cript 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +17 -0
- data/.travis.yml +7 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +92 -0
- data/Rakefile +1 -0
- data/cript.gemspec +24 -0
- data/lib/cript.rb +14 -0
- data/lib/cript/cripter.rb +89 -0
- data/lib/cript/ehash.rb +39 -0
- data/lib/cript/hidr.rb +36 -0
- data/lib/cript/naive.rb +83 -0
- data/lib/cript/simple.rb +31 -0
- data/lib/cript/store.rb +59 -0
- data/lib/cript/version.rb +3 -0
- data/spec/ehash_spec.rb +27 -0
- data/spec/hidr_spec.rb +43 -0
- data/spec/naive_spec.rb +21 -0
- data/spec/simple_spec.rb +20 -0
- data/spec/spec_helper.rb +9 -0
- metadata +120 -0
data/.gitignore
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2013 Andrew Tongen
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,92 @@
|
|
1
|
+
# Cript
|
2
|
+
|
3
|
+
Simple Encryption Tools for Ruby
|
4
|
+
|
5
|
+
[![Build Status](https://travis-ci.org/atongen/cript.png)](https://travis-ci.org/atongen/cript)
|
6
|
+
|
7
|
+
## Installation
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
gem 'cript'
|
12
|
+
|
13
|
+
And then execute:
|
14
|
+
|
15
|
+
$ bundle
|
16
|
+
|
17
|
+
Or install it yourself as:
|
18
|
+
|
19
|
+
$ gem install cript
|
20
|
+
|
21
|
+
## Usage
|
22
|
+
|
23
|
+
### Cript::Store
|
24
|
+
|
25
|
+
Cript::Store builds on PStore from the standard library, but encrypts the data it writes
|
26
|
+
to the filesystem. By default it uses Cript::Simple to do the encryption.
|
27
|
+
|
28
|
+
```ruby
|
29
|
+
require 'cript'
|
30
|
+
store = Cript::Store.new('/tmp/cript.store')
|
31
|
+
store.transaction do
|
32
|
+
store[:secret] = "Super secret data!"
|
33
|
+
end
|
34
|
+
```
|
35
|
+
|
36
|
+
### Cript::EHash
|
37
|
+
|
38
|
+
Cript::EHash is a convenience class that allows you to not explicitly declare transactions.
|
39
|
+
You can treat it like you would normally treat a hash.
|
40
|
+
Each message sent to the object automatically gets wrapped in a transaction block.
|
41
|
+
Obviously, this will have performance implications.
|
42
|
+
|
43
|
+
### Cript::Simple
|
44
|
+
|
45
|
+
Cript::Simple is a simple wrapper around the ruby openssl bindings.
|
46
|
+
Once created, you can call encrypt or decrypt on it to encrypt or decrypt strings.
|
47
|
+
It requires access to an RSA public key to do encryption, and an RSA private key to do decryption.
|
48
|
+
If not provided at initialization, it will look in $HOME/.ssh/id_rsa and $HOME/.ssh/id_rsa.pub.
|
49
|
+
|
50
|
+
If you don't want to use your default ssh keys, you can pass in paths to a different key pair.
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
c1 = Cript::Simple.new(public_key_path: '/path/to/some/ssh_key.pub', private_key_path: '/path/to/some/ssh_key')
|
54
|
+
plain = "More secret stuff!"
|
55
|
+
encrypted = c2.encrypt(plain)
|
56
|
+
decrypted = c2.decrypt(encrypted)
|
57
|
+
```
|
58
|
+
|
59
|
+
Or you can pass in the ssh keys as strings in PEM format:
|
60
|
+
|
61
|
+
```ruby
|
62
|
+
c2 = Cript::Simple.new({
|
63
|
+
public_key_content: "-----BEGIN PUBLIC KEY-----\nafaf...",
|
64
|
+
private_key_path: "-----BEGIN RSA PRIVATE KEY-----\n3f4q..."
|
65
|
+
})
|
66
|
+
encrypted = c.encrypt("More secret stuff!")
|
67
|
+
```
|
68
|
+
|
69
|
+
### Cript::Hidr
|
70
|
+
|
71
|
+
The Hidr class allows you to obscure strings in other strings by facilitating a two-way conversion
|
72
|
+
between a string and a binary version of that string.
|
73
|
+
|
74
|
+
The resulting binary characters can be any two charaters. By default it uses a space and a tab.
|
75
|
+
|
76
|
+
```ruby
|
77
|
+
h = Cript::Hidr.new(b0: 'a', b1: 'z')
|
78
|
+
result = h.hide('Wow!')
|
79
|
+
```
|
80
|
+
|
81
|
+
After running this code, result will contain "zzzazazazzzzazzazzzazzzazaaaazaa".
|
82
|
+
|
83
|
+
It comes with a few commonly used mappings already setup: ascii, unicode, orly.
|
84
|
+
Call the class method of the same name to get these hidrs.
|
85
|
+
|
86
|
+
## Contributing
|
87
|
+
|
88
|
+
1. Fork it
|
89
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
90
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
91
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
92
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
data/cript.gemspec
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'cript/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "cript"
|
8
|
+
spec.version = Cript::VERSION
|
9
|
+
spec.authors = ["Andrew Tongen"]
|
10
|
+
spec.email = ["atongen@gmail.com"]
|
11
|
+
spec.description = %q{Simple Encryption Tools for Ruby}
|
12
|
+
spec.summary = %q{Simple Encryption Tools for Ruby}
|
13
|
+
spec.homepage = "https://github.com/atongen/cript"
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files`.split($/)
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.3"
|
22
|
+
spec.add_development_dependency "rake"
|
23
|
+
spec.add_development_dependency "rspec"
|
24
|
+
end
|
data/lib/cript.rb
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
require "cript/version"
|
2
|
+
|
3
|
+
module Cript
|
4
|
+
PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----\nMIIEoQIBAAKCAQEArhk4ZdrUm73R8gIZ0w6oJpLvjjgu3YvKC3rWF6Hg9nmC52Md\nWD+L10LEKttfKai11s9E+qP+UwEjqq+VVqaTfQpgK/uwAw5t7UuBvYUqBN9J7Zoq\nfFOONTl6y86eEJYj1hkM7+/PP8r5G3C/FYw2AyuduAArWZixuBrdOY8umsUvqPGR\nKFJsvxfR3VGuL2Lq0YuaZlwPpmIimxFnGgpCaRcFRlIPWfSm7AQgAe11bV/vXx+6\nKYNGYT+dQeXZZA38KDRha7ibJbX0q06izWz4j01Dzo/gKMwEzMegbCMq+XyAKPAj\nXZhr7HmrclUZyzo+iMP51G3mEriG1HA7NFac8QIDAQABAoIBAHYxUQR1B5mjyIAP\nxRBwBuAJKPDYW5i0ajpY7jelAmDSJXiI5Ucf/QPqo9qki3pwuuJWXHH8G5CmWVxr\nT2tAMyjUfm3dtKSeiypp9G6BlQExxbK00tsMrqKbny3124FPLI0Q/KN3nq+kUHG8\nnT03rwN//NcJ5mQxMZXXRxDoj68pyHcCU6cMjweC1vEWMIABGTJVTxHfobIVmfI6\n8gnxdMxmkgyJHdKKwzztaKdDNl5ISlhtisnuF/cIT0dWBkAdO+aIgePPK0rOgCL8\nW/YZ8cSLSag7WJnPQPhODhGNsRXhDeemtZUD+MGJ4i0D/B5zXm3yRJhqrbkpiNDg\nO91InbECgYEA157UYoymjPaZk/Tz/5PpGte46oPTAztD56XIxdm7XPwITmeQ/qhs\nXeaN3n8wt/wAjilvtGSUna7wtJCHM/Y8iP6SHSP3Fa/24xuH9MtapzTGLgrk4guh\neG05tsAWjTiKfYpbtgs6cTbwQFkgJaiMNuymeg4yxX3h+AVw9H+nYK8CgYEAzrPE\na2I/LwBuyM5OWD2ztlEm5GkjADXdU6eUJEuuQZGh7fldXz82Ld1vOiRUN8LPBhCQ\nfvikid9ZBb2DqzdvkL0dMHw5kx6lV+8gPRScaSkD+g58MpUTv0NGKQM7nxdPSvPk\n7X72QwmqcnJbIS+Al6HpPVYmeFzqP2RE0wt5BF8Cfyr0eVsoqgVrGy1enz1LOiUe\n1LfjiyYZqG19mYHQ3oKnsv/rofcZln0ecSTiMdJ1YabwmlBVuUWwlENkh4rSgzzH\nelRT1eV8KLMVyP/7gxPMb668fNyLdJ+JIvZFTjjUCsL3zU127y2exD4Ng1n9OfG3\nM3MdYP/3FA1VCCutQqsCgYAlx0FdBwXZR1D4LoyvIAfaiJZ9JKIbBb0/7t7qi1J7\n9WwNHIhuQhVa6J/Nlpo13ssLprdiHXulH0cb/3kzL9yaLZZKKEo1k2JQ4gmYYE3+\nAlsRttgIPqrvSBJoqIibGR2K62yp44yK0Bdw92mkdRQhopwIc9hwIztE/sR9dhlW\nLQKBgQCjD01i0JTA+mKQk9zPQzduDfTqMx5DVRqndROaKkqpgasMb5wBCSCWddlS\nJRWbl6Yiwv5AZMcYWw5zjd83w7zD/XiQYGxLF2oVbWXFl/65Qxj0Oum/TWM32+LH\n2oUSPzpyvmzM16o7vHW+1sPIaPGt/y63UzKXqf4kJrs6Wy5ipQ==\n-----END RSA PRIVATE KEY-----\n"
|
5
|
+
PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhk4ZdrUm73R8gIZ0w6o\nJpLvjjgu3YvKC3rWF6Hg9nmC52MdWD+L10LEKttfKai11s9E+qP+UwEjqq+VVqaT\nfQpgK/uwAw5t7UuBvYUqBN9J7ZoqfFOONTl6y86eEJYj1hkM7+/PP8r5G3C/FYw2\nAyuduAArWZixuBrdOY8umsUvqPGRKFJsvxfR3VGuL2Lq0YuaZlwPpmIimxFnGgpC\naRcFRlIPWfSm7AQgAe11bV/vXx+6KYNGYT+dQeXZZA38KDRha7ibJbX0q06izWz4\nj01Dzo/gKMwEzMegbCMq+XyAKPAjXZhr7HmrclUZyzo+iMP51G3mEriG1HA7NFac\n8QIDAQAB\n-----END PUBLIC KEY-----\n"
|
6
|
+
KEY_SIZE = 2048
|
7
|
+
end
|
8
|
+
|
9
|
+
require "cript/cripter"
|
10
|
+
require "cript/simple"
|
11
|
+
require "cript/naive"
|
12
|
+
require "cript/store"
|
13
|
+
require "cript/ehash"
|
14
|
+
require "cript/hidr"
|
@@ -0,0 +1,89 @@
|
|
1
|
+
#
|
2
|
+
# Cript::Cripter
|
3
|
+
#
|
4
|
+
require 'openssl'
|
5
|
+
require 'base64'
|
6
|
+
|
7
|
+
module Cript
|
8
|
+
# Cript::Cripter is an abstract class for encryption implementations using RSA keys.
|
9
|
+
class Cripter
|
10
|
+
|
11
|
+
class Error < StandardError; end
|
12
|
+
|
13
|
+
# Build a new cripter
|
14
|
+
#
|
15
|
+
# Options:
|
16
|
+
# public_key_content
|
17
|
+
# private_key_content
|
18
|
+
# public_key_path
|
19
|
+
# private_key_path
|
20
|
+
# passphrase
|
21
|
+
def initialize(options = {})
|
22
|
+
@opt = options
|
23
|
+
|
24
|
+
unless [:public_key_content, :private_key_content, :public_key_path, :private_key_path].any? { |o| @opt[o] }
|
25
|
+
if File.file?("#{ENV['HOME']}/.ssh/id_rsa")
|
26
|
+
@opt[:private_key_path] = "#{ENV['HOME']}/.ssh/id_rsa"
|
27
|
+
end
|
28
|
+
if File.file?("#{ENV['HOME']}/.ssh/id_rsa.pub")
|
29
|
+
@opt[:public_key_path] = "#{ENV['HOME']}/.ssh/id_rsa.pub"
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
if [:private_key_content, :private_key_path].any? { |o| @opt[o] }
|
34
|
+
@private_key = OpenSSL::PKey::RSA.new(*[key_content(:private), @opt.delete(:passphrase)])
|
35
|
+
end
|
36
|
+
if [:public_key_content, :public_key_path].any? { |o| @opt[o] }
|
37
|
+
@public_key = OpenSSL::PKey::RSA.new(key_content)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def inspect
|
42
|
+
"#<#{self.class.name}>"
|
43
|
+
end
|
44
|
+
|
45
|
+
def encrypt(message)
|
46
|
+
raise Cript::Cripter::Error, "Implement me"
|
47
|
+
end
|
48
|
+
|
49
|
+
def decrypt(message)
|
50
|
+
raise Cript::Cripter::Error, "Implement me"
|
51
|
+
end
|
52
|
+
|
53
|
+
def echo(message)
|
54
|
+
decrypt(encrypt(message))
|
55
|
+
end
|
56
|
+
|
57
|
+
private
|
58
|
+
|
59
|
+
def key_content(type = :public)
|
60
|
+
type = :private unless type == :public
|
61
|
+
if @opt[:"#{type}_key_content"]
|
62
|
+
@opt[:"#{type}_key_content"]
|
63
|
+
elsif @opt[:"#{type}_key_path"]
|
64
|
+
content = File.read(@opt[:"#{type}_key_path"])
|
65
|
+
if content.include?("#{type.to_s.upcase} KEY")
|
66
|
+
content
|
67
|
+
else
|
68
|
+
ssh_key_to_pem(@opt[:"#{type}_key_path"])
|
69
|
+
end
|
70
|
+
else
|
71
|
+
raise Cript::Cripter::Error, "No #{type} key content"
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
def ssh_key_to_pem(path)
|
76
|
+
ssh_keygen("-f \"#{path}\" -e -m pem")
|
77
|
+
end
|
78
|
+
|
79
|
+
def ssh_keygen(cmd)
|
80
|
+
ssh_keygen = %x{ which ssh-keygen }.to_s.strip
|
81
|
+
if ssh_keygen != ""
|
82
|
+
%x{ #{ssh_keygen} #{cmd} }.to_s.strip
|
83
|
+
else
|
84
|
+
raise "ssh-keygen not available"
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
end
|
89
|
+
end
|
data/lib/cript/ehash.rb
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
#
|
2
|
+
# Cript::Hash
|
3
|
+
#
|
4
|
+
module Cript
|
5
|
+
# A hash backed by a Cript::Store object.
|
6
|
+
# All methods sent to an instance of this object are
|
7
|
+
# wrapped in a transaction and executed immediately.
|
8
|
+
class EHash
|
9
|
+
|
10
|
+
METHODS = Hash.new.methods - Object.new.methods
|
11
|
+
KEY = :data
|
12
|
+
|
13
|
+
def initialize(file, options = {})
|
14
|
+
@store = Store.new(file, options)
|
15
|
+
@store.transaction do
|
16
|
+
unless @store[KEY].is_a?(Hash)
|
17
|
+
@store[KEY] = {}
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def inspect
|
23
|
+
"#<#{self.class.name} path='#{@store.path}'>"
|
24
|
+
end
|
25
|
+
|
26
|
+
def method_missing(sym, *args, &block)
|
27
|
+
super if !METHODS.include?(sym) || block_given?
|
28
|
+
|
29
|
+
@store.transaction do
|
30
|
+
@store[KEY].send(sym, *args)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def respond_to?(sym)
|
35
|
+
METHODS.include?(sym)
|
36
|
+
end
|
37
|
+
|
38
|
+
end
|
39
|
+
end
|
data/lib/cript/hidr.rb
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
#
|
3
|
+
# Cript::Hidr
|
4
|
+
#
|
5
|
+
module Cript
|
6
|
+
# Hidr can be used to obscure strings in other utf-8 strings.
|
7
|
+
# This is not encryption, and it's not secure!
|
8
|
+
class Hidr
|
9
|
+
|
10
|
+
CHARS = {
|
11
|
+
ascii: ["\s","\t"],
|
12
|
+
unicode: ["\u200B","\uFEFF"],
|
13
|
+
orly: ["\u0CA0", "\u005F"]
|
14
|
+
}
|
15
|
+
|
16
|
+
class << self
|
17
|
+
def build(type)
|
18
|
+
if CHARS.has_key?(type)
|
19
|
+
new(b0: CHARS[type].first, b1: CHARS[type].last)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
CHARS.keys.each { |key| class_eval("def #{key}; build(:#{key}); end") }
|
23
|
+
end
|
24
|
+
|
25
|
+
def initialize(*o)
|
26
|
+
@o = o.last.is_a?(Hash) ? o.pop : {}
|
27
|
+
@o[:b0] ||= CHARS[:ascii].first
|
28
|
+
@o[:b1] ||= CHARS[:ascii].last
|
29
|
+
end
|
30
|
+
|
31
|
+
def h(m);m.unpack('b*').first.split("").map{|v|v=='0'?@o[:b0]:@o[:b1]}.join;end
|
32
|
+
def s(n);[n.chars.to_a.map{|y|y==@o[:b0]?'0':'1'}.join].pack('b*');end
|
33
|
+
def e(o);s(h(o));end
|
34
|
+
{ hide: :h, show: :s, echo: :e }.each { |k,v| alias_method k, v }
|
35
|
+
end
|
36
|
+
end
|
data/lib/cript/naive.rb
ADDED
@@ -0,0 +1,83 @@
|
|
1
|
+
#
|
2
|
+
# Cript::Naive
|
3
|
+
#
|
4
|
+
require 'openssl'
|
5
|
+
require 'base64'
|
6
|
+
|
7
|
+
module Cript
|
8
|
+
# Cript::Naive uses rsa keys to encrypt data.
|
9
|
+
# It allows you to easily encrypt and decrypt strings.
|
10
|
+
# Performance is poor because rsa public keys were not meant to do this.
|
11
|
+
class Naive < Cripter
|
12
|
+
|
13
|
+
class Error < StandardError; end
|
14
|
+
|
15
|
+
# Options:
|
16
|
+
# public_key_content
|
17
|
+
# private_key_content
|
18
|
+
#
|
19
|
+
# public_key_path
|
20
|
+
# private_key_path
|
21
|
+
#
|
22
|
+
# passphrase
|
23
|
+
#
|
24
|
+
# type
|
25
|
+
# size
|
26
|
+
# fingerprint
|
27
|
+
# comment
|
28
|
+
def initialize(options = {})
|
29
|
+
super
|
30
|
+
end
|
31
|
+
|
32
|
+
def inspect
|
33
|
+
"#<#{self.class.name} path=#{@opt[:public_key_path]}>"
|
34
|
+
end
|
35
|
+
|
36
|
+
def type
|
37
|
+
@opt[:type] || key_info[:type]
|
38
|
+
end
|
39
|
+
|
40
|
+
def size
|
41
|
+
@opt[:size] || key_info[:size]
|
42
|
+
end
|
43
|
+
|
44
|
+
def fingerprint
|
45
|
+
@opt[:fingerprint] || key_info[:fingerprint]
|
46
|
+
end
|
47
|
+
|
48
|
+
def comment
|
49
|
+
@opt[:comment] || key_info[:comment]
|
50
|
+
end
|
51
|
+
|
52
|
+
def encrypt(message)
|
53
|
+
Base64::encode64(
|
54
|
+
message.
|
55
|
+
bytes.
|
56
|
+
each_slice((size / 8) - 11).
|
57
|
+
map { |chunk| @public_key.public_encrypt(chunk.pack('C*')) }.
|
58
|
+
join)
|
59
|
+
end
|
60
|
+
|
61
|
+
def decrypt(message)
|
62
|
+
Base64::decode64(message).
|
63
|
+
bytes.
|
64
|
+
each_slice(size / 8).
|
65
|
+
map { |chunk| @private_key.private_decrypt(chunk.pack('C*')) }.
|
66
|
+
join
|
67
|
+
end
|
68
|
+
|
69
|
+
private
|
70
|
+
|
71
|
+
def key_info
|
72
|
+
@key_info ||= begin
|
73
|
+
if @opt[:public_key_path]
|
74
|
+
info = ssh_keygen("-l -f \"#{@opt[:public_key_path]}\"").split(/[\s]+/)
|
75
|
+
if info.length == 4
|
76
|
+
{ size: info[0].to_i, fingerprint: info[1], comment: info[2], type: info[3].match(/([\w]+)/)[1].downcase }
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
end
|
83
|
+
end
|
data/lib/cript/simple.rb
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
#
|
2
|
+
# Cript::Simple
|
3
|
+
#
|
4
|
+
require 'openssl'
|
5
|
+
require 'base64'
|
6
|
+
|
7
|
+
module Cript
|
8
|
+
# Cript::Simple is a simple ruby wrapper around RSA SSH keys and a blowfish cipher.
|
9
|
+
# It allows you to easily encrypt and decrypt strings.
|
10
|
+
class Simple < Cripter
|
11
|
+
|
12
|
+
def encrypt(message)
|
13
|
+
cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt
|
14
|
+
key = cipher.random_key
|
15
|
+
iv = cipher.random_iv
|
16
|
+
encrypted_message = cipher.update(message) + cipher.final
|
17
|
+
encrypted_key = @public_key.public_encrypt(key)
|
18
|
+
Base64::encode64(Marshal.dump([encrypted_key,iv,encrypted_message]))
|
19
|
+
end
|
20
|
+
|
21
|
+
def decrypt(message)
|
22
|
+
encrypted_key, iv, encrypted_message = Marshal.load(Base64::decode64(message))
|
23
|
+
key = @private_key.private_decrypt(encrypted_key)
|
24
|
+
cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').decrypt
|
25
|
+
cipher.key = key
|
26
|
+
cipher.iv = iv
|
27
|
+
cipher.update(encrypted_message) + cipher.final
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
data/lib/cript/store.rb
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
#
|
2
|
+
# Cript::Store
|
3
|
+
#
|
4
|
+
require 'pstore'
|
5
|
+
require 'cript/simple'
|
6
|
+
|
7
|
+
module Cript
|
8
|
+
# Cript::Store provides the same functionality as PStore, except it encrypts
|
9
|
+
# its data store on the file system.
|
10
|
+
class Store < ::PStore
|
11
|
+
|
12
|
+
# public_key_path
|
13
|
+
# private_key_path
|
14
|
+
#
|
15
|
+
# public_key_content
|
16
|
+
# public_key_path
|
17
|
+
#
|
18
|
+
# passphrase
|
19
|
+
# thread_safe
|
20
|
+
def initialize(file, options = {})
|
21
|
+
@opt = options
|
22
|
+
crypt_class = options.delete(:crypt_class) || Cript::Simple
|
23
|
+
@crypt = crypt_class.new(options)
|
24
|
+
thread_safe = !!options.delete(:thread_safe)
|
25
|
+
super(file, thread_safe)
|
26
|
+
end
|
27
|
+
|
28
|
+
def inspect
|
29
|
+
"#<#{self.class.name} path=#{path}>"
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
# :stopdoc:
|
35
|
+
|
36
|
+
# encrypt
|
37
|
+
def dump(table)
|
38
|
+
@crypt.encrypt(Marshal::dump(table))
|
39
|
+
end
|
40
|
+
|
41
|
+
# decrypt
|
42
|
+
def load(content)
|
43
|
+
Marshal::load(@crypt.decrypt(content))
|
44
|
+
end
|
45
|
+
|
46
|
+
def marshal_dump_supports_canonical_option?
|
47
|
+
false
|
48
|
+
end
|
49
|
+
|
50
|
+
EMPTY_MARSHAL_DATA = Marshal.dump({})
|
51
|
+
EMPTY_MARSHAL_CHECKSUM = Digest::MD5.digest(EMPTY_MARSHAL_DATA)
|
52
|
+
def empty_marshal_data
|
53
|
+
EMPTY_MARSHAL_DATA
|
54
|
+
end
|
55
|
+
def empty_marshal_checksum
|
56
|
+
EMPTY_MARSHAL_CHECKSUM
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
data/spec/ehash_spec.rb
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'fileutils'
|
3
|
+
|
4
|
+
describe Cript::EHash do
|
5
|
+
let(:file) { '/tmp/cript-spec.store' }
|
6
|
+
|
7
|
+
before(:each) do
|
8
|
+
FileUtils.rm(file) if File.file?(file)
|
9
|
+
end
|
10
|
+
|
11
|
+
after(:each) do
|
12
|
+
FileUtils.rm(file) if File.file?(file)
|
13
|
+
end
|
14
|
+
|
15
|
+
it 'should encrypt and decrypt' do
|
16
|
+
e = Cript::EHash.new(file, private_key_content: Cript::PRIVATE_KEY, public_key_content: Cript::PUBLIC_KEY)
|
17
|
+
data = 10.times.inject({}) { |data,i| data[SecureRandom.hex] = SecureRandom.random_bytes(4096); data }
|
18
|
+
data.keys.each do |key|
|
19
|
+
e[key] = data[key]
|
20
|
+
end
|
21
|
+
File.file?(file).should be_true
|
22
|
+
e.keys.should eql(data.keys)
|
23
|
+
data.keys.each do |key|
|
24
|
+
e[key].should eql(data[key])
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/spec/hidr_spec.rb
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe Cript::Hidr do
|
5
|
+
let(:ascii) { SecureRandom.base64(10240) }
|
6
|
+
let(:bytes) { SecureRandom.random_bytes(10240) }
|
7
|
+
|
8
|
+
context "ascii out" do
|
9
|
+
let(:hidr) { Cript::Hidr.ascii }
|
10
|
+
|
11
|
+
it 'should echo ascii' do
|
12
|
+
hidr.e(ascii).should eql(ascii)
|
13
|
+
end
|
14
|
+
|
15
|
+
it 'should echo bytes' do
|
16
|
+
hidr.e(bytes).should eql(bytes)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
context "unicode out" do
|
21
|
+
let(:hidr) { Cript::Hidr.unicode }
|
22
|
+
|
23
|
+
it 'should echo ascii' do
|
24
|
+
hidr.e(ascii).should eql(ascii)
|
25
|
+
end
|
26
|
+
|
27
|
+
it 'should echo bytes' do
|
28
|
+
hidr.e(bytes).should eql(bytes)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
context "orly out" do
|
33
|
+
let(:hidr) { Cript::Hidr.orly }
|
34
|
+
|
35
|
+
it 'should echo ascii' do
|
36
|
+
hidr.e(ascii).should eql(ascii)
|
37
|
+
end
|
38
|
+
|
39
|
+
it 'should echo bytes' do
|
40
|
+
hidr.e(bytes).should eql(bytes)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
data/spec/naive_spec.rb
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Cript::Naive do
|
4
|
+
let(:naive) do
|
5
|
+
Cript::Simple.new({
|
6
|
+
private_key_content: Cript::PRIVATE_KEY,
|
7
|
+
public_key_content: Cript::PUBLIC_KEY,
|
8
|
+
size: Cript::KEY_SIZE
|
9
|
+
})
|
10
|
+
end
|
11
|
+
let(:small_data) { SecureRandom.random_bytes }
|
12
|
+
let(:big_data) { SecureRandom.random_bytes(102400) }
|
13
|
+
|
14
|
+
it 'should echo small data' do
|
15
|
+
naive.echo(small_data).should eql(small_data)
|
16
|
+
end
|
17
|
+
|
18
|
+
it 'should echo big data' do
|
19
|
+
naive.echo(big_data).should eql(big_data)
|
20
|
+
end
|
21
|
+
end
|
data/spec/simple_spec.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Cript::Simple do
|
4
|
+
let(:simple) do
|
5
|
+
Cript::Simple.new({
|
6
|
+
private_key_content: Cript::PRIVATE_KEY,
|
7
|
+
public_key_content: Cript::PUBLIC_KEY
|
8
|
+
})
|
9
|
+
end
|
10
|
+
let(:small_data) { SecureRandom.random_bytes }
|
11
|
+
let(:big_data) { SecureRandom.random_bytes(1048576) }
|
12
|
+
|
13
|
+
it 'should echo small data' do
|
14
|
+
simple.echo(small_data).should eql(small_data)
|
15
|
+
end
|
16
|
+
|
17
|
+
it 'should echo big data' do
|
18
|
+
simple.echo(big_data).should eql(big_data)
|
19
|
+
end
|
20
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,120 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: cript
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Andrew Tongen
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2013-10-27 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: bundler
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '1.3'
|
22
|
+
type: :development
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ~>
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '1.3'
|
30
|
+
- !ruby/object:Gem::Dependency
|
31
|
+
name: rake
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
33
|
+
none: false
|
34
|
+
requirements:
|
35
|
+
- - ! '>='
|
36
|
+
- !ruby/object:Gem::Version
|
37
|
+
version: '0'
|
38
|
+
type: :development
|
39
|
+
prerelease: false
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ! '>='
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: '0'
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: rspec
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ! '>='
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
type: :development
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
description: Simple Encryption Tools for Ruby
|
63
|
+
email:
|
64
|
+
- atongen@gmail.com
|
65
|
+
executables: []
|
66
|
+
extensions: []
|
67
|
+
extra_rdoc_files: []
|
68
|
+
files:
|
69
|
+
- .gitignore
|
70
|
+
- .travis.yml
|
71
|
+
- Gemfile
|
72
|
+
- LICENSE.txt
|
73
|
+
- README.md
|
74
|
+
- Rakefile
|
75
|
+
- cript.gemspec
|
76
|
+
- lib/cript.rb
|
77
|
+
- lib/cript/cripter.rb
|
78
|
+
- lib/cript/ehash.rb
|
79
|
+
- lib/cript/hidr.rb
|
80
|
+
- lib/cript/naive.rb
|
81
|
+
- lib/cript/simple.rb
|
82
|
+
- lib/cript/store.rb
|
83
|
+
- lib/cript/version.rb
|
84
|
+
- spec/ehash_spec.rb
|
85
|
+
- spec/hidr_spec.rb
|
86
|
+
- spec/naive_spec.rb
|
87
|
+
- spec/simple_spec.rb
|
88
|
+
- spec/spec_helper.rb
|
89
|
+
homepage: https://github.com/atongen/cript
|
90
|
+
licenses:
|
91
|
+
- MIT
|
92
|
+
post_install_message:
|
93
|
+
rdoc_options: []
|
94
|
+
require_paths:
|
95
|
+
- lib
|
96
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
97
|
+
none: false
|
98
|
+
requirements:
|
99
|
+
- - ! '>='
|
100
|
+
- !ruby/object:Gem::Version
|
101
|
+
version: '0'
|
102
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
103
|
+
none: false
|
104
|
+
requirements:
|
105
|
+
- - ! '>='
|
106
|
+
- !ruby/object:Gem::Version
|
107
|
+
version: '0'
|
108
|
+
requirements: []
|
109
|
+
rubyforge_project:
|
110
|
+
rubygems_version: 1.8.23
|
111
|
+
signing_key:
|
112
|
+
specification_version: 3
|
113
|
+
summary: Simple Encryption Tools for Ruby
|
114
|
+
test_files:
|
115
|
+
- spec/ehash_spec.rb
|
116
|
+
- spec/hidr_spec.rb
|
117
|
+
- spec/naive_spec.rb
|
118
|
+
- spec/simple_spec.rb
|
119
|
+
- spec/spec_helper.rb
|
120
|
+
has_rdoc:
|