ezcrypto2 0.0.2

data/rakefile

@@ -0,0 +1,200 @@
+require 'rubygems'
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+require 'rake/packagetask'
+require 'rake/gempackagetask'
+require 'rake/contrib/rubyforgepublisher'
+
+PKG_BUILD     = ENV['PKG_BUILD'] ? '.' + ENV['PKG_BUILD'] : ''
+PKG_NAME      = 'ezcrypto'
+PKG_VERSION   = '0.7.2' + PKG_BUILD
+PKG_FILE_NAME = "#{PKG_NAME}-#{PKG_VERSION}"
+
+RELEASE_NAME  = "REL #{PKG_VERSION}"
+
+RUBY_FORGE_PROJECT = "ezcrypto"
+RUBY_FORGE_USER    = "pelleb"
+
+desc "Default Task"
+task :default => [ :test ]
+
+# Run the unit tests
+Rake::TestTask.new { |t|
+  t.libs << "test"
+  t.pattern = 'test/*_test.rb'
+  t.verbose = true
+}
+
+
+# Genereate the RDoc documentation
+Rake::RDocTask.new { |rdoc|
+  rdoc.rdoc_dir = 'doc'
+  rdoc.title    = "EzCrypto - Simplified Crypto Library"
+#  rdoc.options << '--line-numbers --inline-source --main README #--template=jamis'
+  rdoc.template = "#{ENV['template']}.rb" if ENV['template']
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('README_ACTIVE_CRYPTO')
+  rdoc.rdoc_files.include('README_DIGITAL_SIGNATURES')
+  rdoc.rdoc_files.include('CHANGELOG')
+  rdoc.rdoc_files.include('lib/*.rb')
+}
+
+
+# Create compressed packages
+spec = Gem::Specification.new do |s|
+  s.platform = Gem::Platform::RUBY
+  s.name = PKG_NAME
+  s.summary = "Simplified encryption library."
+  s.description = %q{Makes it easier and safer to write crypto code.}
+  s.version = PKG_VERSION
+
+  s.author = "Pelle Braendgaard"
+  s.email = "pelle@stakeventures.com"
+  s.rubyforge_project = "ezcrypto"
+  s.homepage = "http://ezcrypto.rubyforge.org"
+
+
+  s.has_rdoc = true
+  s.requirements << 'none'
+  s.require_path = 'lib'
+
+  s.files = [ "rakefile", "README.rdoc", "README_ACTIVE_CRYPTO", "README_DIGITAL_SIGNATURES", "MIT-LICENSE","CHANGELOG","init.rb" ]
+  ["lib","test"].each do |dir|
+  		s.files = s.files + Dir.glob( "#{dir}/*" )
+  end
+  s.extra_rdoc_files = ["CHANGELOG", "README.rdoc","README_ACTIVE_CRYPTO","README_DIGITAL_SIGNATURES"]
+  s.test_files = Dir.glob("test/*")
+end
+  
+Rake::GemPackageTask.new(spec) do |p|
+  p.gem_spec = spec
+  p.need_tar = true
+  p.need_zip = true
+end
+
+
+desc "Publish the GEM"
+task :pgem => [:package] do 
+  Rake::SshFilePublisher.new("pelleb@rubyforge.org", "/var/www/gems", "pkg", "#{PKG_FILE_NAME}.gem").upload
+end
+
+desc "Publish the API documentation"
+task :pdoc => [:rdoc] do 
+  Rake::SshDirPublisher.new("pelleb@rubyforge.org", "/var/www/gforge-projects/ezcrypto", "doc").upload
+end
+
+desc "Publish the release files to RubyForge."
+task :rubyforge_upload => :package do
+  files = %w(gem tgz zip).map { |ext| "pkg/#{PKG_FILE_NAME}.#{ext}" }
+
+  if RUBY_FORGE_PROJECT then
+    require 'net/http'
+    require 'open-uri'
+
+    project_uri = "http://rubyforge.org/projects/#{RUBY_FORGE_PROJECT}/"
+    project_data = open(project_uri) { |data| data.read }
+    group_id = project_data[/[?&]group_id=(\d+)/, 1]
+    raise "Couldn't get group id" unless group_id
+
+    # This echos password to shell which is a bit sucky
+    if ENV["RUBY_FORGE_PASSWORD"]
+      password = ENV["RUBY_FORGE_PASSWORD"]
+    else
+      print "#{RUBY_FORGE_USER}@rubyforge.org's password: "
+      password = STDIN.gets.chomp
+    end
+
+    login_response = Net::HTTP.start("rubyforge.org", 80) do |http|
+      data = [
+        "login=1",
+        "form_loginname=#{RUBY_FORGE_USER}",
+        "form_pw=#{password}"
+      ].join("&")
+      http.post("/account/login.php", data)
+    end
+
+    cookie = login_response["set-cookie"]
+    raise "Login failed" unless cookie
+    headers = { "Cookie" => cookie }
+
+    release_uri = "http://rubyforge.org/frs/admin/?group_id=#{group_id}"
+    release_data = open(release_uri, headers) { |data| data.read }
+    package_id = release_data[/[?&]package_id=(\d+)/, 1]
+    raise "Couldn't get package id" unless package_id
+
+    first_file = true
+    release_id = ""
+
+    files.each do |filename|
+      basename  = File.basename(filename)
+      file_ext  = File.extname(filename)
+      file_data = File.open(filename, "rb") { |file| file.read }
+
+      puts "Releasing #{basename}..."
+
+      release_response = Net::HTTP.start("rubyforge.org", 80) do |http|
+        release_date = Time.now.strftime("%Y-%m-%d %H:%M")
+        type_map = {
+          ".zip"    => "3000",
+          ".tgz"    => "3110",
+          ".gz"     => "3110",
+          ".gem"    => "1400"
+        }; type_map.default = "9999"
+        type = type_map[file_ext]
+        boundary = "rubyqMY6QN9bp6e4kS21H4y0zxcvoor"
+
+        query_hash = if first_file then
+          {
+            "group_id" => group_id,
+            "package_id" => package_id,
+            "release_name" => PKG_FILE_NAME,
+            "release_date" => release_date,
+            "type_id" => type,
+            "processor_id" => "8000", # Any
+            "release_notes" => "",
+            "release_changes" => "",
+            "preformatted" => "1",
+            "submit" => "1"
+          }
+        else
+          {
+            "group_id" => group_id,
+            "release_id" => release_id,
+            "package_id" => package_id,
+            "step2" => "1",
+            "type_id" => type,
+            "processor_id" => "8000", # Any
+            "submit" => "Add This File"
+          }
+        end
+
+        query = "?" + query_hash.map do |(name, value)|
+          [name, URI.encode(value)].join("=")
+        end.join("&")
+
+        data = [
+          "--" + boundary,
+          "Content-Disposition: form-data; name=\"userfile\"; filename=\"#{basename}\"",
+          "Content-Type: application/octet-stream",
+          "Content-Transfer-Encoding: binary",
+          "", file_data, ""
+          ].join("\x0D\x0A")
+
+        release_headers = headers.merge(
+          "Content-Type" => "multipart/form-data; boundary=#{boundary}"
+        )
+
+        target = first_file ? "/frs/admin/qrs.php" : "/frs/admin/editrelease.php"
+        http.post(target + query, data, release_headers)
+      end
+
+      if first_file then
+        release_id = release_response.body[/release_id=(\d+)/, 1]
+        raise("Couldn't get release id") unless release_id
+      end
+
+      first_file = false
+    end
+  end
+end

data/test/active_crypto_test.rb

@@ -0,0 +1,211 @@
+$:.unshift(File.dirname(__FILE__) + "/../lib/")
+require File.join(File.dirname(__FILE__), 'test_helper')
+require 'test/unit'
+require 'active_crypto'
+
+
+class User < ActiveRecord::Base
+	has_many :secrets
+	has_many :groups
+	keyholder
+end
+
+class Secret < ActiveRecord::Base
+	encrypt :name,:email, :key=>:user, :base64=>true
+	belongs_to :user
+	has_many :children
+end
+
+class Child < ActiveRecord::Base
+	encrypt :email, :key=>:secret, :base64=>true
+	belongs_to :secret
+end
+
+class Asset<ActiveRecord::Base
+  encrypt :title, :base64=>true
+  has_many :caps,:dependent=>:destroy
+  
+  def self.create(title,email)
+    asset=Asset.new
+    asset.set_session_key(EzCrypto::Key.generate)
+    asset.title=title
+    if asset.save
+      asset.share(email)
+    else
+      nil
+    end
+  end
+
+  def share(email=nil)
+    Cap.create_for_asset(self,email)
+  end
+  
+end
+
+class AssetRaw<ActiveRecord::Base
+  set_table_name "assets"
+end
+
+class Cap < ActiveRecord::Base
+  belongs_to :asset
+  encrypt :shared_key, :base64=>true
+  
+  def self.find_by_key(cap_key)
+    cap_key.chop
+    hash=Digest::SHA1.hexdigest(cap_key)
+    if (cap_key.length>=20) # Sanity check
+      cap=self.find_by_key_hash(hash)
+      if cap
+        cap.set_encoded_key(cap_key)
+        cap.asset.set_encoded_key(cap.shared_key)
+        cap
+      end
+    else
+      nil
+    end
+  end
+  
+  def self.create_for_asset(asset,email=nil)
+    cap=Cap.new
+    cap.email=email if email
+    cap.asset=asset
+    if cap.save
+      cap.set_session_key(EzCrypto::Key.generate)
+      cap_key=cap.session_key.encode
+      cap.key_hash=Digest::SHA1.hexdigest(cap_key)
+      cap.shared_key=asset.session_key.encode
+      cap.save
+      cap_key
+    else
+      nil
+    end
+  end
+  
+end
+
+class Group < ActiveRecord::Base
+	belongs_to :user
+	has_many :group_secrets
+	
+	encrypt :name,:group_key, :key=>:user	, :base64=>true
+end
+
+class GroupSecret < ActiveRecord::Base
+	belongs_to :group
+	
+	encrypt :title,:body, :key=>:group, :base64=>true
+	
+end
+
+class ActiveCryptoTest < Test::Unit::TestCase
+ 
+  def setup
+  end
+    
+  def test_key_holder_in_record
+    user=User.new
+    user.name="bob"
+    user.save
+  	assert user.kind_of?(ActiveCrypto::KeyHolder)
+  	assert user.kind_of?(ActiveRecord::Base)
+  	assert user.kind_of?(User)
+    assert_nil user.session_key
+  	user.enter_password "shhcccc"
+  	assert_not_nil user.session_key
+  	assert_not_nil user.session_key.encrypt("test")    
+  end
+  
+  def test_encrypted_child
+    user=User.new
+    user.save
+    assert_nil user.session_key
+  	user.enter_password "shhcccc"
+  	assert_not_nil user.session_key
+  	assert user.kind_of?(ActiveCrypto::KeyHolder)
+  	assert user.kind_of?(ActiveRecord::Base)
+  	assert user.kind_of?(User)
+  	
+  	jill=user.secrets.create
+  	
+  	assert_not_nil jill
+  	assert jill.kind_of?(ActiveCrypto::AssociationKeyHolder)
+  	assert jill.kind_of?(ActiveCrypto::KeyHolder)
+  	assert jill.kind_of?(ActiveCrypto::Encrypted)
+  	assert jill.kind_of?(ActiveRecord::Base)
+  	assert jill.kind_of?(Secret)
+  	
+  	assert jill.respond_to?(:session_key)
+  	
+    assert_not_nil jill.user
+    assert_not_nil jill.user.session_key
+  	
+  	
+    assert_not_nil jill.session_key
+    assert_equal user.session_key,jill.session_key
+
+    jill.name="jill"
+    jill.save
+
+
+    assert_equal "jill",jill.name
+    
+    jill=user.secrets.first
+    assert_not_nil jill.session_key
+    assert_equal user.session_key,jill.session_key
+    assert_equal "jill",jill.name
+    
+    child=jill.children.create
+    child.email="pelle@neubia.com"
+    child.save
+
+    assert_not_nil child.secret
+    assert_not_nil child.secret.session_key
+
+
+    assert_not_nil child.session_key
+    assert_equal user.session_key,child.session_key
+
+    assert_equal "pelle@neubia.com",child.email
+
+    child=jill.children.first
+
+    assert_not_nil child.secret
+    assert_not_nil child.secret.session_key
+
+
+    assert_not_nil child.session_key
+    assert_equal user.session_key,child.session_key
+
+    assert_equal "pelle@neubia.com",child.email
+
+  end
+
+  def test_caps
+    key=Asset.create("title","pelle@neubia.com")
+    assert_not_nil key
+    cap=Cap.find_by_key key
+    assert_not_nil cap
+    assert_not_nil cap.asset
+    
+    assert_equal "title",cap.asset.title
+    assert_equal "title",cap.asset["title"]
+    assert_equal "pelle@neubia.com",cap.email
+    assert_equal "pelle@neubia.com",cap["email"]
+    
+    # Non decrypting version
+    raw=AssetRaw.find cap.asset.id
+    assert_not_equal "title",raw.title
+    assert_not_equal "title",raw["title"]
+    
+    bob_key=cap.asset.share("bob@bob.com")
+    bob_cap=Cap.find_by_key bob_key
+    
+    assert_not_equal key,bob_key
+    assert_not_nil bob_cap
+    assert_not_nil bob_cap.asset
+    assert_equal "title",bob_cap.asset.title
+    assert_equal "bob@bob.com",bob_cap.email
+  end
+end
+
+

data/test/agree2.com.cert

@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFIzCCBAugAwIBAgIEdjTPCDANBgkqhkiG9w0BAQUFADCB3DELMAkGA1UEBhMC
+VVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNV
+BAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOTA3BgNVBAsTMGh0dHA6
+Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeTExMC8G
+A1UEAxMoU3RhcmZpZWxkIFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTER
+MA8GA1UEBRMIMTA2ODg0MzUwHhcNMDkwMzEwMTUyMzQ1WhcNMTAwMzExMjAzNzE0
+WjB6MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN
+U2FuIEZyYW5jaXNjbzEYMBYGA1UEChMPRXh0cmEgRWFnbGUgTExDMQ8wDQYDVQQL
+EwZBZ3JlZTIxEzARBgNVBAMTCmFncmVlMi5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBAPNfoI6m+NIm69qkuOgOwlRI64W6SmJ+xlxz/fduK/0XtqRlANL9
+aENxkAEvJz6tpsinNOAry96ucajZP9WUMWfy+wmXkTWLQN1jVPZUJs2mBBw6ajgm
+8xLgPWn3czRve0Q34poWGLFb+CZdcZScbnHcn6Dkt8SwMsFFBhLB0FM/AgMBAAGj
+ggHQMIIBzDAPBgNVHRMBAf8EBTADAQEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwOAYDVR0fBDEwLzAtoCugKYYnaHR0cDov
+L2NybC5zdGFyZmllbGR0ZWNoLmNvbS9zZnMyLTAuY3JsMFkGA1UdIARSMFAwTgYL
+YIZIAYb9bgEHFwIwPzA9BggrBgEFBQcCARYxaHR0cDovL2NlcnRpZmljYXRlcy5z
+dGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5LzCBjQYIKwYBBQUHAQEEgYAwfjAq
+BggrBgEFBQcwAYYeaHR0cDovL29jc3Auc3RhcmZpZWxkdGVjaC5jb20vMFAGCCsG
+AQUFBzAChkRodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3Jl
+cG9zaXRvcnkvc2ZfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBRJS1In0Ru8
+8qEhamJ7UUJ6itfVVjAlBgNVHREEHjAcggphZ3JlZTIuY29tgg53d3cuYWdyZWUy
+LmNvbTAdBgNVHQ4EFgQU8U68CbJHeGRhPSl2LRtx9IaocA4wDQYJKoZIhvcNAQEF
+BQADggEBACFngInbvv6YmtiwHFWZswcY7eoqMpUggXC2jmX9ZT+w9CcdgVlygow6
+jeR2HY7FPSKkm0YaDEAYYIoYeFHwaG6E4B6ykGvw5OQ4FESsQT/lxVlbeF0J1ERh
+YEpvwrVrVK/ppRd5En2hvl6kKvRyqjTcHKT/MKZ2xQXUZ6JEVKIME3HLS+IHR/Sc
+uo1aH3dXS73lFmWLH4P12KIfqnzQ938FDynW875bvKgl4HAzJj66wnMOoL5INOuK
+d+r9xUBD/uWXJPaXLzC8vuORHInLWNE4M2cpNeVNsU8siX4c9mC/Hj+Ss1nYBW0D
+4b8GcJ+tY+2Y+ODBKJn/s0qhB6TXoKM=
+-----END CERTIFICATE-----
+

data/test/association_key_holder_test.rb

@@ -0,0 +1,38 @@
+require 'key_holder_test'
+
+class User < ActiveRecord::Base
+  keyholder
+end
+
+class AssociationKeyHolderTest < KeyHolderTest
+  def setup
+    @key_holder=User.create
+  end
+  
+  def test_should_retain_session_key_on_reload
+    key=EzCrypto::Key.generate
+    key_holder.set_session_key key
+    assert_not_nil key_holder.session_key
+    assert_equal key.raw,key_holder.session_key.raw
+    
+    reloaded=User.find key_holder.id
+    assert_not_nil reloaded.session_key
+    assert_equal key.raw,reloaded.session_key.raw    
+  end
+  
+  def test_should_retain_session_key_on_reload_for_record_with_key_set_before_create
+    key=EzCrypto::Key.generate
+    key_holder=User.new
+    assert_nil key_holder.session_key
+    
+    key_holder.set_session_key key
+    assert_not_nil key_holder.session_key
+    
+    assert_equal key.raw,key_holder.session_key.raw
+    key_holder.save
+    
+    reloaded=User.find key_holder.id
+    assert_not_nil reloaded.session_key
+    assert_equal key.raw,reloaded.session_key.raw    
+  end
+end