devise-encryptable-mysql-aes 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/Gemfile +7 -0
- data/README.md +0 -0
- data/devise-encryptable-mysql-aes.gemspec +14 -0
- data/lib/devise-encryptable-mysql-aes.rb +1 -0
- data/lib/encryptors/mysql_aes128.rb +47 -0
- metadata +83 -0
data/.gitignore
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
*.swp
|
data/Gemfile
ADDED
data/README.md
ADDED
File without changes
|
@@ -0,0 +1,14 @@
|
|
1
|
+
Gem::Specification.new do |gem|
|
2
|
+
gem.name = %q{devise-encryptable-mysql-aes}
|
3
|
+
gem.version = %q{0.0.1}
|
4
|
+
gem.date = %q{2013-10-19}
|
5
|
+
gem.description = %q{AES encryption plugin for devise. Encrypt in such a way that the results work with MySQL's native AES_ENCRYPT and AES_DECRYPT functions}
|
6
|
+
gem.summary = %q{Devise AES encryption consistent with native MySQL AES}
|
7
|
+
gem.authors = ['Anthus Williams']
|
8
|
+
gem.email = %q{anthuswilliams@gmail.com}
|
9
|
+
gem.files = `git ls-files`.split($\)
|
10
|
+
gem.require_paths = ['lib']
|
11
|
+
|
12
|
+
gem.add_dependency('devise','>= 3.1.1')
|
13
|
+
gem.add_dependency('devise-encryptable', '>= 0.1.2')
|
14
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'encryptors/mysql_aes128.rb'
|
@@ -0,0 +1,47 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
|
3
|
+
module Devise
|
4
|
+
module Encryptable
|
5
|
+
module Encryptors
|
6
|
+
# Use the AES (formerly Rijndael) algorithm to encrypt passwords, and then pad the results with \0 bytes in such away that the hashes are consistent with the results of mysql's AES_ENCRYPT() and AES_DECRYPT() functions
|
7
|
+
class MysqlAes128 < Base
|
8
|
+
class << self
|
9
|
+
# MySQL's AES_ENCRYPT runs in ECB mode and doesn't use any initialization vector at all
|
10
|
+
# we use pepper as the common key for all our encryptions, only using the salt stored in the DB as a backup if pepper is undefined
|
11
|
+
def digest(string, stretches, salt, pepper)
|
12
|
+
self.aes(:encrypt, pepper ? self.mysql_key(pepper) : salt, string)
|
13
|
+
end
|
14
|
+
alias :encrypt :digest
|
15
|
+
|
16
|
+
# format the token returned from Devise's base generator into 16-byte blocks for consumption by MySQL
|
17
|
+
# this method is called by devise-encryptable when setting a new password
|
18
|
+
def salt(stretches)
|
19
|
+
self.mysql_key(super)
|
20
|
+
end
|
21
|
+
|
22
|
+
protected
|
23
|
+
|
24
|
+
def aes(method, key, string)
|
25
|
+
cipher = OpenSSL::Cipher::Cipher.new('aes-128-ecb').send(method)
|
26
|
+
cipher.key = key
|
27
|
+
cipher.update(string) + cipher.final
|
28
|
+
end
|
29
|
+
|
30
|
+
# given a token, produce a 16-byte key
|
31
|
+
# note that this is idempotent in the sense that a key that is 16 bytes will return unchanged
|
32
|
+
def mysql_key(key)
|
33
|
+
# start with an empty 16 byte buffer
|
34
|
+
ret = "\0" * 16
|
35
|
+
# on each byte of our key, perform a bitwise OR with each element of the original key which as the same index mod 16
|
36
|
+
# except we use the ordinals of each character since we would need, for example, "hello"[0] to return 104 instead of "h"
|
37
|
+
key.length.times do |i|
|
38
|
+
ret[i%16] = ( ret[i%16].ord ^ key[i].ord ).chr
|
39
|
+
end
|
40
|
+
|
41
|
+
ret
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
metadata
ADDED
@@ -0,0 +1,83 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: devise-encryptable-mysql-aes
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Anthus Williams
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2013-10-19 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: devise
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: 3.1.1
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ! '>='
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 3.1.1
|
30
|
+
- !ruby/object:Gem::Dependency
|
31
|
+
name: devise-encryptable
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
33
|
+
none: false
|
34
|
+
requirements:
|
35
|
+
- - ! '>='
|
36
|
+
- !ruby/object:Gem::Version
|
37
|
+
version: 0.1.2
|
38
|
+
type: :runtime
|
39
|
+
prerelease: false
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ! '>='
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: 0.1.2
|
46
|
+
description: AES encryption plugin for devise. Encrypt in such a way that the results
|
47
|
+
work with MySQL's native AES_ENCRYPT and AES_DECRYPT functions
|
48
|
+
email: anthuswilliams@gmail.com
|
49
|
+
executables: []
|
50
|
+
extensions: []
|
51
|
+
extra_rdoc_files: []
|
52
|
+
files:
|
53
|
+
- .gitignore
|
54
|
+
- Gemfile
|
55
|
+
- README.md
|
56
|
+
- devise-encryptable-mysql-aes.gemspec
|
57
|
+
- lib/devise-encryptable-mysql-aes.rb
|
58
|
+
- lib/encryptors/mysql_aes128.rb
|
59
|
+
homepage:
|
60
|
+
licenses: []
|
61
|
+
post_install_message:
|
62
|
+
rdoc_options: []
|
63
|
+
require_paths:
|
64
|
+
- lib
|
65
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
66
|
+
none: false
|
67
|
+
requirements:
|
68
|
+
- - ! '>='
|
69
|
+
- !ruby/object:Gem::Version
|
70
|
+
version: '0'
|
71
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
72
|
+
none: false
|
73
|
+
requirements:
|
74
|
+
- - ! '>='
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
requirements: []
|
78
|
+
rubyforge_project:
|
79
|
+
rubygems_version: 1.8.25
|
80
|
+
signing_key:
|
81
|
+
specification_version: 3
|
82
|
+
summary: Devise AES encryption consistent with native MySQL AES
|
83
|
+
test_files: []
|