encryptor2 1.0.0

data/.gitignore

@@ -0,0 +1,2 @@
+pkg
+rdoc

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Sean Huber - shuber@huberry.com
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,115 @@
+Encryptor
+----------
+
+A simple wrapper for the standard ruby OpenSSL library
+
+Used by `http://github.com/danpal/attr_encrypted` to easily encrypt/decrypt attributes in any class
+
+Installation
+-------------
+
+    gem install encryptor
+
+Usage
+-----------
+
+##Basic
+
+Encryptor will use `aes-256-cbc` to encrypt securely. It's highly recommended you use an `iv(initialization vector)` and a `salt`. Encryptor takes this as
+options. If you specify an `:iv` you are required to specify a `:salt` too.
+
+The best example is:
+
+    salt = Time.now.to_i.to_s
+    secret_key = "secret"
+    iv = (OpenSSL::Cipher::Cipher.new('aes-256-cbc').random_iv
+    encrypted_value = Encryptor.encrypt('some string to encrypt', :key => secret_key, :iv => iv, :salt => salt)
+    decrypted_value = Encryptor.decrypt(encrypted_value, :key => secret_key, :iv => iv, :salt => salt)
+
+The value to encrypt or decrypt may also be passed as the :value option if you'd like.
+
+    encrypted_value = Encryptor.encrypt(:value => 'some string to encrypt', :key => secret_key, :iv => iv, :salt => salt) 
+    decrypted_value = Encryptor.decrypt(:value => encrypted_value, :key => secret_key, :iv => iv, :salt => salt)
+
+
+**You may also skip the salt and the iv if you want so. Doing so, you are on your own!**
+
+    encrypted_value = Encryptor.encrypt(:value => 'some string to encrypt', :key => 'secret') 
+    decrypted_value = Encryptor.decrypt(:value => encrypted_value, :key => 'secret')
+
+
+You may also pass the :algorithm< options but they are not required.
+
+    Encryptor.default_options.merge!(:algorithm => 'aes-128-cbc', :key => 'some default secret key', :iv => iv, :salt => salt)
+
+
+=== Strings
+
+Encryptor adds `encrypt` and `decrypt` methods to String objects for your convenience. These two methods accept the same arguments as the associated ones in the Encryptor module. They're nice when you set the default options in the Encryptor.default_options attribute. For example:
+
+    Encryptor.default_options.merge!(:key => 'some default secret key', :iv => iv, :salt => salt)
+    credit_card = 'xxxx xxxx xxxx 1234'
+    encrypted_credit_card = credit_card.encrypt
+
+There's also encrypt! and decrypt! methods that replace the contents of a string with the encrypted or decrypted version of itself.
+
+=== Algorithms
+
+Run openssl list-cipher-commands in your terminal to view a list of all cipher algorithms that are supported on your platform.
+
+    aes-128-cbc
+    aes-128-ecb
+    aes-192-cbc
+    aes-192-ecb
+    aes-256-cbc
+    aes-256-ecb
+    bf
+    bf-cbc
+    bf-cfb
+    bf-ecb
+    bf-ofb
+    cast
+    cast-cbc
+    cast5-cbc
+    cast5-cfb
+    cast5-ecb
+    cast5-ofb
+    des
+    des-cbc
+    des-cfb
+    des-ecb
+    des-ede
+    des-ede-cbc
+    des-ede-cfb
+    des-ede-ofb
+    des-ede3
+    des-ede3-cbc
+    des-ede3-cfb
+    des-ede3-ofb
+    des-ofb
+    des3
+    desx
+    idea
+    idea-cbc
+    idea-cfb
+    idea-ecb
+    idea-ofb
+    rc2
+    rc2-40-cbc
+    rc2-64-cbc
+    rc2-cbc
+    rc2-cfb
+    rc2-ecb
+    rc2-ofb
+    rc4
+    rc4-40
+
+
+Note on Patches/Pull Requests
+------------------------------
+
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a future version unintentionally.
+* Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.

data/Rakefile

@@ -0,0 +1,22 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+
+desc 'Default: run unit tests'
+task :default => :test
+
+desc 'Test the encryptor gem'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = true
+end
+
+desc 'Generate documentation for the encryptor gem'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Encryptor'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/encryptor.gemspec

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+
+lib = File.expand_path('../lib/', __FILE__)
+$:.unshift lib unless $:.include?(lib)
+
+require 'encryptor/version'
+require 'date'
+
+Gem::Specification.new do |s|
+  s.name     = 'encryptor2'
+  s.version  = Encryptor::Version
+  s.date     = Date.today
+  s.platform = Gem::Platform::RUBY
+
+  s.summary     = 'A simple wrapper for the standard ruby OpenSSL library'
+  s.description = 'A simple wrapper for the standard ruby OpenSSL library to encrypt and decrypt strings'
+
+  s.author   = 'Daniel Palacio'
+  s.email    = 'danpal@gmail.com'
+  s.homepage = 'http://github.com/danpal/encryptor'
+
+  s.require_paths = ['lib']
+
+  s.files       = `git ls-files`.split("\n")
+  s.test_files  = `git ls-files -- {test,spec,features}/*`.split("\n")
+  
+end

data/lib/encryptor.rb

@@ -0,0 +1,65 @@
+require 'openssl'
+require 'encryptor/string'
+
+String.send(:include, Encryptor::String)
+
+# A simple wrapper for the standard OpenSSL library
+module Encryptor
+  autoload :Version, 'encryptor/version'
+
+  extend self
+
+  # The default options to use when calling the <tt>encrypt</tt> and <tt>decrypt</tt> methods
+  #
+  # Defaults to { :algorithm => 'aes-256-cbc' }
+  #
+  # Run 'openssl list-cipher-commands' in your terminal to view a list all cipher algorithms that are supported on your platform
+  def default_options
+    @default_options ||= { :algorithm => 'aes-256-cbc' }
+  end
+
+  # Encrypts a <tt>:value</tt> with a specified <tt>:key</tt>
+  #
+  # Optionally accepts <tt>:iv</tt> and <tt>:algorithm</tt> options
+  #
+  # Example
+  #
+  #   encrypted_value = Encryptor.encrypt(:value => 'some string to encrypt', :key => 'some secret key')
+  #   # or
+  #   encrypted_value = Encryptor.encrypt('some string to encrypt', :key => 'some secret key')
+  def encrypt(*args, &block)
+    crypt :encrypt, *args, &block
+  end
+
+  # Decrypts a <tt>:value</tt> with a specified <tt>:key</tt>
+  #
+  # Optionally accepts <tt>:iv</tt> and <tt>:algorithm</tt> options
+  #
+  # Example
+  #
+  #   decrypted_value = Encryptor.decrypt(:value => 'some encrypted string', :key => 'some secret key')
+  #   # or
+  #   decrypted_value = Encryptor.decrypt('some encrypted string', :key => 'some secret key')
+  def decrypt(*args, &block)
+    crypt :decrypt, *args, &block
+  end
+
+  protected
+
+    def crypt(cipher_method, *args) #:nodoc:
+      options = default_options.merge(:value => args.first).merge(args.last.is_a?(Hash) ? args.last : {})
+      raise ArgumentError.new('must specify a :key') if options[:key].to_s.empty?
+      cipher = OpenSSL::Cipher::Cipher.new(options[:algorithm])
+      cipher.send(cipher_method)
+      if options[:iv]
+        raise ArgumentError.new('you must specify a :salt') if options[:salt].nil?
+        cipher.iv = options[:iv]
+        cipher.key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(options[:key], options[:salt], 2000, cipher.key_len)
+      else
+        cipher.pkcs5_keyivgen(options[:key])
+      end
+      yield cipher, options if block_given?
+      result = cipher.update(options[:value])
+      result << cipher.final
+    end
+end

data/lib/encryptor/string.rb

@@ -0,0 +1,24 @@
+module Encryptor
+  # Adds <tt>encrypt</tt> and <tt>decrypt</tt> methods to strings
+  module String
+    # Returns a new string containing the encrypted version of itself
+    def encrypt(options = {})
+      Encryptor.encrypt(options.merge(:value => self))
+    end
+
+    # Replaces the contents of a string with the encrypted version of itself
+    def encrypt!(options ={})
+      replace encrypt(options)
+    end
+
+    # Returns a new string containing the decrypted version of itself
+    def decrypt(options = {})
+      Encryptor.decrypt(options.merge(:value => self))
+    end
+
+    # Replaces the contents of a string with the decrypted version of itself
+    def decrypt!(options ={})
+      replace decrypt(options)
+    end
+  end
+end

data/lib/encryptor/version.rb

@@ -0,0 +1,17 @@
+module Encryptor
+  # Contains information about this gem's version
+  module Version
+    MAJOR = 1
+    MINOR = 0
+    PATCH = 0
+
+    # Returns a version string by joining <tt>MAJOR</tt>, <tt>MINOR</tt>, and <tt>PATCH</tt> with <tt>'.'</tt>
+    #
+    # Example
+    #
+    #   Version.to_s # '1.0.2'
+    def self.to_s
+      [MAJOR, MINOR, PATCH].join('.')
+    end
+  end
+end

data/test/encryptor_test.rb

@@ -0,0 +1,105 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class EncryptorTest < Test::Unit::TestCase
+
+  algorithms = %x(openssl list-cipher-commands).split
+  key = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+  iv = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+  salt = Time.now.to_i.to_s
+  original_value = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+
+  algorithms.reject { |algorithm| algorithm == 'base64' }.each do |algorithm|
+    encrypted_value_with_iv = Encryptor.encrypt(:value => original_value, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+    encrypted_value_without_iv = Encryptor.encrypt(:value => original_value, :key => key, :algorithm => algorithm)
+
+    define_method "test_should_crypt_with_the_#{algorithm}_algorithm_with_iv" do
+      assert_not_equal original_value, encrypted_value_with_iv
+      assert_not_equal encrypted_value_without_iv, encrypted_value_with_iv
+      assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_with_iv, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+    end
+
+    define_method "test_should_crypt_with_the_#{algorithm}_algorithm_without_iv" do
+      assert_not_equal original_value, encrypted_value_without_iv
+      assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_without_iv, :key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
+      assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+    end
+
+    define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
+      assert_equal encrypted_value_without_iv, Encryptor.encrypt(original_value, :key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
+      assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+    end
+
+    define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
+      assert_equal original_value, Encryptor.decrypt(encrypted_value_without_iv, :key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      assert_equal encrypted_value_with_iv, original_value.encrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      assert_equal encrypted_value_without_iv, original_value.encrypt(:key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      assert_equal original_value, encrypted_value_with_iv.decrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      assert_equal original_value, encrypted_value_without_iv.decrypt(:key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      original_value_dup = original_value.dup
+      original_value_dup.encrypt!(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+      assert_equal original_value.encrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm), original_value_dup
+    end
+
+    define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      original_value_dup = original_value.dup
+      original_value_dup.encrypt!(:key => key, :algorithm => algorithm)
+      assert_equal original_value.encrypt(:key => key, :algorithm => algorithm), original_value_dup
+    end
+
+    define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
+      encrypted_value_with_iv_dup.decrypt!(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+      assert_equal original_value, encrypted_value_with_iv_dup
+    end
+
+    define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      encrypted_value_without_iv_dup = encrypted_value_without_iv.dup
+      encrypted_value_without_iv_dup.decrypt!(:key => key, :algorithm => algorithm)
+      assert_equal original_value, encrypted_value_without_iv_dup
+    end
+  end
+
+  define_method 'test_should_use_the_default_algorithm_if_one_is_not_specified' do
+    assert_equal Encryptor.encrypt(:value => original_value, :key => key, :algorithm => Encryptor.default_options[:algorithm]), Encryptor.encrypt(:value => original_value, :key => key)
+  end
+
+  def test_should_have_a_default_algorithm
+    assert !Encryptor.default_options[:algorithm].nil?
+    assert !Encryptor.default_options[:algorithm].empty?
+  end
+
+  def test_should_raise_argument_error_if_key_is_not_specified
+    assert_raises(ArgumentError) { Encryptor.encrypt('some value') }
+    assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string') }
+    assert_raises(ArgumentError) { Encryptor.encrypt('some value', :key => '') }
+    assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string', :key => '') }
+  end
+
+  def test_should_yield_block_with_cipher_and_options
+    called = false
+    Encryptor.encrypt('some value', :key => 'some key') { |cipher, options| called = true }
+    assert called
+  end
+
+end

data/test/test_helper.rb

@@ -0,0 +1,6 @@
+require 'test/unit'
+require 'digest/sha2'
+
+$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$:.unshift(File.dirname(__FILE__))
+require 'encryptor'

metadata

@@ -0,0 +1,57 @@
+--- !ruby/object:Gem::Specification
+name: encryptor2
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease: 
+platform: ruby
+authors:
+- Daniel Palacio
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-12-16 00:00:00.000000000Z
+dependencies: []
+description: A simple wrapper for the standard ruby OpenSSL library to encrypt and
+  decrypt strings
+email: danpal@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- MIT-LICENSE
+- README.md
+- Rakefile
+- encryptor.gemspec
+- lib/encryptor.rb
+- lib/encryptor/string.rb
+- lib/encryptor/version.rb
+- test/encryptor_test.rb
+- test/test_helper.rb
+homepage: http://github.com/danpal/encryptor
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.6
+signing_key: 
+specification_version: 3
+summary: A simple wrapper for the standard ruby OpenSSL library
+test_files:
+- test/encryptor_test.rb
+- test/test_helper.rb