cerebus 0.0.1

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in cerebus.gemspec
+gemspec

data/README.md

@@ -0,0 +1,33 @@
+# Cerebus
+
+## Summary
+
+This is a simple library which wraps openssl to provide a (hopefully)
+secure encryption system for arbitrary strings. The aim was to remove
+all the hard stuff and make it blindingly easy to encrypt and decrypt
+strings. Of course, this doesn't mean you can ignore basic crypographic
+best practices. If you store all your keys insecurely then you might as
+well use rot13.
+
+## Examples
+
+For regular ruby:
+
+```
+require 'cerebus'
+cleartext = 'It is a secret to everybody!'
+encrypted = Cerebus.encrypt cleartext, 'test/keys/public.pem'
+```
+
+For rails it's the same, just first add it to the Gemfile and bundle install to get openssl.
+
+## Making Keys
+
+You can generate some new keys with the included `make_keys.sh` script.
+Be sure to use a good passphrase and keep your private.pem file stored
+safely (whatever that means for the application in question.)
+
+## Bugs
+
+Please fix them and send me a pull request. Or create an issue. Or email
+me at jonathan (a.t) blazingdev , com.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/cerebus.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require 'cerebus'
+
+Gem::Specification.new do |s|
+  s.name              = "cerebus"
+  s.version           = Cerebus::VERSION
+  s.summary           = "Simple and secure RSA/Blowfish encryption."
+  s.description       = "An ecryption library which wraps openssl to give users an easy interface to encrypt any file using a publc and private key."
+  s.authors           = ["Jonathan Jeffus"]
+  s.email             = 'jonathan@blazingdev.com'
+  s.homepage          = 'http://github.com/jjeffus/cerebus'
+  s.rubyforge_project = "cerebus"
+  s.files             = `git ls-files`.split("\n")
+  s.test_files        = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables       = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths     = ["lib"]
+  s.add_runtime_dependency "openssl"
+end

data/decrypt.rb

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require './lib/cerebus.rb'
+
+crypted = File.open("final.txt", "r").read
+cleartext = Cerebus.decrypt crypted, 'test/keys/private.pem', 'test'
+puts cleartext

data/encrypt.rb

@@ -0,0 +1,12 @@
+#!/usr/bin/env ruby
+
+require './lib/cerebus.rb'
+
+cleartext = <<CLEARTEXT
+It is a secret to everybody!
+CLEARTEXT
+
+out = Cerebus.encrypt cleartext, 'test/keys/public.pem'
+puts out
+
+File.open("final.txt", "w").write out

data/lib/cerebus.rb

@@ -0,0 +1,42 @@
+#!/usr/bin/env ruby
+
+require 'openssl'
+
+module Cerebus
+  VERSION = "0.0.1"
+
+  def Cerebus.make_key
+    OpenSSL::Random.random_bytes(56)
+  end
+  def Cerebus.decrypt_blowfish(data, key)
+    cipher     = OpenSSL::Cipher::Cipher.new('bf-cbc').decrypt
+    cipher.key = Digest::MD5.digest key.to_s
+    cipher.update(data) << cipher.final
+  end
+  def Cerebus.decrypt_rsa(data, key_filename, passphrase)
+    opri       = OpenSSL::PKey::RSA.new( File.read(key_filename), passphrase )
+    opri.private_decrypt data
+  end
+  def Cerebus.encrypt_blowfish(data, key)
+    cipher     = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt
+    cipher.key = Digest::MD5.digest key
+    cipher.update(data) << cipher.final
+  end
+  def Cerebus.encrypt_rsa(data, key_filename)
+    opri       = OpenSSL::PKey::RSA.new File.read key_filename
+    opri.public_encrypt data
+  end
+  def Cerebus.encrypt(data, key_filename)
+    key            = Cerebus.make_key
+    encrypted_key  = Cerebus.encrypt_rsa(key, key_filename).unpack("H*")[0]
+    encrypted_data = Cerebus.encrypt_blowfish(data, key).unpack("H*")[0]
+    (encrypted_key.to_s + encrypted_data.to_s)
+  end
+  def Cerebus.decrypt(incoming, key_filename, passphrase)
+    data           = StringIO.new(incoming)
+    encrypted_key  = [data.read(512)].pack("H*")
+    encrypted_data = [data.read].pack("H*")
+    decrypted_key  = Cerebus.decrypt_rsa(encrypted_key, key_filename, passphrase)
+    decrypted_data = Cerebus.decrypt_blowfish(encrypted_data, decrypted_key)
+  end
+end

data/make_keys.sh

@@ -0,0 +1,5 @@
+# This just documents how to make private/public keypairs that work with
+# the library. Just run it, enter a passphrase and remember it!
+
+openssl genrsa -des3 -out private.pem 2048
+openssl rsa -in private.pem -pubout -out public.pem

data/test/cerebus_spec.rb

@@ -0,0 +1,50 @@
+require_relative '../lib/cerebus'
+require 'rspec'
+
+describe Cerebus do
+  KEY     = '01234567890123456789012345678901234567890123456789012345'
+  TEXT    = 'It is a secret to everybody!'
+  CRYPTED = 'c7829fcbf4ae6ff33a22576863f3170a6526e3ab8c786412b8250efc41e4771f'
+  PUBLIC  = 'keys/public.pem'
+  PRIVATE = 'keys/private.pem'
+  PHRASE  = 'test'
+
+  describe :make_key do
+    it "should return a key that's 56 bytes long" do
+      Cerebus.make_key.length.should eq(56)
+    end
+  end
+
+  describe :encrypt_blowfix do
+    it "should encrypt to the cipher data" do
+      Cerebus.encrypt_blowfish(TEXT, KEY).unpack("H*")[0].should eq(CRYPTED)
+    end
+  end
+
+  describe :decrypt_blowfix do
+    it "should decrypt to the clear text" do
+      Cerebus.decrypt_blowfish([CRYPTED].pack("H*"), KEY).should eq(TEXT)
+    end
+  end
+
+  describe :rsa do
+    it "should be reversible" do 
+      encrypted = Cerebus.encrypt_rsa(KEY, PUBLIC)
+      decrypted = Cerebus.decrypt_rsa(encrypted, PRIVATE, PHRASE)
+      decrypted.should eq(KEY)
+    end
+  end
+
+  describe :round_trip do
+    it 'should encrypt and decrypt small strings' do
+      encrypted = Cerebus.encrypt('small', PUBLIC)
+      decrypted = Cerebus.decrypt(encrypted, PRIVATE, PHRASE)
+      decrypted.should eq('small')
+    end
+    it 'should encrypt and decrypt big strings' do
+      encrypted = Cerebus.encrypt( TEXT*100, PUBLIC)
+      decrypted = Cerebus.decrypt(encrypted, PRIVATE, PHRASE)
+      decrypted.should eq(TEXT*100)
+    end
+  end
+end

data/test/keys/private.pem

@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,2AF2AB7CCA8363EC
+
+dpPIoXzeTqOdLU8jdDdrNlNF8BeSXXgXJraIi1Dh25hiisIJQDL6tupez8rzNgca
+bKi7gL/31ac72PEM2jofuvIYLUGz1OHy4/+7e93gTS0cYP3tBPxIci7KXVhaCSKO
+3pzBrxrdv2Ngck438MyIYqSMZD6SJggMt+IAztlGFfPMC76QS83+ghy2/njQ/dAK
+0218Ul+PBs2LTTkcAO/ZAkfw7WsGajiSfs+EhlKDIZx9VC+wYvE8E/23tawp/8vd
+XbsyBYK3awL61t/Et4qnzDTfFDSBkjPHLo9FoDgzutXBaL9xn3GrlxAgRnoE8ls2
+6qAcZC5YO8ytKUPZ7ZdUaOeZdepENqMu/cDM9GV1F/SvUGfPUasjq8/ixu9pBmly
+SADVZKFYD1OcULESm7BL9nc8QlIRGm3nTPBj3vmvMrPn7t3Fv+nbDo0C6JgjhZ9O
+utJ4rMs8sGSMsJpgz2oFNpFB6Y5XnGtRTBszj9oczHmjvrwkC57arQcvZogEUzkQ
++g+9HzGfSl0praHtMlAEljd6cYJR/OhHK9pa27GSxsk3x5dmJNpryEIo4jCmpSGs
+7o9J2cfAvxsjhCPmyb3R0+BAX9k9WgzG8VQJ3xfNBHJ83/Nr83AgC4UQmQCmrYTZ
+Tb+2rH+w9gT098BHfrUCk50PsrFsenmzGhdJSjW2p+sEttuAzHh8573WErtbdZNf
+ZEjLdHJAOn3NoBL4Gi6N4gjkh2S6HMjqyONOqEZjhFS2ixdmepVpgvdQUY57dH4O
+y58mZd18A/2WOSN05VPCXFwDmQhTBqdM7yn3bdnsgXkRYfoQoobSLHZDiTcRBZWh
+gZETJGBt5WfDfSrQobaYBxnFSDhCOJWeYK5B0iQd4bltZINjcAaGGtHhuZ7vp9qw
+sHwoDzKcWM6GEeAv6QZYiCnbIrzciCap+X8vk+CfDToZOA81SmMP1F5G+iC1QIeC
++o9ez/LNbO5AfmPPJS0iWuM39LT5MDE62auYEOucs/b5ZVnjozbwXyT6HCV78C4E
+KfXsdcNgytZ3BEEEyPO92P6zu92vKcz+HLcnNBmYDke0YG55XXj0E7XwUOUp5oAU
+B7+ViL1e4gKyPT7U+OvevJxkzgudo5lzQ6fBcCfhCfN758M+Dae/XzMjMPLeEJlI
+0V0j7dTui1dUK2Y+Nev2swvIH35vZI16s6u6RKDG/4KlbgBKa9FAWuuTkQ58h5yk
+rr6V/6eoq+/9nUVqq5TuBqA/bLYiXzn9wmlTb8uioLLOmDHPYhnliNax6lQwwIUt
+LtxZIi0M7UM/YFUP1U7//iSZRUt0wOTA98kev1AMsut7hDhpaAgk7QyU1Z0g+RSg
+9HptRtv5RkBl07sqWA+27l0U1fwtQqiutwN1aObBMtDMSaNa1iR8jGiBBrfQDTb1
+jBDjFapCX56LngQiYPbnEwFsyoRDwN42PJj5/j5+MLOAJ+35eDuZ+fZ3nlatAaAq
+Dx80uerocIPXDtZKuGj81XpXxX2fb6BQs5gegbFSIQ3gziUdGmG70lyq3jnnu+V0
+598qaU0xJgqzOkmIfd5ZAyevM2ODh8lB6JGpz8gKOPY7D8hedF8V3zESKTZMfLsj
+-----END RSA PRIVATE KEY-----

data/test/keys/public.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sZD3Va4p69oHJtDJpro
+3wq08AK+lck4Hoemp32HuY0WxhqJnzW15geAhxbf0GTHJkaO3XPKBC5NIwHPruOr
+Xx/04EPImUeS/c8xQxd1wS9aF+aQYVt7yPe5Xd5949eDok6mf2R9ntZP8f/DOOI7
+BtNNsTwTYA7zWQJ9T9NY9B1MAFfHU2SAa5YmKwxqwnbDVvf2rXau7zw3/xgUodWY
+dYruxlwjYdkIFTxevxw1MlCt3g9i7IXlxjbzo22+meRmxM8X1pJFpNWbF3CnlS3d
+shIsStJcimdIAcNnyQIm4D4cJx6C26NBge3XtOPvEsx+b+Qdo2teDMYnANQbBu9a
+WQIDAQAB
+-----END PUBLIC KEY-----

metadata

@@ -0,0 +1,70 @@
+--- !ruby/object:Gem::Specification
+name: cerebus
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Jonathan Jeffus
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-04-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: &70344342031260 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70344342031260
+description: An ecryption library which wraps openssl to give users an easy interface
+  to encrypt any file using a publc and private key.
+email: jonathan@blazingdev.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- README.md
+- Rakefile
+- cerebus.gemspec
+- decrypt.rb
+- encrypt.rb
+- lib/cerebus.rb
+- make_keys.sh
+- test/cerebus_spec.rb
+- test/keys/private.pem
+- test/keys/public.pem
+homepage: http://github.com/jjeffus/cerebus
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: cerebus
+rubygems_version: 1.8.17
+signing_key: 
+specification_version: 3
+summary: Simple and secure RSA/Blowfish encryption.
+test_files:
+- test/cerebus_spec.rb
+- test/keys/private.pem
+- test/keys/public.pem