encrypted_strings 0.1.0 → 0.1.1

data/CHANGELOG.rdoc

@@ -1,5 +1,11 @@
 == master
 
+== 0.1.1 / 2008-12-01
+
+* Fix non-compliant PKCS #5 algorithm being used for symmetric encryption. Use :pkcs5_compliant => true for better security.
+* Rename SymmetricEncryptor#key to #password
+* Fix deprecation messages for Cipher#encrypt/decrypt
+
 == 0.1.0 / 2008-07-06
 
 * Remove dependency on active_support

data/README.rdoc

@@ -57,7 +57,7 @@ the resulting encrypted value is the same.
 
   >> password = "shhhh"
   => "shhhh"
-  >> crypted_password = password.encrypt(:symmetric, :key => "my_key")
+  >> crypted_password = password.encrypt(:symmetric, :password => "secret_key")
   => "jDACXI5hMPI=\n"
   >> crypted_password.class
   => String

data/Rakefile

@@ -5,11 +5,11 @@ require 'rake/contrib/sshpublisher'
 
 spec = Gem::Specification.new do |s|
   s.name              = 'encrypted_strings'
-  s.version           = '0.1.0'
+  s.version           = '0.1.1'
   s.platform          = Gem::Platform::RUBY
   s.summary           = 'Dead-simple string encryption/decryption syntax.'
   
-  s.files             = FileList['{lib,test}/**/*'].to_a + %w(CHANGELOG.rdoc init.rb LICENSE Rakefile README.rdoc)
+  s.files             = FileList['{lib,test}/**/*'] + %w(CHANGELOG.rdoc init.rb LICENSE Rakefile README.rdoc)
   s.require_path      = 'lib'
   s.has_rdoc          = true
   s.test_files        = Dir['test/**/*_test.rb']

data/lib/encrypted_strings/asymmetric_encryptor.rb

@@ -38,28 +38,32 @@ module PluginAWeek #:nodoc:
     # 
     #   PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_private_key_file = "./private.key"
     #   PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_algorithm = "DES-EDE3-CBC"
-    #   PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key = "secret_key"
+    #   PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password = "secret"
     # 
     # If these configuration options are not passed in to #decrypt, then the
     # default values will be used.  You can override the default values like so:
     # 
     #   password = "INy95irZ8AlHmvc6ZAF/ARsTpbqPIB/4bEAKKOebjsayB7NYWtIzpswvzxqf\nNJ5yyuvxfMODrcg7RimEMFkFlg==\n"
-    #   password.decrypt(:asymmetric, :public_key_file => "./encrypted_public.key", :key => "secret") # => "shhhh"
+    #   password.decrypt(:asymmetric, :public_key_file => "./encrypted_public.key", :password => "secret") # => "shhhh"
     # 
     # An exception will be raised if either the private key file could not be
     # found or the key could not decrypt the private key file.
     class AsymmetricEncryptor < Encryptor
-      # The default private key to use during encryption.  Default is nil.
-      @default_private_key_file = nil
-      class << self; attr_accessor :default_private_key_file; end
+      class << self
+        # The default private key to use during encryption.  Default is nil.
+        attr_accessor :default_private_key_file
+        
+        # The default public key to use during encryption.  Default is nil.
+        attr_accessor :default_public_key_file
+        
+        # The default algorithm to use.  Default is nil.
+        attr_accessor :default_algorithm
+      end
       
-      # The default public key to use during encryption.  Default is nil.
+      # Set defaults
+      @default_private_key_file = nil
       @default_public_key_file = nil
-      class << self; attr_accessor :default_public_key_file; end
-      
-      # The default algorithm to use.  Default is nil.
       @default_algorithm = nil
-      class << self; attr_accessor :default_algorithm; end
       
       # Private key used for decrypting data
       attr_reader :private_key_file
@@ -70,30 +74,36 @@ module PluginAWeek #:nodoc:
       # The algorithm to use if the key files are encrypted themselves
       attr_accessor :algorithm
       
-      # The key used during symmetric decryption of the key files
-      attr_accessor :key
+      # The password used during symmetric decryption of the key files
+      attr_accessor :password
       
       # Configuration options:
       # * +private_key_file+ - Encrypted private key file
       # * +public_key_file+ - Public key file
-      # * +key+ - The key to use in the symmetric encryptor
+      # * +password+ - The password to use in the symmetric encryptor
+      # * +key+ - DEPRECATED. The password to use in the symmetric encryptor
       # * +algorithm+ - Algorithm to use symmetrically encrypted strings
+      # * +pkcs5_compliant+ - Whether the generated key/iv should comply to the PKCS #5 standard. Default is false.
       def initialize(options = {})
-        invalid_options = options.keys - [:private_key_file, :public_key_file, :key, :algorithm]
+        invalid_options = options.keys - [:private_key_file, :public_key_file, :password, :key, :algorithm, :pkcs5_compliant]
         raise ArgumentError, "Unknown key(s): #{invalid_options.join(", ")}" unless invalid_options.empty?
         
         options = {
-          :private_key_file => AsymmetricEncryptor.default_private_key_file,
-          :public_key_file => AsymmetricEncryptor.default_public_key_file,
-          :algorithm => AsymmetricEncryptor.default_algorithm
+          :private_key_file => self.class.default_private_key_file,
+          :public_key_file => self.class.default_public_key_file,
+          :algorithm => self.class.default_algorithm
         }.merge(options)
         
         @public_key = @private_key = nil
         
-        self.key = options[:key]
         self.algorithm  = options[:algorithm]
         self.private_key_file = options[:private_key_file]
         self.public_key_file  = options[:public_key_file]
+        self.password = options[:password] || options[:key]
+        warn(':key option is deprecated and will be removed from encrypted_attributes 0.2.0 (use :password)') if options[:key]
+        @pkcs5_compliant = options[:pkcs5_compliant]
+        
+        raise ArgumentError, 'At least one key file must be specified (:private_key_file or :public_key_file)' unless private_key_file || public_key_file
         
         super()
       end
@@ -148,7 +158,7 @@ module PluginAWeek #:nodoc:
           @private_rsa = nil
           
           if private_key_file && File.file?(private_key_file)
-            @private_key = File.open(private_key_file) {|f| f.read}
+            @private_key = File.read(private_key_file)
           end
         end
         
@@ -157,14 +167,18 @@ module PluginAWeek #:nodoc:
           @public_rsa = nil
           
           if public_key_file && File.file?(public_key_file)
-            @public_key = File.open(public_key_file) {|f| f.read}
+            @public_key = File.read(public_key_file)
           end
         end
         
         # Retrieves the private RSA from the private key
         def private_rsa
-          if key
-            private_key = @private_key.decrypt(:symmetric, :key => key, :algorithm => algorithm)
+          if password
+            options = {:password => password}
+            options[:algorithm] = algorithm if algorithm
+            options[:pkcs5_compliant] = @pkcs5_compliant if !@pkcs5_compliant.nil?
+            
+            private_key = @private_key.decrypt(:symmetric, options)
             OpenSSL::PKey::RSA.new(private_key)
           else
             @private_rsa ||= OpenSSL::PKey::RSA.new(@private_key)

data/lib/encrypted_strings/extensions/string.rb

@@ -60,7 +60,7 @@ module PluginAWeek #:nodoc:
         # == Example
         # 
         #   password = 'shhhh'
-        #   password.encrypt!(:symmetric, :key => 'my_key') # => "jDACXI5hMPI=\n"
+        #   password.encrypt!(:symmetric, :password => 'my_key') # => "jDACXI5hMPI=\n"
         #   password                                        # => "jDACXI5hMPI=\n"
         def encrypt!(*args)
           encrypted_string = encrypt(*args)
@@ -89,7 +89,7 @@ module PluginAWeek #:nodoc:
         # == Example
         # 
         #   password = "jDACXI5hMPI=\n"
-        #   password.decrypt(:symmetric, :key => 'my_key')  # => "shhhh"
+        #   password.decrypt(:symmetric, :password => 'my_key')  # => "shhhh"
         def decrypt(*args)
           raise ArgumentError, "An encryption algorithm must be specified since we can't figure it out" if args.empty? && !@encryptor
           
@@ -107,7 +107,7 @@ module PluginAWeek #:nodoc:
         # For example,
         # 
         #   password = "jDACXI5hMPI=\n"
-        #   password.decrypt!(:symmetric, :key => 'my_key') # => "shhhh"
+        #   password.decrypt!(:symmetric, :password => 'my_key') # => "shhhh"
         #   password                                        # => "shhhh"
         def decrypt!(*args)
           value = replace(decrypt(*args))

data/lib/encrypted_strings/sha_encryptor.rb

@@ -28,9 +28,13 @@ module PluginAWeek #:nodoc:
     #   input = "shhhh".encrypt(:sha, :salt => "secret")    # => "3b22cbe4acde873c3efc82681096f3ae69aff828"
     #   password == input                                   # => true
     class ShaEncryptor < Encryptor
-      # The default salt value to use during encryption
+      class << self
+        # The default salt value to use during encryption
+        attr_accessor :default_salt
+      end
+      
+      # Set defaults
       @default_salt = 'salt'
-      class << self; attr_accessor :default_salt; end
       
       # The salt value to use for encryption
       attr_accessor :salt

data/lib/encrypted_strings/symmetric_encryptor.rb

@@ -2,96 +2,132 @@ require 'encrypted_strings/no_key_error'
 
 module PluginAWeek #:nodoc:
   module EncryptedStrings
-    # Symmetric encryption uses a key and a specific algorithm to encrypt the
-    # string.  As long as the key and algorithm are known, the string can be
-    # decrypted.
+    # Symmetric encryption uses a password and a specific algorithm to encrypt
+    # the string.  As long as the password and algorithm are known, the string
+    # can be decrypted.
     # 
     # Source: http://support.microsoft.com/kb/246071
     # 
     # == Encrypting 
     # 
     # To encrypt a string using a symmetric algorithm, the type of algorithm and
-    # key must be specified.  You can define the defaults for these values like
-    # so:
+    # password *must* be specified.  You can define the defaults for these
+    # values like so:
     # 
     #   PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_algorithm = 'des-ecb'
-    #   PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key = 'secret'
+    #   PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password = 'secret'
     # 
     # If these configuration options are not passed in to #encrypt, then the
     # default values will be used.  You can override the default values like so:
     # 
     #   password = 'shhhh'
-    #   password.encrypt(:symmetric, :algorithm => 'des-ecb', :key => 'secret')  # => "sUG6tYSn0mI=\n"
+    #   password.encrypt(:symmetric, :algorithm => 'des-ecb', :password => 'secret')  # => "sUG6tYSn0mI=\n"
     # 
-    # An exception will be raised if no key is specified.
+    # An exception will be raised if no password is specified.
     # 
     # == Decrypting
     # 
     # To decrypt a string using an symmetric algorithm, the type of algorithm
-    # and key must also be specified.  Defaults for these values can be defined
-    # as show above.
+    # and password must also be specified.  Defaults for these values can be
+    # defined as show above.
     # 
     # If these configuration options are not passed in to #decrypt, then the
     # default values will be used.  You can override the default values like so:
     # 
     #   password = "sUG6tYSn0mI=\n"
-    #   password.decrypt(:symmetric, :algorithm => 'des-ecb', :key => 'secret') # => "shhhh"
+    #   password.decrypt(:symmetric, :algorithm => 'des-ecb', :password => 'secret') # => "shhhh"
     # 
-    # An exception will be raised if no key is specified.
+    # An exception will be raised if no password is specified.
     class SymmetricEncryptor < Encryptor
-      # The default algorithm to use for encryption.  Default is DES
-      @default_algorithm = 'DES-EDE3-CBC'
-      class << self; attr_accessor :default_algorithm; end
+      class << self
+        # The default algorithm to use for encryption.  Default is DES-EDE3-CBC.
+        attr_accessor :default_algorithm
+        
+        # The default password to use for generating the key and initialization
+        # vector.  Default is nil.
+        attr_accessor :default_password
+        
+        # DEPRECATED
+        def default_key #:nodoc:
+          warn("#{self}.default_key is deprecated and will be removed from encrypted_attributes 0.2.0 (use default_password)")
+          @default_password
+        end
+        
+        # DEPRECATED
+        def default_key=(value) #:nodoc:
+          warn("#{self}.default_key= is deprecated and will be removed from encrypted_attributes 0.2.0 (use default_password=)")
+          @default_password = value
+        end
+      end
       
-      # The default key to use.  Default is nil
-      @default_key = nil
-      class << self; attr_accessor :default_key; end
+      # Set default values
+      @default_algorithm = 'DES-EDE3-CBC'
+      @default_password = nil
       
       # The algorithm to use for encryption/decryption
       attr_accessor :algorithm
       
-      # The private key that seeds the algorithm
-      attr_accessor :key
+      # The password that generates the key/initialization vector for the
+      # algorithm
+      attr_accessor :password
       
       # Configuration options:
-      # * +key+ - Private key
-      # * +algorithm+ - Algorithm to use
+      # * +algorithm+ - The algorithm to use
+      # * +password+ - The secret key to use for generating the key/initialization vector for the algorithm
+      # * +key+ - DEPRECATED. The secret key to use for generating the key/initialization vector for the algorithm
+      # * +pkcs5_compliant+ - Whether the generated key/iv should comply to the PKCS #5 standard. Default is false.
       def initialize(options = {})
-        invalid_options = options.keys - [:key, :algorithm]
+        invalid_options = options.keys - [:algorithm, :password, :key, :pkcs5_compliant]
         raise ArgumentError, "Unknown key(s): #{invalid_options.join(", ")}" unless invalid_options.empty?
         
         options = {
-          :key => SymmetricEncryptor.default_key,
-          :algorithm => SymmetricEncryptor.default_algorithm
+          :algorithm => self.class.default_algorithm,
+          :password => self.class.default_password,
+          :pkcs5_compliant => false
         }.merge(options)
         
-        self.key = options[:key]
-        raise NoKeyError if key.nil?
+        @pkcs5_compliant = options[:pkcs5_compliant]
+        warn('PKCS #5 non-compliancy is deprecated and will be removed from encrypted_attributes 0.2.0') if @pkcs5_compliant == false
         
         self.algorithm = options[:algorithm]
         
+        self.password = options[:password] || options[:key]
+        warn(':key option is deprecated and will be removed from encrypted_attributes 0.2.0 (use :password)') if options[:key]
+        raise NoKeyError if password.nil?
+        
         super()
       end
       
       # Decrypts the current string using the current key and algorithm specified
       def decrypt(data)
-        cipher.decrypt(key)
-        decrypted_data = cipher.update(Base64.decode64(data))
-        decrypted_data << cipher.final
+        cipher = build_cipher(:decrypt)
+        cipher.update(Base64.decode64(data)) + cipher.final
       end
       
       # Encrypts the current string using the current key and algorithm specified
       def encrypt(data)
-        cipher.encrypt(key)
-        encrypted_data = cipher.update(data)
-        encrypted_data << cipher.final
-        
-        Base64.encode64(encrypted_data)
+        cipher = build_cipher(:encrypt)
+        Base64.encode64(cipher.update(data) + cipher.final)
       end
       
       private
-        def cipher #:nodoc:
-          @cipher ||= OpenSSL::Cipher::Cipher.new(algorithm)
+        def build_cipher(type) #:nodoc:
+          cipher = OpenSSL::Cipher.new(algorithm)
+          cipher.send(type)
+          
+          if @pkcs5_compliant
+            # Use the default PKCS5 key/iv generator algorithm
+            cipher.pkcs5_keyivgen(password)
+          else
+            # To remain backwards-compatible, the deprecated #encrypt/#decrypt
+            # calls (which take a single argument, being the password) is replaced
+            # with pkcs5_keyivgen.  Internally, this uses "OpenSSL for Ruby rulez!"
+            # as the IV/salt.  This is also the case for the number of iterations.
+            cipher.pkcs5_keyivgen(password, 'OpenSSL ', 1)
+            cipher.iv = 'OpenSSL for Ruby rulez!'
+          end
+          
+          cipher
         end
     end
   end

data/test/asymmetric_encryptor_test.rb

@@ -2,6 +2,37 @@ require File.dirname(__FILE__) + '/test_helper'
 
 class AsymmetricEncryptorByDefaultTest < Test::Unit::TestCase
   def setup
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:public_key_file => File.dirname(__FILE__) + '/keys/public')
+  end
+  
+  def test_should_raise_an_exception
+    assert_raise(ArgumentError) {PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new}
+  end
+  
+  def test_should_not_have_a_public_key_file
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => File.dirname(__FILE__) + '/keys/private')
+    assert_nil @asymmetric_encryptor.public_key_file
+  end
+  
+  def test_should_not_have_a_private_key_file
+    assert_nil @asymmetric_encryptor.private_key_file
+  end
+  
+  def test_should_not_have_an_algorithm
+    assert_nil @asymmetric_encryptor.algorithm
+  end
+  
+  def test_should_not_have_a_password
+    assert_nil @asymmetric_encryptor.password
+  end
+end
+
+class AsymmetricEncryptorWithCustomDefaultsTest < Test::Unit::TestCase
+  def setup
+    @original_default_public_key_file = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_public_key_file
+    @original_default_private_key_file = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_private_key_file
+    @original_default_algorithm = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_algorithm
+    
     PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_public_key_file = File.dirname(__FILE__) + '/keys/public'
     PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_private_key_file = File.dirname(__FILE__) + '/keys/private'
     PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_algorithm = 'DES-EDE3-CBC'
@@ -9,11 +40,11 @@ class AsymmetricEncryptorByDefaultTest < Test::Unit::TestCase
     @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new
   end
   
-  def test_should_use_the_default_public_key_file
+  def test_should_use_default_public_key_file
     assert_equal File.dirname(__FILE__) + '/keys/public', @asymmetric_encryptor.public_key_file
   end
   
-  def test_should_use_the_default_private_key_file
+  def test_should_use_default_private_key_file
     assert_equal File.dirname(__FILE__) + '/keys/private', @asymmetric_encryptor.private_key_file
   end
   
@@ -21,14 +52,14 @@ class AsymmetricEncryptorByDefaultTest < Test::Unit::TestCase
     assert_equal 'DES-EDE3-CBC', @asymmetric_encryptor.algorithm
   end
   
-  def test_should_not_have_a_key
-    assert_nil @asymmetric_encryptor.key
+  def test_should_not_have_a_password
+    assert_nil @asymmetric_encryptor.password
   end
   
   def teardown
-    PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_public_key_file = nil
-    PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_private_key_file = nil
-    PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_algorithm = nil
+    PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_public_key_file = @original_default_public_key_file
+    PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_private_key_file = @original_default_private_key_file
+    PluginAWeek::EncryptedStrings::AsymmetricEncryptor.default_algorithm = @original_default_algorithm
   end
 end
 
@@ -40,7 +71,7 @@ end
 
 class AsymmetricEncryptorTest < Test::Unit::TestCase
   def setup
-    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:public_key_file => File.dirname(__FILE__) + '/keys/public')
   end
   
   def test_should_be_able_to_decrypt
@@ -50,7 +81,7 @@ end
 
 class AsymmetricEncryptorWithoutPublicKeyTest < Test::Unit::TestCase
   def setup
-    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:public_key_file => nil)
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:public_key_file => nil, :private_key_file => File.dirname(__FILE__) + '/keys/private')
   end
   
   def test_should_not_be_public
@@ -86,7 +117,7 @@ end
 
 class AsymmetricEncryptorWithoutPrivateKeyTest < Test::Unit::TestCase
   def setup
-    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => nil)
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => nil, :public_key_file => File.dirname(__FILE__) + '/keys/public')
   end
   
   def test_should_not_be_private
@@ -94,7 +125,7 @@ class AsymmetricEncryptorWithoutPrivateKeyTest < Test::Unit::TestCase
   end
   
   def test_should_not_be_able_to_decrypt
-    assert_raise(PluginAWeek::EncryptedStrings::NoPrivateKeyError) {@asymmetric_encryptor.decrypt("NMGkkSu8dFdM455ru46b8TIkWQDHVdi4aJFZBCZ5p2VQV88OJnLBnnWYBXZk\n8HcyXzKb1I9lxuVHU/eZorGl7Q==\n")}
+    assert_raise(PluginAWeek::EncryptedStrings::NoPrivateKeyError) {@asymmetric_encryptor.decrypt("HbEh0Hwri26S7SWYqO26DBbzfhR1h/0pXYLjSKUpxF5DOaOCtD9oRN748+Na\nrfNaVN5Eg7RUhbRFZE+UnNHo6Q==\n")}
   end
 end
 
@@ -120,46 +151,44 @@ class AsymmetricEncryptorWithPrivateKeyTest < Test::Unit::TestCase
   end
 end
 
-class AsymmetricEncryptorWithEncryptedPublicKeyTest < Test::Unit::TestCase
+class AsymmetricEncryptorWithEncryptedPrivateKeyTest < Test::Unit::TestCase
   def setup
-    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:public_key_file => File.dirname(__FILE__) + '/keys/encrypted_public')
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => File.dirname(__FILE__) + '/keys/encrypted_private', :algorithm => 'DES-EDE3-CBC', :password => 'secret')
   end
   
-  def test_should_be_public
-    assert @asymmetric_encryptor.public?
+  def test_should_not_be_public
+    assert !@asymmetric_encryptor.public?
   end
   
-  def test_should_not_be_private
-    assert !@asymmetric_encryptor.private?
+  def test_should_be_private
+    assert @asymmetric_encryptor.private?
   end
   
-  def test_should_be_able_to_encrypt
-    assert_equal 90, @asymmetric_encryptor.encrypt('test').length
+  def test_should_not_be_able_to_encrypt
+    assert_raise(PluginAWeek::EncryptedStrings::NoPublicKeyError) {@asymmetric_encryptor.encrypt('test')}
   end
   
-  def test_should_not_be_able_to_decrypt
-    assert_raise(PluginAWeek::EncryptedStrings::NoPrivateKeyError) {@asymmetric_encryptor.decrypt("NMGkkSu8dFdM455ru46b8TIkWQDHVdi4aJFZBCZ5p2VQV88OJnLBnnWYBXZk\n8HcyXzKb1I9lxuVHU/eZorGl7Q==\n")}
+  def test_should_be_able_to_decrypt
+    assert_equal 'test', @asymmetric_encryptor.decrypt("HbEh0Hwri26S7SWYqO26DBbzfhR1h/0pXYLjSKUpxF5DOaOCtD9oRN748+Na\nrfNaVN5Eg7RUhbRFZE+UnNHo6Q==\n")
   end
 end
 
-class AsymmetricEncryptorWithEncryptedPrivateKeyTest < Test::Unit::TestCase
+class AsymmetricEncryptorWithPKCS5CompliancyTest < Test::Unit::TestCase
   def setup
-    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => File.dirname(__FILE__) + '/keys/encrypted_private', :algorithm => 'DES-EDE3-CBC', :key => 'secret')
-  end
-  
-  def test_should_not_be_public
-    assert !@asymmetric_encryptor.public?
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => File.dirname(__FILE__) + '/keys/pkcs5_encrypted_private', :algorithm => 'DES-EDE3-CBC', :password => 'secret', :pkcs5_compliant => true)
   end
   
-  def test_should_be_private
-    assert @asymmetric_encryptor.private?
+  def test_should_be_able_to_decrypt
+    assert_equal 'test', @asymmetric_encryptor.decrypt("HbEh0Hwri26S7SWYqO26DBbzfhR1h/0pXYLjSKUpxF5DOaOCtD9oRN748+Na\nrfNaVN5Eg7RUhbRFZE+UnNHo6Q==\n")
   end
-  
-  def test_should_not_be_able_to_encrypt
-    assert_raise(PluginAWeek::EncryptedStrings::NoPublicKeyError) {@asymmetric_encryptor.encrypt('test')}
+end
+
+class AsymmetricEncyrptorWithDeprecatedKeyTest < Test::Unit::TestCase
+  def setup
+    @asymmetric_encryptor = PluginAWeek::EncryptedStrings::AsymmetricEncryptor.new(:private_key_file => File.dirname(__FILE__) + '/keys/encrypted_private', :key => 'secret')
   end
   
-  def test_should_be_able_to_decrypt
-    assert_equal 'test', @asymmetric_encryptor.decrypt("oo6gLdPuPGmiAD83EKMiXkod5jvoN4JC8azGbCF/ludwuik4QT58DAsidqsN\n5Xu103JgRIZjRgDEhNhO6szfAA==\n")
+  def test_should_set_password
+    assert_equal 'secret', @asymmetric_encryptor.password
   end
 end

data/test/keys/encrypted_private

@@ -1,12 +1,12 @@
-OBNa1q8kbx8pyZZjIpr/pZV0oulE2czh5JlPW/13XsBvoz+A2zxA9gchhi6c
-3yvfqgcZdojcsep+IiTqeg3gOPB2xNbedpP1lm+9tEfgdb9r1CLzRcURh7Hg
-ufWgyEkS0lloz/YLy4hg9YDKetFNF9fnrk3xVwZPwFVuk4l/Unw1FTXLHsrq
-KG27cR8mvNOow4bk4LVhk/avFSM85m3ITySEnyJsQQDzsI/RrWcQ7Js+8Ynv
-esN51E/T0CYtkMEne2zSaD5qUTJlQ7Qtn4UUeZkpYjn4xQZPxw4OjL6zofg7
-lsqElSv1/qP3QI8aKcQQklVsHRc5AgsxOFX4J6g6lo4kOGOwn0Ex8IRDfOej
-pq4SUDh9IXz+6FBieQrObB/xEsKysVwRSzXre6ObHlPFsigg5ekFPyCv5ZTz
-0iP8+xe/FJRrYdR3r3F5pRkOy0pw9EqlrLjmOx3/fgxhLq8FWmcSBbH3h3SG
-GkJlfHNjF77FTJjnHKzRS+5VpdW4IHbsjL+NlI1z9Ol//czYvSGv85NdJvkq
-PmH3o0+uYdwY5PeSMOPV21nJ3dwiKlm5IMFasL3C5yVJNVTVZTS7vWdcgZ4U
-XfWQ9Y266ibbqXPluv4nxt1+kgjxmPbjPdYrlB5t7a2+unzT3oE3f4VGOG+k
-YqFg0ErHN+fu
+OBNa1q8kbx8pyZZjIpr/pZV0oulE2czh5JlPW/13XsDKYjIwiLkCTZI5Vhv5
+cCF+wQuNvrbnp/QvJGzc5aJK1GwxqEb9hAwCzxw69DVjIhUowXDk/rYWUaTq
+YwpieO1v6gQrOVxerOubR7LT6A4I6k1CTECX6zeJeGgT2jOfXzIii0T1gmYD
+tJxLlNclpGB+eS+tuwrfyNmE4CkYa5vjuWdxHAeMRXPlm+o3ErE0QZ36Sn51
+TScPDsZHo7Ppit87sPXpubM/5JltN0QwV4Hj9dJoSm0QNWDb3BoyT1uuJ0wm
+b/adzINN1oUjdgMB9g3kmkErS3MRJtuPRNuU7/GvAuv78pQ5tAdkvk8gu7Cd
+5cFgnzvE7l96oZB6TXgsnpjVLide61Di+mX8K2dvUdoCNgrQ1iPklTbEfJeH
+U/GoUV1ZyVnEfHkeWBEmC8YVBeri+lFL923g7z29luhxiBRkhows8TQsQ4hX
+SMlFCKCKWKW2/58aSlvj0INa4NiBwkY987/X7VYvnSm747vOcD8Xmnd0Qwvt
+weC2/NK11NFTNBIIodqsbvtlt1Ff0SXrO5PfbDU1yY+xzbx7SAwqhImXwScS
+4b0nFpArdfeVKNp5teSiu050m4B8kb2EjPW7NISui5NXxWtU5Mu41EnenGES
+CkHsLI3plvL/

data/test/keys/pkcs5_encrypted_private

@@ -0,0 +1,12 @@
+TGr8Jm/7zh1dfjjoNJtOncvX/BdUL47b8k2rQbMTY7VD6ZpD317NTuVX1hHV
+54Nm6pnCId5wcga3sI3TqolTxkqKBy7Rb1mPVBeJyd7ZuoD7zp65+ws+o4Lr
+Xn/3WculfuThUnDESqD53vnKPCfRK6hoMDygEV7urmuide5ogpZp52lidUku
+cXOHDqfVETX7NNnHHghg/6qDUX7+0qf+XeKe8uiI0cPoE5YFnOHyF7oOBGtR
+IqJG97q1InCJMeAbMSxcjO71Te51Z098yI+XN4rGmXbmzSrVKHMUk0tdsVxi
+CE5OmnzLeXK1xomxkRmXZzl10WDBn9e4knoLJTlDdNR3fA4gLRfy3r6RBlDl
+j7HI53o5gi9PTshSXwHr6Q8SV9fty2Nz3/yRT/ZPLUJC1GUqErLl2j6zYbVR
+8YMaLt1Zqi79ycPZxZV4Zh57YE86nUqepS1pzVpcS8dHZMne846lTyaOyxZ8
+dxW+18s7E7KqpHj17QYrF6c7R5ZHgoNAbLFeGSUCXqkW8YdyidLqQTzWN7hF
+roVcZWFe8YfSUKmgndVBOHGHxMGr+OYgVdAStOEwmRHaNGgSBE4FCkKXYJUj
+ec3zNpiOCb8zxfNku5nT5nIHnGqO4JKWDvDGVioV+ffHwXpAw3OFE5n+M/uo
+4ZZbVSh1qZxd

data/test/sha_encryptor_test.rb

@@ -14,6 +14,26 @@ class ShaEncryptorByDefaulTest < Test::Unit::TestCase
   end
 end
 
+class ShaEncryptorWithCustomDefaultsTest < Test::Unit::TestCase
+  def setup
+    @original_default_salt = PluginAWeek::EncryptedStrings::ShaEncryptor.default_salt
+    PluginAWeek::EncryptedStrings::ShaEncryptor.default_salt = 'custom_salt'
+    @sha_encryptor = PluginAWeek::EncryptedStrings::ShaEncryptor.new
+  end
+  
+  def test_should_use_custom_default_salt
+    assert_equal 'custom_salt', @sha_encryptor.salt
+  end
+  
+  def test_should_encrypt_using_custom_default_salt
+    assert_equal '280f3c516070b09aa3eb755378509c725a9c6561', @sha_encryptor.encrypt('test')
+  end
+  
+  def teardown
+    PluginAWeek::EncryptedStrings::ShaEncryptor.default_salt = @original_default_salt
+  end
+end
+
 class ShaEncryptorWithInvalidOptionsTest < Test::Unit::TestCase
   def test_should_throw_an_exception
     assert_raise(ArgumentError) {PluginAWeek::EncryptedStrings::ShaEncryptor.new(:invalid => true)}
@@ -34,7 +54,7 @@ class ShaEncryptorTest < Test::Unit::TestCase
   end
 end
 
-class ShaEncryptorWithCustomSaltTest < Test::Unit::TestCase
+class ShaEncryptorWithCustomOptionsTest < Test::Unit::TestCase
   def setup
     @sha_encryptor = PluginAWeek::EncryptedStrings::ShaEncryptor.new(:salt => 'different salt')
   end

data/test/string_test.rb

@@ -26,7 +26,7 @@ end
 
 class StringWithCustomEncryptor
   def setup
-    @encrypted_string = 'test'.encrypt(:symmetric, :key => 'key')
+    @encrypted_string = 'test'.encrypt(:symmetric, :password => 'key')
   end
   
   def test_should_use_custom_encryptor
@@ -83,7 +83,7 @@ end
 
 class StringAfterBeingDecryptedTest < Test::Unit::TestCase
   def setup
-    @encrypted_string = 'test'.encrypt(:symmetric, :key => 'secret')
+    @encrypted_string = 'test'.encrypt(:symmetric, :password => 'secret')
     @decrypted_string = @encrypted_string.decrypt
   end
   
@@ -98,7 +98,7 @@ end
 
 class StringAfterBeingDecryptedAndReplacedTest < Test::Unit::TestCase
   def setup
-    @encrypted_string = 'test'.encrypt(:symmetric, :key => 'secret')
+    @encrypted_string = 'test'.encrypt(:symmetric, :password => 'secret')
     @encrypted_string.decrypt!
   end
   
@@ -163,7 +163,7 @@ end
 
 class StringWithDecryptableEncryptorTest < Test::Unit::TestCase
   def setup
-    @encrypted_string = 'test'.encrypt(:symmetric, :key => 'secret')
+    @encrypted_string = 'test'.encrypt(:symmetric, :password => 'secret')
   end
   
   def test_should_be_able_to_decrypt
@@ -180,7 +180,7 @@ class StringWithDecryptableEncryptorTest < Test::Unit::TestCase
   end
   
   def test_should_be_able_to_check_equality_with_encrypted_value_of_encrypted_string
-    encrypted_encrypted_string = @encrypted_string.encrypt(:symmetric, :key => 'secret')
+    encrypted_encrypted_string = @encrypted_string.encrypt(:symmetric, :password => 'secret')
     
     assert_equal @encrypted_string, encrypted_encrypted_string
     assert_equal encrypted_encrypted_string, @encrypted_string
@@ -192,7 +192,7 @@ class StringWithDecryptableEncryptorTest < Test::Unit::TestCase
   end
   
   def test_should_not_be_able_to_check_equality_more_than_one_encryption_away
-    encrypted_encrypted_string = @encrypted_string.encrypt(:symmetric, :key => 'secret')
+    encrypted_encrypted_string = @encrypted_string.encrypt(:symmetric, :password => 'secret')
     
     assert_not_equal 'test', encrypted_encrypted_string
     assert_not_equal encrypted_encrypted_string, 'test'
@@ -217,6 +217,6 @@ class StringPreviouslyEncryptedTest < Test::Unit::TestCase
   end
   
   def test_should_be_able_to_decrypt_with_custom_mode
-    assert_equal 'test', @encrypted_string.decrypt(:symmetric, :key => 'secret')
+    assert_equal 'test', @encrypted_string.decrypt(:symmetric, :password => 'secret')
   end
 end

data/test/symmetric_encryptor_test.rb

@@ -2,28 +2,55 @@ require File.dirname(__FILE__) + '/test_helper'
 
 class SymmetricEncryptorByDefaultTest < Test::Unit::TestCase
   def setup
-    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key = 'secret'
-    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new
+    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:password => 'secret')
   end
   
-  def test_should_use_the_default_key
-    assert_equal 'secret', @symmetric_encryptor.key
+  def test_should_use_default_algorithm
+    assert_equal 'DES-EDE3-CBC', @symmetric_encryptor.algorithm
   end
   
-  def test_should_use_the_default_algorithm
-    assert_equal 'DES-EDE3-CBC', @symmetric_encryptor.algorithm
+  def test_should_raise_exception
+    assert_raise(PluginAWeek::EncryptedStrings::NoKeyError) {PluginAWeek::EncryptedStrings::SymmetricEncryptor.new}
   end
   
-  def test_should_encrypt_using_the_default_configuration
+  def test_should_encrypt_using_default_configuration
     assert_equal "MU6e/5LvhKA=\n", @symmetric_encryptor.encrypt('test')
   end
   
-  def test_should_decrypt_encrypted_string_using_the_default_configuration
+  def test_should_decrypt_encrypted_string_using_default_configuration
     assert_equal 'test', @symmetric_encryptor.decrypt("MU6e/5LvhKA=\n")
   end
+end
+
+class SymmetricEncryptorWithCustomDefaultsTest < Test::Unit::TestCase
+  def setup
+    @original_default_algorithm = PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_algorithm
+    @original_default_password = PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password
+    
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_algorithm = 'DES-EDE3-CFB'
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password = 'secret'
+    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new
+  end
+  
+  def test_should_use_custom_default_algorithm
+    assert_equal 'DES-EDE3-CFB', @symmetric_encryptor.algorithm
+  end
+  
+  def test_should_use_custom_default_password
+    assert_equal 'secret', @symmetric_encryptor.password
+  end
+  
+  def test_should_encrypt_using_custom_default_configuration
+    assert_equal "C7D9mg==\n", @symmetric_encryptor.encrypt('test')
+  end
+  
+  def test_should_decrypt_encrypted_string_using_custom_default_configuration
+    assert_equal 'test', @symmetric_encryptor.decrypt("C7D9mg==\n")
+  end
   
   def teardown
-    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key = nil
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_algorithm = @original_default_algorithm
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password = @original_default_password
   end
 end
 
@@ -35,7 +62,7 @@ end
 
 class SymmetricEncryptorTest < Test::Unit::TestCase
   def setup
-    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:key => 'secret')
+    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:password => 'secret')
   end
   
   def test_should_be_able_to_decrypt
@@ -45,17 +72,17 @@ end
 
 class SymmetricEncryptorWithCustomOptionsTest < Test::Unit::TestCase
   def setup
-    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:key => 'secret', :algorithm => 'DES-EDE3-CFB')
-  end
-  
-  def test_should_use_custom_key
-    assert_equal 'secret', @symmetric_encryptor.key
+    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:algorithm => 'DES-EDE3-CFB', :password => 'secret')
   end
   
   def test_should_use_custom_algorithm
     assert_equal 'DES-EDE3-CFB', @symmetric_encryptor.algorithm
   end
   
+  def test_should_use_custom_password
+    assert_equal 'secret', @symmetric_encryptor.password
+  end
+  
   def test_should_encrypt_using_custom_options
     assert_equal "C7D9mg==\n", @symmetric_encryptor.encrypt('test')
   end
@@ -64,3 +91,47 @@ class SymmetricEncryptorWithCustomOptionsTest < Test::Unit::TestCase
     assert_equal 'test', @symmetric_encryptor.decrypt("C7D9mg==\n")
   end
 end
+
+class SymmetricEncryptorWithPKCS5CompliancyTest < Test::Unit::TestCase
+  def setup
+    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:password => 'secret', :pkcs5_compliant => true)
+  end
+  
+  def test_should_encrypt_using_pkcs5_generated_key
+    assert_equal "oTxJd67ElLY=\n", @symmetric_encryptor.encrypt('test')
+  end
+  
+  def test_should_decrypt_using_pkcs5_generated_key
+    assert_equal 'test', @symmetric_encryptor.decrypt("oTxJd67ElLY=\n" )
+  end
+end
+
+class SymmetricEncryptorWithDeprecatedDefaultsTest < Test::Unit::TestCase
+  def setup
+    @original_default_password = PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password
+  end
+  
+  def test_should_set_password_when_setting_key
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key = 'secret'
+    assert_equal 'secret', PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password
+  end
+  
+  def test_should_get_password_when_getting_key
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key = 'secret'
+    assert_equal 'secret', PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_key
+  end
+  
+  def teardown
+    PluginAWeek::EncryptedStrings::SymmetricEncryptor.default_password = @original_default_password
+  end
+end
+
+class SymmetricEncryptorWithDeprecatedKeyTest < Test::Unit::TestCase
+  def setup
+    @symmetric_encryptor = PluginAWeek::EncryptedStrings::SymmetricEncryptor.new(:key => 'secret')
+  end
+  
+  def test_should_set_password
+    assert_equal 'secret', @symmetric_encryptor.password
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: encrypted_strings
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors: 
 - Aaron Pfeifer
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2008-07-07 00:00:00 -04:00
+date: 2008-12-01 00:00:00 -05:00
 default_executable: 
 dependencies: []
 
@@ -22,31 +22,31 @@ extensions: []
 extra_rdoc_files: []
 
 files: 
-- lib/encrypted_strings.rb
 - lib/encrypted_strings
-- lib/encrypted_strings/no_key_error.rb
-- lib/encrypted_strings/encryptor.rb
-- lib/encrypted_strings/symmetric_encryptor.rb
-- lib/encrypted_strings/no_public_key_error.rb
+- lib/encrypted_strings/no_private_key_error.rb
 - lib/encrypted_strings/asymmetric_encryptor.rb
 - lib/encrypted_strings/sha_encryptor.rb
-- lib/encrypted_strings/no_private_key_error.rb
 - lib/encrypted_strings/extensions
 - lib/encrypted_strings/extensions/string.rb
+- lib/encrypted_strings/encryptor.rb
+- lib/encrypted_strings/no_key_error.rb
+- lib/encrypted_strings/no_public_key_error.rb
+- lib/encrypted_strings/symmetric_encryptor.rb
+- lib/encrypted_strings.rb
+- test/asymmetric_encryptor_test.rb
 - test/symmetric_encryptor_test.rb
-- test/no_public_key_error_test.rb
+- test/test_helper.rb
+- test/no_key_error_test.rb
 - test/sha_encryptor_test.rb
+- test/no_private_key_error_test.rb
 - test/keys
 - test/keys/encrypted_private
 - test/keys/private
 - test/keys/public
-- test/keys/encrypted_public
-- test/no_key_error_test.rb
-- test/test_helper.rb
+- test/keys/pkcs5_encrypted_private
 - test/string_test.rb
-- test/asymmetric_encryptor_test.rb
+- test/no_public_key_error_test.rb
 - test/encryptor_test.rb
-- test/no_private_key_error_test.rb
 - CHANGELOG.rdoc
 - init.rb
 - LICENSE
@@ -74,16 +74,16 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: pluginaweek
-rubygems_version: 1.1.1
+rubygems_version: 1.2.0
 signing_key: 
 specification_version: 2
 summary: Dead-simple string encryption/decryption syntax.
 test_files: 
+- test/asymmetric_encryptor_test.rb
 - test/symmetric_encryptor_test.rb
-- test/no_public_key_error_test.rb
-- test/sha_encryptor_test.rb
 - test/no_key_error_test.rb
+- test/sha_encryptor_test.rb
+- test/no_private_key_error_test.rb
 - test/string_test.rb
-- test/asymmetric_encryptor_test.rb
+- test/no_public_key_error_test.rb
 - test/encryptor_test.rb
-- test/no_private_key_error_test.rb

data/test/keys/encrypted_public

@@ -1,4 +0,0 @@
------BEGIN RSA PUBLIC KEY-----
-MEgCQQCvktJgveIcgTH98hAhMjo0g6/GVMJaYdUh+/zQn4RBWASRmwEfJqggsfKT
-pSNendZQMD8kKS8J1YTBr60ToM25AgMBAAE=
------END RSA PUBLIC KEY-----