encrypted_json 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in encrypted_json.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Matt Jezorek
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# EncryptedJson
+
+This is a library to do encryption of JSON 
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'encrypted_json'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install encrypted_json
+
+## Usage
+
+
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,10 @@
+require "bundler"
+Bundler::GemHelper.install_tasks
+
+desc "Run all tests"
+task :default => :spec
+
+desc "Run Specs"
+task :spec do 
+	system 'bundle exec rspec --color --format documentation spec/*_spec.rb'
+end

data/encrypted_json.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'encrypted_json/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "encrypted_json"
+  spec.version       = EncryptedJson::VERSION
+  spec.authors       = ["Matt Jezorek"]
+  spec.email         = ["mjezorek@gmail.com"]
+  spec.description   = %q{This gem will enable you to sign and encrypt JSON for webservice calls or other reasons with public/private keys}
+  spec.summary       = %q{Public/Private key encryption and signing of JSON}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "json"
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+end

data/lib/encrypted_json.rb

@@ -0,0 +1,77 @@
+require "json"
+require "base64"
+require "encrypted_json/version"
+require "encrypted_json/errors"
+require 'openssl' unless defined?(OpenSSL)
+
+module EncryptedJson
+  class Secure
+
+  	def initialize(key, password='', digest='SHA1')
+  		if password != ''
+  			@key = OpenSSL::PKey::RSA.new(key, password)
+  		else
+  			@key = OpenSSL::PKey::RSA.new(key)
+  		end
+  		@digest = digest
+  	end
+
+  	def encrypt(input, password = '') 
+  		if input.is_a?(String)
+  			i = input
+  		else
+  			i = input.to_json
+  		end
+  		begin
+  			if @key.private?
+  				data = Base64.encode64(@key.private_encrypt(i))
+  			else
+  				data = Base64.encode64(@key.public_encrypt(i))
+  			end
+  			[sign(i), data].to_json
+  		rescue => e
+  			raise EncryptionError
+  		end
+  	end
+
+  	def decrypt(input, password = '')
+  		data = ""
+  		digest, edata = json_decode(input)
+  		begin
+  			if @key.private?
+  				data = @key.private_decrypt(Base64.decode64(edata))
+  			else
+  				data = @key.public_decrypt(Base64.decode64(edata))
+  			end
+  		rescue => e
+  			raise DecryptionError
+  		end
+  		raise SignatureError unless digest == sign(data)
+  		begin
+  			JSON.parse(data)
+  		rescue
+  			data
+  		end
+  	end
+
+  	def json_decode(input)
+  		begin
+  			parts = JSON.parse(input)
+  		rescue TypeError, JSON::ParserError
+  			raise InputError
+  		end
+  		raise InputError unless parts.instance_of?(Array) && parts.length == 2
+  		parts		
+  	end
+
+  	def sign(input)
+  		digest = OpenSSL::Digest.const_get(@digest).new
+  		if @key.private?
+  			secret = Digest::MD5.hexdigest(@key.public_key.to_der)
+  		else
+  			secret = Digest::MD5.hexdigest(@key.to_der)
+  		end
+  		OpenSSL::HMAC.hexdigest(digest, secret, input)
+  	end
+  end
+end

data/lib/encrypted_json/errors.rb

@@ -0,0 +1,7 @@
+module EncryptedJson
+  class Error < RuntimeError; end
+  class InputError < Error; end
+  class SignatureError < Error; end
+  class EncryptionError < Error; end
+  class DecryptionError < Error; end
+end

data/lib/encrypted_json/version.rb

@@ -0,0 +1,3 @@
+module EncryptedJson
+  VERSION = "0.0.1"
+end

data/spec/encrypted_json_spec.rb

@@ -0,0 +1,63 @@
+require 'spec_helper'
+
+describe EncryptedJson do 
+	describe "round trip private encryption/decryption" do
+		it 'round trip as string' do 
+			"a string".should round_trip_private_encrypted_json
+		end
+		
+		it "round-trips an array of strings and ints" do
+      		[1, 'a', 2, 'b'].should round_trip_private_encrypted_json
+    	end
+
+    	it "round-trips a hash with string keys, string and int values" do
+     		{ 'a' => 'b', 'b' => 2 }.should round_trip_private_encrypted_json
+    	end
+
+    	it "round-trips a nested array" do
+      		[ 'a', [ 'b', [ 'c', 'd' ], 'e' ], 'f' ].should round_trip_private_encrypted_json
+    	end
+
+    	it "round-trips a hash/array/string/int structure" do
+     		{ 'a' => [ 'b' ], 'd' => { 'e' => 'f' }, 'g' => 10 }.should round_trip_private_encrypted_json
+    	end
+	end
+
+
+
+	describe "round trip public encryption/decryption" do
+		it 'round trip as string' do 
+			"a string".should round_trip_public_encrypted_json
+		end
+		
+		it "round-trips an array of strings and ints" do
+      		[1, 'a', 2, 'b'].should round_trip_public_encrypted_json
+    	end
+
+    	it "round-trips a hash with string keys, string and int values" do
+     		{ 'a' => 'b', 'b' => 2 }.should round_trip_public_encrypted_json
+    	end
+
+    	it "round-trips a nested array" do
+      		[ 'a', [ 'b', [ 'c', 'd' ], 'e' ], 'f' ].should round_trip_public_encrypted_json
+    	end
+
+    	it "round-trips a hash/array/string/int structure" do
+     		{ 'a' => [ 'b' ], 'd' => { 'e' => 'f' }, 'g' => 10 }.should round_trip_public_encrypted_json
+    	end
+	end
+
+	describe "Secure#encrypt" do
+
+    	it "returns a string" do
+    		encrypter = EncryptedJson::Secure.new(File.read("spec/private.pem"), 'abcd').encrypt('test')
+      		encrypter.should be_instance_of(String)
+    	end
+
+    	it "returns a valid JSON-encoded array" do
+     		encrypter = EncryptedJson::Secure.new(File.read("spec/private.pem"), 'abcd').encrypt('test')
+      		JSON.parse(encrypter).should be_instance_of(Array)
+    	end
+  	end
+
+end

data/spec/private.pem

@@ -0,0 +1,31 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0CE99AF26B7E280D
+
+QMbKZtEolKHd6GS/VhWT7JpO+Ux2yZI54+OPVhPQ6K7/IjOM+CTAuWIn4H8/Xt7z
+Nl0p6ZHs2M2GILPiWVNCgkh0yhjEbNcFTX9f7I82E1KvdoV2GrBf4nzvuqxy/NAY
+pq/xc5kWbbKwcEFCoIQjhYXORmn5Msi3AbSRSfmLatEPnVT0uOO8sI7aryXJ3e+B
+c794RFS56JrQKbgPUUo1jz4dPnp7WF5FCEdfpyBvNZCy2QNji23hMGTc3msAWYuB
+bsBxISiK9MRjDYDqkkSKEdzDp2VID5dPKdGjwK5VebUWkR/gJiaD1dG0fTLuL0nL
+yOzLGWAss1TkUKJ4gOZfCfA2jkjgG9mokANtPav5FOqhBcpwWOp9ZbYIMKBzfEos
+4me29uBgTtQPGRJ/I8s8bG95aHx0Yb48cXQutzGthlO0DD+QwCW1YeKFghDMHefm
+84iFANDaSX8IBGMuacBB1+4B9DGzDZ8NM9UiK7hqIIpiXpkX9UtfxTg2LedcZM24
+PP6g7mhJ27EA5MOL+eGIA8xZY/UebJXR4w2DYZmqHZjCIsWSaNkDaXreuMzteIbX
+nrb3Kd7JmI0m9ngtXzG4pjwwLOYf2XpEFvwMDPI+k16JgwcaCmSWsFhldLRBZAQL
+ySV9IW5YUfKzFsCsWd6jrifaNlp36bbuvE650ifQrWP5qzUnYEM2zny+RaR+FKh2
+9wFo3BWgJLT82oEaWFfaddTGbRRGD5kxFF/m2je2CBQBVNMdP3qQqredMqDvPITO
+EWpv0O8LN9vaR0lyZpitEdaFeTcc2djwAQggbmg2cJxrQtLgL2GizUTuLDHAeZgW
+zUtgxu51piRkkH5KeNy+EIhD3ZaZRklR6+MkEafMVioIjTBrS2U5E7jsQBLMMY7g
+7wfw8D2LpucUPdnAD7MyQKSNgKm3krE9vEYUlz5dWO5FLo449VDiBN/FlwybcjH6
+8RCA5mx2T1vhPItINuEv2XhCANrbHy8x7HALnf9DRW5F09I7E4XQAaWvLUbJ+pOE
+6jpX2clvrvsL/yELx+hcHyf2Q++lTEcbE3jHhq8EFjPQNlrQ3DoUugq7a5I3AvSV
+QPrI/RBgEXBgn/5sztpc921J4cY9Xt4c3Sjh0lzSlCK7t2QemJVp3LlinjGX7wXu
+xT/py375kdS6GWU2HpSnjttgm2UwIMkKuv7JioJzpnkZ+O0gTa608AnKBmksnKS7
+owiK4ALGgnIeSDJX5q6g7lC3SNKl7EgR3ijN/z/ZgGJQiwJXBY7C6UIbcNW2+mxd
+GhW4nl/sCbaNVZpbFRoa6d4DdPp/qujit7Gz3azBeUhbcHbK/ruJDewF2YMqWtqe
+PTTKrUcFSBHSLsnrUHZ9afH1ALNG6NviQYknrT8ldrUI6E8WUy1OSdT9a6R97l0x
+vPmVyMeREKtEfL+qVp6PMFm0V8qMocXUYDjFQEPkKWK71ZencluwaFwpJfzwKqIF
+iOug7coJbPpkeNkHlyxFncZTaiN6SG7M2caMrVIfb+RzqyIo0cMx9sjMM1C9u4Pi
+VCccUVGQxETvczCHubY798hkBrZ+g8O1aZq+oNQjbs5lhhD5PPP+/9tZ15QtldSr
+VC9UZnXCnWhQxrCrcpVz2A==
+-----END RSA PRIVATE KEY-----

data/spec/public.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBJjANBgkqhkiG9w0BAQEFAAOCARMAMIIBDgKCAQUNEbFpS+zLc30lOkbLBFG7
+mcgCZPXSMPnRLogU2LZLePkWur7HskdannVEr6k7pbsirflehU01EYdTm/WNfJuV
+01jAyfkLr9AQZ7XpllUsWv9V0+0I5jMVDPZx/2cr8zELs4ILlhz9VH4OY9PfdEWo
+XVi7o0VTSJFsipW7d7SebxqtQ6AiWtwEyRPQ48wybxuQfshaoDwdyAdjkcVF1Md0
+IHs+UtShQP4Hqmg7XOZItJ0EPEuvPY0muO2CDjf8yIV7eisF4TZXMNaeiIVjOgpN
+8SP/SwRtAYmqTxrt1qNL/rWB1h3LYXZEP19U+ytRAL5YUjyKirYc0K/gJz82IF/F
+knx1mykCAwEAAQ==
+-----END PUBLIC KEY-----

data/spec/spec_helper.rb

@@ -0,0 +1,62 @@
+require "encrypted_json"
+RSpec::Matchers.define :round_trip_private_encrypted_json do
+	match do | actual |
+		encrypter = EncryptedJson::Secure.new(File.read("spec/private.pem"), 'abcd')
+		decrypter = EncryptedJson::Secure.new(File.read("spec/public.pem"))
+
+		@encoded = encrypter.encrypt(actual)
+		@decoded = decrypter.decrypt(@encoded)
+
+		if @encoded == actual
+			fail_because :not_encrypted
+		elsif @decoded != actual
+			fail_because :mismatch
+		else
+			true
+		end
+	end
+
+	def fail_because(reason_code)
+		@reason = reason_code
+		false
+	end
+
+	failure_message_for_should do | actual | 
+		if @reason == :not_encrypted
+			"Expected encrypted to be different to original input: #{actual}"
+		elsif @reason == :mismatch
+			"Expected decdoe to equal original input, got '#{@decoded}'"
+		end
+	end
+end
+
+RSpec::Matchers.define :round_trip_public_encrypted_json do
+	match do | actual |
+		encrypter = EncryptedJson::Secure.new(File.read("spec/public.pem"))
+		decrypter = EncryptedJson::Secure.new(File.read("spec/private.pem"), 'abcd')
+
+		@encoded = encrypter.encrypt(actual)
+		@decoded = decrypter.decrypt(@encoded)
+
+		if @encoded == actual
+			fail_because :not_encrypted
+		elsif @decoded != actual
+			fail_because :mismatch
+		else
+			true
+		end
+	end
+
+	def fail_because(reason_code)
+		@reason = reason_code
+		false
+	end
+
+	failure_message_for_should do | actual | 
+		if @reason == :not_encrypted
+			"Expected encrypted to be different to original input: #{actual}"
+		elsif @reason == :mismatch
+			"Expected decdoe to equal original input, got '#{@decoded}'"
+		end
+	end
+end

metadata

@@ -0,0 +1,126 @@
+--- !ruby/object:Gem::Specification 
+name: encrypted_json
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Matt Jezorek
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2013-09-30 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: json
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 3
+        version: "1.3"
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+description: This gem will enable you to sign and encrypt JSON for webservice calls or other reasons with public/private keys
+email: 
+- mjezorek@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- encrypted_json.gemspec
+- lib/encrypted_json.rb
+- lib/encrypted_json/errors.rb
+- lib/encrypted_json/version.rb
+- spec/encrypted_json_spec.rb
+- spec/private.pem
+- spec/public.pem
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: ""
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Public/Private key encryption and signing of JSON
+test_files: 
+- spec/encrypted_json_spec.rb
+- spec/private.pem
+- spec/public.pem
+- spec/spec_helper.rb