ezcrypto 0.1.1 → 0.2

data/CHANGELOG

@@ -0,0 +1,10 @@
+0.2 October 30th, 2005 Ruby on Rails integration
+
+As promised I have now included my first version of ActiveCrypto the crypto layer for ActiveRecord and Ruby on Rails.
+
+0.1.1 August 27, 2005 Minor fixes
+
+Thanks to Jason Vasquez mugatu at mugfu dot com for noticing that Key#to_s
+called the nonexistent encoded method. 
+
+I also made a few slight changes to the documentation.

data/README

@@ -113,7 +113,7 @@ A salt is just a piece of data we hash in with the password to create the key. I
 
 == License
 
-Action Web Service is released under the MIT license.
+EzCrypto and ActionCrypto is released under the MIT license.
 
 
 == Support

data/README_ACTIVE_CRYPTO

@@ -0,0 +1,110 @@
+= ActiveCrypto - Easy to use Crypto for Ruby on Rails
+
+ActiveCrypto is based on EzCrypto and provides application oriented crypto support for Ruby on Rails applications.
+
+== Features
+
+* Transparent encryption/decryption
+* Ruby on Rails like domain language
+
+== Simple examples
+
+==== A simple encrypted class
+
+You specify in your class which fields are encrypted:
+
+	class Document < ActiveRecord::Base
+		encrypt :title,:body
+	end
+
+Two encrypt it you need to enter a key. For ease of use there is a method called enter_password which sets the key based on a password of your choice.
+
+	doc=Document.new
+	doc.enter_password "This stuff is secret man!!!"
+	doc.title="Plan to take over the world"
+	doc.body="Write apps in Rails"
+	doc.save
+	
+This needs to be done as well if you want to read your document:
+
+	doc=Document.find 1
+	doc.enter_password "This stuff is secret man!!!"
+	puts doc.name
+	
+If you don't remember to set a key it will through a MissingKeyError.
+
+==== More realistic example with KeyHolder
+
+It probably isn't much use if each record needs its own key. The solution to this is the KeyHolder. A KeyHolder is an object that holds keys for use by other objects. A typical example would be a user.
+
+	class User < ActiveRecord::Base
+		has_many :documents
+		keyholder
+	end
+
+We use standard ActiveRecord associations to associate the User with his documents. We also need to specify that he is a keyholder. We now modify our Document class as follows:
+
+	class Document < ActiveRecord::Base
+		belongs_to :user
+		encrypt :title,:body,:key=>:user
+	end
+
+We have the standard associations going on here, but we have also added the option :key=>:user to the encrypt statement. Now we could do this:
+
+	@user=User.new
+	@user.enter_password "This stuff is secret man!!!"
+	@user.save
+	 
+	@doc=Document.new
+	@doc.user=@user 
+	@doc.title="Plan to take over the world"
+	@doc.body="Write apps in Rails"
+	@doc.save
+	
+You could also do ordinary rails like stuf such as:
+
+	@user.documents.each do |doc|
+		puts doc.name
+	end
+
+Decryption is done transparently.
+
+When doing this within a rails application, active_crypto automatically maintains a list of keys for each user session. Besides the 2 steps below you don't need to do anything special within your controller.
+
+1. When a user logs on with a password enter his password like this:
+
+	@user.enter_password @params['password']
+
+2. When a user logs off call the following
+
+	clear_session_keys
+	
+== Usage as a Rails plugin
+
+Just unpack it into your $MY_RAILS_PROJECTS/vendor/plugins folder to use it as a self contained plugin. Otherwise you can install it as a gem using:
+
+	$ gem install ezcrypto
+
+Then make sure to require "active_crypto.rb" at the end of your environment.rb file.
+
+== Database Schema issues
+
+ActiveCrypto doesn't really care about the schema, but that said you do need a schema that will accept and not mangle it's output. On MySQL I normally use TINYBLOB instead of VARCHAR and BLOB instead of TEXT.
+
+== License
+
+EzCrypto and ActionCrypto is released under the MIT license.
+
+
+== Support
+
+To contact the author, send mail to pelleb@gmail.com
+
+Also see my blogs at:
+http://stakeventures.com and
+http://neubia.com
+
+This project was based on code used in my project StakeItOut, where you can securely share web services with your partners.
+https://stakeitout.com
+
+(C) 2005 Pelle Braendgaard

data/lib/CVS/Entries

@@ -1 +1,3 @@
+/active_crypto.rb/1.3/Sun Oct 30 22:41:10 2005//
+/ezcrypto.rb/1.4/Sun Oct 30 22:24:34 2005//
 D

data/lib/active_crypto.rb

@@ -0,0 +1,254 @@
+require "ezCrypto"
+module ActiveRecord # :nodoc:
+  module Crypto  #:nodoc:
+    
+    def self.append_features(base)  #:nodoc:
+      super
+      base.extend(ClassMethods)
+    end
+    
+=begin rdoc
+
+Usage is very simple. You will generally only need the two class methods listed here in your ActiveRecord class model.
+
+== License
+
+ActiveCrypto and EzCrypto are released under the MIT license.
+
+
+== Support
+
+To contact the author, send mail to pelleb@gmail.com
+
+Also see my blogs at:
+http://stakeventures.com and
+http://neubia.com
+
+This project was based on code used in my project StakeItOut, where you can securely share web services with your partners.
+https://stakeitout.com
+
+(C) 2005 Pelle Braendgaard
+
+=end
+    module ClassMethods
+      @@session_keys={}
+
+=begin rdoc
+Turn encryption on for this record. List all encrypted attributes
+
+  class Document < ActiveRecord::Base
+		encrypt :title,:body
+	end
+	
+Include optional option :key, to specify an external KeyHolder, which holds the key used for encrypting and decrypting:
+
+  class Document < ActiveRecord::Base
+  	belongs_to :user
+  	encrypt :title,:body,:key=>:user
+  end
+	
+=end
+      def encrypt(*attributes)        
+        	include ActiveRecord::Crypto::Encrypted
+        	alias_method :orig_write_attribute, :write_attribute
+        	alias_method :write_attribute,:write_encrypted_attribute
+          options=attributes.last.is_a?(Hash) ? attributes.pop : {}
+          if options and options[:key]
+    				module_eval <<-"end;"				 
+    					def session_key
+    						(send :#{options[:key]} ).send :session_key
+    					end	 
+    				end;
+                
+          end
+  			self.encrypted_attributes=attributes
+  			for enc in attributes
+            
+  				module_eval <<-"end;"
+  					def #{enc.to_s}
+  						_decrypt(read_attribute("#{enc.to_s}"))
+  					end	 
+  				end;
+			  end
+      end   
+		
+=begin rdoc
+Creates support in this class for holding a key. Adds the following methods:
+
+* enter_password(password,salt="onetwothree")
+* set_session_key(key)
+* session_key
+
+Use it as follows:
+
+  class User < ActiveRecord::Base
+  	has_many :documents
+  	keyholder
+  end
+
+=end        
+      def keyholder()
+      	include ActiveRecord::Crypto::KeyHolder          
+      end
+
+=begin rdoc
+Clears the session_key array. Generally this is handled automatically as a filter in ActionController. Only use these if you need to
+do something out of the ordinary.
+=end
+      def clear_session_keys() #:nodoc:
+        @@session_keys.clear
+      end 
+      
+=begin rdoc
+Sets the session_keys array. Only use these if you need to
+do something out of the ordinary, as it is handled
+=end
+      def session_keys=(keys) #:nodoc:
+        @@session_keys=keys
+      end
+      
+      def session_keys() #:nodoc:
+        @@session_keys
+      end
+    end
+
+=begin rdoc
+This module handles all standard key management features.
+=end
+    module KeyHolder   
+
+=begin rdoc
+Creates a key for object based on given password and an optional salt.
+=end
+      def enter_password(password,salt="onetwothree")
+        set_session_key(EzCrypto::Key.with_password password, salt)
+      end
+
+=begin rdoc
+Sets a session key for the object. This should be a EzCrypto::Key instance.
+=end
+      def set_session_key(key)    
+        Base.session_keys[session_key_id]=key
+      end      
+
+=begin rdoc
+Returns the session_key
+=end
+      def session_key
+        Base.session_keys[session_key_id]
+      end
+      
+      private
+      
+      def session_key_id
+          "#{self.class.to_s}:#{id}"
+      end      
+    end
+
+    module Encrypted    #:nodoc:
+      include ActiveRecord::Crypto::KeyHolder
+      def self.append_features(base)  #:nodoc:
+        super
+				base.module_eval <<-"end;"				 
+         @@encrypted_attributes=[]
+          def encrypted_attributes
+            @@encrypted_attributes
+          end
+          
+          def #{base.to_s}.encrypted_attributes=(attrs)
+            @@encrypted_attributes=attrs
+          end
+        end;
+      end
+
+      def write_encrypted_attribute(name,value)
+        if encrypted_attributes.include?(name.to_sym)
+            orig_write_attribute(name,_encrypt(value))
+        else
+   		    orig_write_attribute(name,value)
+  	    end
+      end
+    end
+    
+    private
+    
+    def _decrypt(data)
+      if session_key.nil?
+        raise MissingKeyError
+      else
+        session_key.decrypt(data)
+      end
+    end
+    
+    def _encrypt(data)
+      if session_key.nil?
+        raise MissingKeyError
+      else 
+        session_key.encrypt(data)
+      end
+    end
+               
+  end
+  
+  class Base # :nodoc:
+    include ActiveRecord::Crypto
+  end
+end
+
+module ActionController # :nodoc:
+=begin rdoc
+This includes some basic support in the ActionController for handling session keys. It creates two filters one before the action and one after.
+These do the following:
+  
+If the users session already has a 'session_keys' value it loads it into the ActiveRecord::Base.session_keys class field. If not it 
+clears any existing session_keys.
+
+Leaving the action it stores any session_keys in the corresponding session variable.
+
+These filters are automatically enabled. You do not have to do anything.
+  
+To manually clear the session keys call clear_session_keys. This should be done for example as part of a session log off action.
+=end  
+  module CryptoSupport 
+    
+    def self.append_features(base) #:nodoc:
+      super
+      base.send :prepend_before_filter, :load_session_keys
+      base.send :prepend_after_filter, :save_session_keys      
+    end
+
+=begin rdoc
+Clears the session keys. Call this when a user logs of.
+=end
+    def clear_session_keys
+      ActiveRecord::Base.clear_session_keys
+    end
+    
+    
+    private
+    def load_session_keys
+      if @session['session_keys']
+        ActiveRecord::Base.session_keys=@session['session_keys']
+      else
+        ActiveRecord::Base.clear_session_keys
+      end
+    end
+
+    def save_session_keys
+      if ActiveRecord::Base.session_keys.size>0
+        @session['session_keys']=ActiveRecord::Base.session_keys
+      else
+        @session['session_keys']=nil
+      end
+    end
+    
+  end
+
+  class Base # :nodoc:
+    include CryptoSupport
+  end
+
+end
+
+class MissingKeyError < RuntimeError
+end 

data/lib/ezcrypto.rb

@@ -3,7 +3,7 @@ require 'digest/sha2'
 require 'digest/sha1'
 require 'base64'
 
-module EzCrypto
+module EzCrypto #:nodoc:
 
 
 =begin rdoc
@@ -22,7 +22,7 @@ Eg.
 
 == License
 
-Action Web Service is released under the MIT license.
+ActiveCrypto and EzCrypto are released under the MIT license.
 
 
 == Support
@@ -195,7 +195,7 @@ You probably should be using the Key class instead.
 Warning! The interface may change.
 
 =end
-  class CipherWrapper
+  class CipherWrapper #:nodoc:
 
 =begin rdoc
   
@@ -262,7 +262,7 @@ You probably should be using Key instead.
 Warning! The interface may change.
 
 =end
-  class Encrypter<EzCrypto::CipherWrapper
+  class Encrypter<EzCrypto::CipherWrapper #:nodoc:
 
 =begin rdoc
   
@@ -286,7 +286,7 @@ You probably should be using Key instead.
 
 Warning! The interface may change.
 =end
-  class Decrypter<EzCrypto::CipherWrapper
+  class Decrypter<EzCrypto::CipherWrapper #:nodoc:
 =begin rdoc
   
 =end

data/rakefile

@@ -8,7 +8,7 @@ require 'rake/contrib/rubyforgepublisher'
 
 PKG_BUILD     = ENV['PKG_BUILD'] ? '.' + ENV['PKG_BUILD'] : ''
 PKG_NAME      = 'ezcrypto'
-PKG_VERSION   = '0.1.1' + PKG_BUILD
+PKG_VERSION   = '0.2' + PKG_BUILD
 PKG_FILE_NAME = "#{PKG_NAME}-#{PKG_VERSION}"
 
 RELEASE_NAME  = "REL #{PKG_VERSION}"
@@ -34,7 +34,10 @@ Rake::RDocTask.new { |rdoc|
   rdoc.options << '--line-numbers --inline-source --main README'
   rdoc.template = "#{ENV['template']}.rb" if ENV['template']
   rdoc.rdoc_files.include('README')
+  rdoc.rdoc_files.include('README_ACTIVE_CRYPTO')
+  rdoc.rdoc_files.include('CHANGELOG')
   rdoc.rdoc_files.include('lib/ezcrypto.rb')
+  rdoc.rdoc_files.include('lib/active_crypto.rb')
 #  rdoc.rdoc_files.include('lib/ezcrypto/*.rb')
 }
 
@@ -57,7 +60,7 @@ spec = Gem::Specification.new do |s|
   s.requirements << 'none'
   s.require_path = 'lib'
 
-  s.files = [ "rakefile", "README", "MIT-LICENSE" ]
+  s.files = [ "rakefile", "README", "README_ACTIVE_CRYPTO", "MIT-LICENSE","CHANGELOG" ]
   s.files = s.files + Dir.glob( "lib/**/*" ).delete_if { |item| item.include?( "\.svn" ) }
   s.files = s.files + Dir.glob( "test/**/*" ).delete_if { |item| item.include?( "\.svn" ) }
 end

data/test/CVS/Entries

@@ -1 +1,2 @@
+/ezcrypto_test.rb/1.1.1.1/Wed Jul 20 18:40:51 2005//
 D

metadata

@@ -3,8 +3,8 @@ rubygems_version: 0.8.10
 specification_version: 1
 name: ezcrypto
 version: !ruby/object:Gem::Version 
-  version: 0.1.1
-date: 2005-08-27
+  version: "0.2"
+date: 2005-10-30
 summary: Simplified encryption library.
 require_paths: 
   - lib
@@ -29,7 +29,10 @@ authors:
 files: 
   - rakefile
   - README
+  - README_ACTIVE_CRYPTO
   - MIT-LICENSE
+  - CHANGELOG
+  - lib/active_crypto.rb
   - lib/CVS
   - lib/ezcrypto.rb
   - lib/CVS/Entries
@@ -37,7 +40,6 @@ files:
   - lib/CVS/Root
   - test/CVS
   - test/ezcrypto_test.rb
-  - test/fixtures
   - test/CVS/Entries
   - test/CVS/Repository
   - test/CVS/Root