devise-encryptable-mysql-aes 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/.gitignore +1 -0
  2. data/Gemfile +7 -0
  3. data/README.md +0 -0
  4. data/devise-encryptable-mysql-aes.gemspec +14 -0
  5. data/lib/devise-encryptable-mysql-aes.rb +1 -0
  6. data/lib/encryptors/mysql_aes128.rb +47 -0
  7. metadata +83 -0
data/.gitignore ADDED
@@ -0,0 +1 @@
1
+ *.swp
data/Gemfile ADDED
@@ -0,0 +1,7 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gemspec
4
+
5
+ gem 'devise', '~> 3.1'
6
+ gem 'rails', "~> 3.2"
7
+ gem 'openssl'
data/README.md ADDED
File without changes
data/devise-encryptable-mysql-aes.gemspec ADDED
@@ -0,0 +1,14 @@
1
+ Gem::Specification.new do |gem|
2
+ gem.name = %q{devise-encryptable-mysql-aes}
3
+ gem.version = %q{0.0.1}
4
+ gem.date = %q{2013-10-19}
5
+ gem.description = %q{AES encryption plugin for devise. Encrypt in such a way that the results work with MySQL's native AES_ENCRYPT and AES_DECRYPT functions}
6
+ gem.summary = %q{Devise AES encryption consistent with native MySQL AES}
7
+ gem.authors = ['Anthus Williams']
8
+ gem.email = %q{anthuswilliams@gmail.com}
9
+ gem.files = `git ls-files`.split($\)
10
+ gem.require_paths = ['lib']
11
+
12
+ gem.add_dependency('devise','>= 3.1.1')
13
+ gem.add_dependency('devise-encryptable', '>= 0.1.2')
14
+ end
data/lib/devise-encryptable-mysql-aes.rb ADDED
@@ -0,0 +1 @@
1
+ require 'encryptors/mysql_aes128.rb'
data/lib/encryptors/mysql_aes128.rb ADDED
@@ -0,0 +1,47 @@
1
+ require 'openssl'
2
+
3
+ module Devise
4
+ module Encryptable
5
+ module Encryptors
6
+ # Use the AES (formerly Rijndael) algorithm to encrypt passwords, and then pad the results with \0 bytes in such away that the hashes are consistent with the results of mysql's AES_ENCRYPT() and AES_DECRYPT() functions
7
+ class MysqlAes128 < Base
8
+ class << self
9
+ # MySQL's AES_ENCRYPT runs in ECB mode and doesn't use any initialization vector at all
10
+ # we use pepper as the common key for all our encryptions, only using the salt stored in the DB as a backup if pepper is undefined
11
+ def digest(string, stretches, salt, pepper)
12
+ self.aes(:encrypt, pepper ? self.mysql_key(pepper) : salt, string)
13
+ end
14
+ alias :encrypt :digest
15
+
16
+ # format the token returned from Devise's base generator into 16-byte blocks for consumption by MySQL
17
+ # this method is called by devise-encryptable when setting a new password
18
+ def salt(stretches)
19
+ self.mysql_key(super)
20
+ end
21
+
22
+ protected
23
+
24
+ def aes(method, key, string)
25
+ cipher = OpenSSL::Cipher::Cipher.new('aes-128-ecb').send(method)
26
+ cipher.key = key
27
+ cipher.update(string) + cipher.final
28
+ end
29
+
30
+ # given a token, produce a 16-byte key
31
+ # note that this is idempotent in the sense that a key that is 16 bytes will return unchanged
32
+ def mysql_key(key)
33
+ # start with an empty 16 byte buffer
34
+ ret = "\0" * 16
35
+ # on each byte of our key, perform a bitwise OR with each element of the original key which as the same index mod 16
36
+ # except we use the ordinals of each character since we would need, for example, "hello"[0] to return 104 instead of "h"
37
+ key.length.times do |i|
38
+ ret[i%16] = ( ret[i%16].ord ^ key[i].ord ).chr
39
+ end
40
+
41
+ ret
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
47
+ end
metadata ADDED
@@ -0,0 +1,83 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: devise-encryptable-mysql-aes
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Anthus Williams
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-10-19 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: devise
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
21
+ version: 3.1.1
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ! '>='
28
+ - !ruby/object:Gem::Version
29
+ version: 3.1.1
30
+ - !ruby/object:Gem::Dependency
31
+ name: devise-encryptable
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: 0.1.2
38
+ type: :runtime
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ! '>='
44
+ - !ruby/object:Gem::Version
45
+ version: 0.1.2
46
+ description: AES encryption plugin for devise. Encrypt in such a way that the results
47
+ work with MySQL's native AES_ENCRYPT and AES_DECRYPT functions
48
+ email: anthuswilliams@gmail.com
49
+ executables: []
50
+ extensions: []
51
+ extra_rdoc_files: []
52
+ files:
53
+ - .gitignore
54
+ - Gemfile
55
+ - README.md
56
+ - devise-encryptable-mysql-aes.gemspec
57
+ - lib/devise-encryptable-mysql-aes.rb
58
+ - lib/encryptors/mysql_aes128.rb
59
+ homepage:
60
+ licenses: []
61
+ post_install_message:
62
+ rdoc_options: []
63
+ require_paths:
64
+ - lib
65
+ required_ruby_version: !ruby/object:Gem::Requirement
66
+ none: false
67
+ requirements:
68
+ - - ! '>='
69
+ - !ruby/object:Gem::Version
70
+ version: '0'
71
+ required_rubygems_version: !ruby/object:Gem::Requirement
72
+ none: false
73
+ requirements:
74
+ - - ! '>='
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ requirements: []
78
+ rubyforge_project:
79
+ rubygems_version: 1.8.25
80
+ signing_key:
81
+ specification_version: 3
82
+ summary: Devise AES encryption consistent with native MySQL AES
83
+ test_files: []