 1.0)
-    carrierwave (0.5.8)
-      activesupport (~> 3.0)
+    builder (3.0.3)
+    carrierwave (0.6.2)
+      activemodel (>= 3.2.0)
+      activesupport (>= 3.2.0)
     crypt19 (1.2.1)
     git (1.2.5)
+    i18n (0.6.1)
     jeweler (1.6.4)
       bundler (~> 1.0)
       git (>= 1.2.5)
       rake
-    multi_json (1.0.3)
+    multi_json (1.3.6)
     rake (0.9.2.2)
     rcov (0.9.11)
     shoulda (2.11.3)

data/README.md

@@ -1,6 +1,7 @@
 # CarrierWave_SecureFile
 
-A gem to add secured file uploading to CarrierWave.  Uses the Crypt19 gem with Blowfish encryption to encrypt and decrypt files.
+A gem to add secured file uploading to CarrierWave.  Uses Crypt19 and OpenSSL to encrypt and decrypt files, and offers multiple
+methods of encryption.
 
 I needed this functionality for a project, and simply couldn't find a viable solution.  So I rolled out my own.  Then I got tired of
 dirtying up my /lib/ folder, so I made a gem out of it.  This is my first attempt at writing a gem, and for my project, it works
@@ -11,13 +12,17 @@ it should work fine just the same.
 
 ## Requirements
 
-Ruby 1.9.3 w/ Rails 3.1.3.  Realistically, it should work on Ruby 1.9.x and Rails 3.1.x, but may work on other configurations.
-It hasn't been tested.
+Ruby 1.9.3 w/ Rails 3.1.3.  Realistically, it should work on Ruby 1.9.x and Rails 3.x, but may work on other configurations.
+It hasn't been tested.  I'm currently using this with CarrierWave 0.6.2, Rails 3.2.8, and Ruby 1.9.3.
 
 ## Installation and Usage
 
 [Please refer to the Wiki For Installation and Usage.](https://github.com/dougc84/carrierwave_securefile/wiki/Usage)
 
+## Changes in 0.4.x
+
+* Added AES file encryption using OpenSSL
+
 ## Changes in 0.2.0
 
 * Changed syntax for Downloader so, you know, it actually works.  Would expect a "user_file" field before, now you specify
@@ -27,7 +32,7 @@ It hasn't been tested.
 # To Do
 
 * Integrate with 'process' method in uploader to make 4 lines of code into 1
-* Refactoring and additional testing
+* Refactoring and testing
 
 # Contributing to carrierwave_securefile
  
@@ -45,5 +50,5 @@ It hasn't been tested.
 
 ### Copyright
 
-Copyright (c) 2011 Doug Clark. See LICENSE.txt for further details.
+Copyright (c) 2011-2012 Doug Clark. See LICENSE.txt for further details.
 

data/VERSION

@@ -1 +1 @@
-0.3.1
+0.4.2

data/carrierwave_securefile.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = "carrierwave_securefile"
-  s.version = "0.3.1"
+  s.version = "0.4.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Doug Clark"]
-  s.date = "2012-05-27"
+  s.date = "2012-09-14"
   s.description = "Secure, encrypted file uploads using Crypt19 and CarrierWave"
   s.email = "doug@dougclarkonline.com"
   s.extra_rdoc_files = [
@@ -18,7 +18,6 @@ Gem::Specification.new do |s|
   ]
   s.files = [
     ".document",
-    ".rvmrc",
     "Gemfile",
     "Gemfile.lock",
     "Icon\r",
@@ -26,9 +25,9 @@ Gem::Specification.new do |s|
     "README.md",
     "Rakefile",
     "VERSION",
-    "carrierwave_securefile-0.1.2.gem",
     "carrierwave_securefile.gemspec",
     "lib/carrierwave/securefile.rb",
+    "lib/carrierwave/securefile/aes_file.rb",
     "lib/carrierwave/securefile/configuration.rb",
     "lib/carrierwave/securefile/downloader.rb",
     "lib/carrierwave/securefile/uploader.rb",
@@ -39,7 +38,7 @@ Gem::Specification.new do |s|
   s.homepage = "http://github.com/dougc84/carrierwave_securefile"
   s.licenses = ["MIT"]
   s.require_paths = ["lib"]
-  s.rubygems_version = "1.8.23"
+  s.rubygems_version = "1.8.24"
   s.summary = "Secure, encrypted file uploads using Crypt19 and CarrierWave"
 
   if s.respond_to? :specification_version then

data/lib/carrierwave/securefile/aes_file.rb

@@ -0,0 +1,138 @@
+# AES File Encrypton using openssl and aes-256-cbc
+# written by Doug Clark - www.dougclarkonline.com
+# 
+# Usage:
+# 
+# generate keys:
+# keys = AESFileKeygen.new
+# key = keys.key
+# iv = keys.iv
+# 
+# encrypt files (after generating keys):
+# encryptor = AESFileEncrypt.new(key, iv)
+# encryptor.do "file.to.be.encrypted", "encrypted.file.aes"
+# 
+# decrypt files (after generating keys):
+# decryptor = AESFileDecrypt.new(key, iv)
+# decryptor.do "file.to.be.decrypted", "decrypted.file"
+
+require 'openssl'
+
+module CarrierWave
+	module SecureFile
+		module AESFile
+	
+			attr_accessor :cipher, :key, :iv, :cipher_type
+	
+			def init_cipher(the_cipher)
+				unless self.cipher
+					self.cipher = OpenSSL::Cipher.new(the_cipher)
+				end
+			end
+
+			def set_cipher_method(the_cipher_method)
+				if [:encrypt, :decrypt].include? the_cipher_method.to_sym
+					self.cipher.send(the_cipher_method)
+				end
+			end
+
+			def set_cipher_key(the_cipher_key=nil)
+				if self.key
+					self.cipher.key = self.key
+				elsif the_cipher_key.nil?
+					self.cipher.key = self.key = self.cipher.random_key
+				else
+					self.cipher.key = self.key = the_cipher_key
+				end
+			end
+
+			def set_cipher_iv(the_cipher_iv=nil)
+				if self.iv
+					self.cipher.iv = self.iv
+				elsif the_cipher_iv.nil?
+					self.cipher.iv = self.iv = self.cipher.random_key
+				else
+					self.cipher.iv = self.iv = the_cipher_iv
+				end
+			end
+	
+			def initialize(module_name)
+				require module_name
+				eval("#{module_name}.init")
+			end
+	
+		end
+		
+		class AESFileKeygen
+
+			include CarrierWave::SecureFile::AESFile
+
+			def initialize
+				self.cipher_type = "aes-256-cbc"
+				self.cipher = OpenSSL::Cipher.new(self.cipher_type)
+				set_cipher_key
+				set_cipher_iv
+			end
+
+		end
+
+
+		class AESFileEncrypt
+
+			include CarrierWave::SecureFile::AESFile
+
+			def initialize(key, iv)
+				self.cipher_type = 'aes-256-cbc'
+				init_cipher self.cipher_type
+				set_cipher_method :encrypt
+				set_cipher_key key
+				set_cipher_iv iv
+			end
+
+			def do(from_file, to_file)
+
+				buf = ""
+				File.open(to_file, "wb") do |outf|
+					File.open(from_file, "rb") do |inf|
+						while inf.read(4096, buf)
+							outf << self.cipher.update(buf)
+						end
+						outf << self.cipher.final
+					end
+				end
+			end
+
+		end
+
+		class AESFileDecrypt
+
+			include CarrierWave::SecureFile::AESFile
+
+			def initialize(key, iv)
+				self.cipher_type = 'aes-256-cbc'
+				init_cipher self.cipher_type
+				set_cipher_method :decrypt
+				set_cipher_key key
+				set_cipher_iv iv
+			end
+
+			def do(from_file, to_file)
+				buf = ""
+				File.open(to_file, "wb") do |outf|
+					File.open(from_file, "rb") do |inf|
+						while inf.read(4096, buf)
+							outf << self.cipher.update(buf)
+						end
+						outf << self.cipher.final
+					end
+				end	
+			end
+
+		end
+		
+	end
+end
+
+
+
+

data/lib/carrierwave/securefile/configuration.rb

@@ -10,22 +10,28 @@ module CarrierWave
 		end
 		
 		class Configuration
-			attr_accessor :cypher, :encryption_type
+			attr_accessor :cypher, :encryption_type, :aes_iv, :aes_key
 		end
 		
 		class << self
 			
+			def cypher
+				configuration = CarrierWave::SecureFile.configuration
+				configuration.cypher[0..55]
+			end
+			
 			def cryptable
 				configuration = CarrierWave::SecureFile.configuration
 				begin
-					if configuration.encryption_type.downcase == "blowfish"
+					case configuration.encryption_type.downcase.to_sym
+					when :blowfish
 						Crypt::Blowfish
-					# elsif configuration.encryption_type.downcase == "idea"
-					# 	Crypt::IDEA
-					elsif configuration.encryption_type.downcase == "rijndael"
+					when :rijndael
 						Crypt::Rijndael
-					elsif configuration.encryption_type.downcase == "gost"
+					when :gost
 						Crypt::Gost
+					when :aes
+						CarrierWave::SecureFile::AESFile
 					else
 						Crypt::Blowfish
 					end

data/lib/carrierwave/securefile/downloader.rb

@@ -6,7 +6,7 @@ module CarrierWave
 
 				def call(uploader_model, activerecord_record, file_field)
 					Rails.logger.debug "Downloading using #{CarrierWave::SecureFile.cryptable}..."
-					file = ""
+					file = nil
 					downloader = uploader_model.new
 					uploaded_file = activerecord_record
 					filename = eval("uploaded_file.#{file_field.to_s}").to_s
@@ -15,15 +15,24 @@ module CarrierWave
 						file = downloader.file.path.to_s
 					rescue Exception => e
 						Rails.logger.debug "Unable to download file: #{e}"
-						file = filename
 					end
+					
 					if File.exists? file
 						ext_file = file + ".x1"
 						File.rename(file,ext_file)
 						configuration = CarrierWave::SecureFile.configuration
-						bf = CarrierWave::SecureFile.cryptable.new(configuration.cypher)
-						bf.decrypt_file(ext_file, file)
-						File.unlink(ext_file)
+						if configuration.encryption_type.downcase.to_sym == :aes
+							aes_key = configuration.aes_key
+							if activerecord_record.respond_to? :aes_key
+								aes_key = activerecord_record.aes_key
+							end
+							bf = CarrierWave::SecureFile::AESFileDecrypt.new(aes_key, configuration.aes_iv)
+							bf.do ext_file, file
+						else
+							bf = CarrierWave::SecureFile.cryptable.new(configuration.cypher)
+							bf.decrypt_file ext_file, file
+						end
+						File.unlink ext_file
 						return { :file => file, :content_type => uploaded_file.content_type }
           else 
             # return nil if no file was found

data/lib/carrierwave/securefile/uploader.rb

@@ -2,21 +2,30 @@ module CarrierWave
 	module SecureFile
 		module Uploader
 
-
 			def self.secure_file(model=nil, file)
-				if model
+				if !model.nil? && model.id.nil?
 					Rails.logger.debug "Uploading using #{CarrierWave::SecureFile.cryptable}..."
 					ext_file = file + ".x1"
 					File.rename(file, ext_file)
 					configuration = CarrierWave::SecureFile.configuration
-					bf = CarrierWave::SecureFile.cryptable.new(configuration.cypher)
-					bf.encrypt_file(ext_file, file)
+					if configuration.encryption_type.downcase.to_sym == :aes
+						aes_key = configuration.aes_key
+						if model.respond_to? :aes_key
+							digest = Digest::SHA256.new
+							digest.update(file.to_s)
+							model.aes_key = aes_key = digest.to_s
+						end
+						encryptor = CarrierWave::SecureFile::AESFileEncrypt.new(aes_key, configuration.aes_iv)
+						encryptor.do ext_file, file
+					else
+						encryptor = CarrierWave::SecureFile.cryptable.new(CarrierWave::SecureFile.cypher)
+						encryptor.encrypt_file(ext_file, file)
+					end
 					File.unlink(ext_file)
 					file
 				end
 			end
 			
-			
 		end
 	end
 end

data/lib/carrierwave_securefile.rb

@@ -5,26 +5,32 @@ require 'carrierwave/securefile/uploader.rb'
 require 'carrierwave/securefile/downloader.rb'
 require 'carrierwave/securefile/configuration.rb'
 
-	begin # require blowfish
-		require 'crypt/blowfish'
-	rescue LoadError
-		puts "WARNING: Failed to require crypt/blowfish, encryption may fail!"
-		puts "         You may need to add the crypt19 gem."
-	end
+begin # require aes
+	require 'carrierwave/securefile/aes_file.rb'
+rescue LoadError
+	puts "WARNING: Failed to require aes_file or openssl, AES encryption may fail!"
+end
 
-	begin # require gost
-		require 'crypt/gost'
-	rescue LoadError
-		puts "WARNING: Failed to require crypt/gost, encryption may fail!"
-		puts "         You may need to add the crypt19 gem."
-	end
+begin # require blowfish
+	require 'crypt/blowfish'
+rescue LoadError
+	puts "WARNING: Failed to require crypt/blowfish, encryption may fail!"
+	puts "         You may need to add the crypt19 gem."
+end
 
-	begin # require rijndael
-		require 'crypt/rijndael'
-	rescue LoadError
-		puts "WARNING: Failed to require crypt/rijndael, encryption may fail!"
-		puts "         You may need to add the crypt19 gem."
-	end
+begin # require gost
+	require 'crypt/gost'
+rescue LoadError
+	puts "WARNING: Failed to require crypt/gost, encryption may fail!"
+	puts "         You may need to add the crypt19 gem."
+end
+
+begin # require rijndael
+	require 'crypt/rijndael'
+rescue LoadError
+	puts "WARNING: Failed to require crypt/rijndael, encryption may fail!"
+	puts "         You may need to add the crypt19 gem."
+end
 
 module CarrierWave
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: carrierwave_securefile
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.4.2
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-05-27 00:00:00.000000000 Z
+date: 2012-09-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: carrierwave
@@ -116,7 +116,6 @@ extra_rdoc_files:
 - README.md
 files:
 - .document
-- .rvmrc
 - Gemfile
 - Gemfile.lock
 - ! "Icon\r"
@@ -124,9 +123,9 @@ files:
 - README.md
 - Rakefile
 - VERSION
-- carrierwave_securefile-0.1.2.gem
 - carrierwave_securefile.gemspec
 - lib/carrierwave/securefile.rb
+- lib/carrierwave/securefile/aes_file.rb
 - lib/carrierwave/securefile/configuration.rb
 - lib/carrierwave/securefile/downloader.rb
 - lib/carrierwave/securefile/uploader.rb
@@ -148,7 +147,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -755978096501977255
+      hash: -4337919520585586388
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -157,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: Secure, encrypted file uploads using Crypt19 and CarrierWave

data/.rvmrc

@@ -1 +0,0 @@
-rvm use 1.9.3-p194