pluginaweek-encrypted_strings 0.3.2

data/CHANGELOG.rdoc

@@ -0,0 +1,59 @@
+== master
+
+== 0.3.2 / 2009-01-11
+
+* Use Array#pack/String#unpack instead of Base64 to be compatible with Ruby 1.9+
+
+== 0.3.1 / 2008-12-4
+
+* Fix symmetric ciphers not working on Ruby 1.8.6 and below
+
+== 0.3.0 / 2008-12-14
+
+* Remove the PluginAWeek namespace
+
+== 0.2.1 / 2008-12-04
+
+* Fix class-level defaults not working when inherited
+
+== 0.2.0 / 2008-12-01
+
+* Remove AsymmetricEncryptor.default_algorithm, instead relying on SymmetricEncryptor.default_algorithm
+* Rename NoKeyError to NoPasswordError
+* Rename Encryptors to Ciphers
+* Remove deprecated SymmetricEncryptor#key option
+* Require that symmetric encryption be PKCS #5 compliant
+
+== 0.1.1 / 2008-12-01
+
+* Fix non-compliant PKCS #5 algorithm being used for symmetric encryption. Use :pkcs5_compliant => true for better security.
+* Rename SymmetricEncryptor#key to #password
+* Fix deprecation messages for Cipher#encrypt/decrypt
+
+== 0.1.0 / 2008-07-06
+
+* Remove dependency on active_support
+
+== 0.0.5 / 2008-07-05
+
+* Add automatic stringification of salts for SHA encryption
+* Fix not resetting the encryptor after calling decrypt!
+
+== 0.0.4 / 2008-05-05
+
+* Updated documentation
+
+== 0.0.3 / 2007-09-18
+
+* Remove gem dependency on activesupport
+
+== 0.0.2 / 2007-08-23
+
+* Fix not allowing the decryption mode to be overriden if the string already has an encryptor
+* Convert dos newlines to unix newlines
+
+== 0.0.1 / 2007-08-05
+
+* Official public release
+* Add api documentation
+* Refactor unit test names

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2005 Rick Olson, 2006-2009 Aaron Pfeifer
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,88 @@
+= encrypted_strings
+
++encrypted_strings+ provides dead-simple string encryption/decryption syntax.
+
+== Resources
+
+API
+
+* http://api.pluginaweek.org/encrypted_strings
+
+Bugs
+
+* http://pluginaweek.lighthouseapp.com/projects/13270-encrypted_strings
+
+Development
+
+* http://github.com/pluginaweek/encrypted_strings
+
+Source
+
+* git://github.com/pluginaweek/encrypted_strings.git
+
+== Description
+
+Encrypting and decrypting data is not exactly the most straightforward and DRY
+way.  encrypted_strings improves the syntax and reduces the complexity, adding
+straightforward support for encrypting values using SHA-1, Symmetric, and
+Asymmetric ciphers.
+
+== Usage
+
+=== SHA Encryption
+
+  >> password = 'shhhh'
+  => "shhhh"
+  >> encrypted_password = password.encrypt
+  => "66c85d26dadde7e1db27e15a0776c921e27143bd"
+  >> encrypted_password.class
+  => String
+  >> encrypted_password.cipher
+  => #<EncryptedStrings::ShaCipher:0x2b9238889460 @salt="salt">
+  >> encrypted_password == 'shhhh'
+  => true
+  >> encrypted_password.decrypt
+  NotImplementedError: Decryption is not supported using a(n) EncryptedStrings::ShaCipher
+          from ./script/../config/../config/../vendor/plugins/encrypted_strings/lib/encrypted_strings/cipher.rb:13:in `decrypt'
+          from ./script/../config/../config/../vendor/plugins/encrypted_strings/lib/encrypted_strings/extensions/string.rb:52:in `decrypt'
+          from (irb):40
+
+When encrypt is called, it creates a +cipher+ instance which is used for
+future encryption and decryption of the string.  The default cipher uses
+SHA-1 encryption.  For ciphers that do not support decryption, equality with
+other strings is tested by encrypting the other string and checking whether the
+resulting encrypted value is the same.
+
+=== Symmetric Encryption
+
+  >> password = 'shhhh'
+  => "shhhh"
+  >> crypted_password = password.encrypt(:symmetric, :password => 'secret_key')
+  => "qSg8vOo6QfU=\n"
+  >> crypted_password.class
+  => String
+  >> crypted_password == 'shhhh'
+  => true
+  >> password = crypted_password.decrypt
+  => "shhhh"
+
+=== Asymmetric encryption
+
+  >> password = 'shhhh'
+  => "shhhh"
+  >> crypted_password = password.encrypt(:asymmetric, :public_key_file => './public.key', :private_key_file => './private.key')
+  => "NEwVzcikYUKfS8HTc9L9eg/dMxBCLZ/nFr7J1aQYjkl3I2MPUD0lmjr/saC6\nTJEPwOl60Ki24H8TUwnGtZy14A==\n"
+  >> crypted_password.class
+  => String
+  >> crypted_password == 'shhhh'
+  => true
+  >> password = crypted_password.decrypt
+  => "shhhh"
+
+== Dependencies
+
+None.
+
+== References
+
+* Rick Olson - sentry[http://github.com/technoweenie/sentry]

data/Rakefile

@@ -0,0 +1,96 @@
+require 'rake/testtask'
+require 'rake/rdoctask'
+require 'rake/gempackagetask'
+require 'rake/contrib/sshpublisher'
+
+spec = Gem::Specification.new do |s|
+  s.name              = 'encrypted_strings'
+  s.version           = '0.3.2'
+  s.platform          = Gem::Platform::RUBY
+  s.summary           = 'Dead-simple string encryption/decryption syntax'
+  s.description       = s.summary
+  
+  s.files             = FileList['{lib,test}/**/*'] + %w(CHANGELOG.rdoc init.rb LICENSE Rakefile README.rdoc)
+  s.require_path      = 'lib'
+  s.has_rdoc          = true
+  s.test_files        = Dir['test/**/*_test.rb']
+  
+  s.author            = 'Aaron Pfeifer'
+  s.email             = 'aaron@pluginaweek.org'
+  s.homepage          = 'http://www.pluginaweek.org'
+  s.rubyforge_project = 'pluginaweek'
+end
+  
+desc 'Default: run all tests.'
+task :default => :test
+
+desc "Test the #{spec.name} plugin."
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.test_files = spec.test_files
+  t.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  namespace :test do
+    desc "Test the #{spec.name} plugin with Rcov."
+    Rcov::RcovTask.new(:rcov) do |t|
+      t.libs << 'lib'
+      t.test_files = spec.test_files
+      t.rcov_opts << '--exclude="^(?!lib/)"'
+      t.verbose = true
+    end
+  end
+rescue LoadError
+end
+
+desc "Generate documentation for the #{spec.name} plugin."
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = spec.name
+  rdoc.template = '../rdoc_template.rb'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc', 'CHANGELOG.rdoc', 'LICENSE', 'lib/**/*.rb')
+end
+
+desc 'Generate a gemspec file.'
+task :gemspec do
+  File.open("#{spec.name}.gemspec", 'w') do |f|
+    f.write spec.to_ruby
+  end
+end
+
+Rake::GemPackageTask.new(spec) do |p|
+  p.gem_spec = spec
+  p.need_tar = true
+  p.need_zip = true
+end
+
+desc 'Publish the beta gem.'
+task :pgem => [:package] do
+  Rake::SshFilePublisher.new('aaron@pluginaweek.org', '/home/aaron/gems.pluginaweek.org/public/gems', 'pkg', "#{spec.name}-#{spec.version}.gem").upload
+end
+
+desc 'Publish the API documentation.'
+task :pdoc => [:rdoc] do
+  Rake::SshDirPublisher.new('aaron@pluginaweek.org', "/home/aaron/api.pluginaweek.org/public/#{spec.name}", 'rdoc').upload
+end
+
+desc 'Publish the API docs and gem'
+task :publish => [:pgem, :pdoc, :release]
+
+desc 'Publish the release files to RubyForge.'
+task :release => [:gem, :package] do
+  require 'rubyforge'
+  
+  ruby_forge = RubyForge.new.configure
+  ruby_forge.login
+  
+  %w(gem tgz zip).each do |ext|
+    file = "pkg/#{spec.name}-#{spec.version}.#{ext}"
+    puts "Releasing #{File.basename(file)}..."
+    
+    ruby_forge.add_release(spec.rubyforge_project, spec.name, spec.version, file)
+  end
+end

data/init.rb

@@ -0,0 +1 @@
+require 'encrypted_strings'

data/lib/encrypted_strings.rb

@@ -0,0 +1,7 @@
+require 'openssl'
+
+require 'encrypted_strings/extensions/string'
+require 'encrypted_strings/cipher'
+require 'encrypted_strings/symmetric_cipher'
+require 'encrypted_strings/asymmetric_cipher'
+require 'encrypted_strings/sha_cipher'

data/lib/encrypted_strings/asymmetric_cipher.rb

@@ -0,0 +1,185 @@
+module EncryptedStrings
+  # Indicates no public key was found
+  class NoPublicKeyError < StandardError
+  end
+  
+  # Indicates no private key was found
+  class NoPrivateKeyError < StandardError
+  end
+  
+  # Encryption in which the keys used to encrypt/decrypt come in pairs.  Also
+  # known as public key encryption.  Anything that's encrypted using the
+  # public key can only be decrypted with the same algorithm and a matching
+  # private key.  Any message that is encrypted with the private key can only
+  # be decrypted with the matching public key.
+  # 
+  # Source: http://support.microsoft.com/kb/246071
+  # 
+  # == Encrypting 
+  # 
+  # To encrypt a string using an asymmetric cipher, the location of the
+  # public key file must be specified.  You can define the default for this
+  # value like so:
+  # 
+  #   EncryptedStrings::AsymmetricCipher.default_public_key_file = './public.key'
+  # 
+  # If these configuration options are not passed in to #encrypt, then the
+  # default values will be used.  You can override the default values like so:
+  # 
+  #   password = 'shhhh'
+  #   password.encrypt(:asymmetric, :public_key_file => './encrypted_public.key')  # => "INy95irZ8AlHmvc6ZAF/ARsTpbqPIB/4bEAKKOebjsayB7NYWtIzpswvzxqf\nNJ5yyuvxfMODrcg7RimEMFkFlg==\n"
+  # 
+  # An exception will be raised if either the public key file could not be
+  # found or the key could not decrypt the public key file.
+  # 
+  # == Decrypting
+  # 
+  # To decrypt a string using an asymmetric cipher, the location of the
+  # private key file must be specified.  If this file is itself encrypted, you
+  # must also specify the algorithm and password used to seed the symmetric
+  # algorithm that will decrypt the plublic key file.  You can define defaults
+  # for these values like so:
+  # 
+  #   EncryptedStrings::AsymmetricCipher.default_private_key_file = './private.key'
+  #   EncryptedStrings::SymmetricCipher.default_algorithm = 'DES-EDE3-CBC'
+  #   EncryptedStrings::SymmetricCipher.default_password = 'secret'
+  # 
+  # If these configuration options are not passed in to #decrypt, then the
+  # default values will be used.  You can override the default values like so:
+  # 
+  #   password = "INy95irZ8AlHmvc6ZAF/ARsTpbqPIB/4bEAKKOebjsayB7NYWtIzpswvzxqf\nNJ5yyuvxfMODrcg7RimEMFkFlg==\n"
+  #   password.decrypt(:asymmetric, :public_key_file => './encrypted_public.key', :password => 'secret') # => "shhhh"
+  # 
+  # An exception will be raised if either the private key file could not be
+  # found or the password could not decrypt the private key file.
+  class AsymmetricCipher < Cipher
+    class << self
+      # The default private key to use during encryption.  Default is nil.
+      attr_accessor :default_private_key_file
+      
+      # The default public key to use during encryption.  Default is nil.
+      attr_accessor :default_public_key_file
+    end
+    
+    # Private key used for decrypting data
+    attr_reader :private_key_file
+    
+    # Public key used for encrypting data
+    attr_reader :public_key_file
+    
+    # The algorithm to use if the key files are encrypted themselves
+    attr_accessor :algorithm
+    
+    # The password used during symmetric decryption of the key files
+    attr_accessor :password
+    
+    # Creates a new cipher that uses an asymmetric encryption strategy.
+    # 
+    # Configuration options:
+    # * <tt>:private_key_file</tt> - Encrypted private key file
+    # * <tt>:public_key_file</tt> - Public key file
+    # * <tt>:password</tt> - The password to use in the symmetric cipher
+    # * <tt>:algorithm</tt> - Algorithm to use symmetrically encrypted strings
+    def initialize(options = {})
+      invalid_options = options.keys - [:private_key_file, :public_key_file, :algorithm, :password]
+      raise ArgumentError, "Unknown key(s): #{invalid_options.join(", ")}" unless invalid_options.empty?
+      
+      options = {
+        :private_key_file => AsymmetricCipher.default_private_key_file,
+        :public_key_file => AsymmetricCipher.default_public_key_file
+      }.merge(options)
+      
+      @public_key = @private_key = nil
+      
+      self.private_key_file = options[:private_key_file]
+      self.public_key_file  = options[:public_key_file]
+      raise ArgumentError, 'At least one key file must be specified (:private_key_file or :public_key_file)' unless private_key_file || public_key_file
+      
+      self.algorithm  = options[:algorithm]
+      self.password = options[:password]
+      
+      super()
+    end
+    
+    # Encrypts the given data. If no public key file has been specified, then
+    # a NoPublicKeyError will be raised.
+    def encrypt(data)
+      raise NoPublicKeyError, "Public key file: #{public_key_file}" unless public?
+      
+      encrypted_data = public_rsa.public_encrypt(data)
+      [encrypted_data].pack('m')
+    end
+    
+    # Decrypts the given data. If no private key file has been specified, then
+    # a NoPrivateKeyError will be raised.
+    def decrypt(data)
+      raise NoPrivateKeyError, "Private key file: #{private_key_file}" unless private?
+      
+      decrypted_data = data.unpack('m')[0]
+      private_rsa.private_decrypt(decrypted_data)
+    end
+    
+    # Sets the location of the private key and loads it
+    def private_key_file=(file)
+      @private_key_file = file and load_private_key
+    end
+    
+    # Sets the location of the public key and loads it
+    def public_key_file=(file)
+      @public_key_file = file and load_public_key
+    end
+    
+    # Does this cipher have a public key available?
+    def public?
+      return true if @public_key
+      
+      load_public_key
+      !@public_key.nil?
+    end
+    
+    # Does this cipher have a private key available?
+    def private?
+      return true if @private_key
+      
+      load_private_key
+      !@private_key.nil?
+    end
+    
+    private
+      # Loads the private key from the configured file
+      def load_private_key
+        @private_rsa = nil
+        
+        if private_key_file && File.file?(private_key_file)
+          @private_key = File.read(private_key_file)
+        end
+      end
+      
+      # Loads the public key from the configured file
+      def load_public_key
+        @public_rsa = nil
+        
+        if public_key_file && File.file?(public_key_file)
+          @public_key = File.read(public_key_file)
+        end
+      end
+      
+      # Retrieves the private RSA from the private key
+      def private_rsa
+        if password
+          options = {:password => password}
+          options[:algorithm] = algorithm if algorithm
+          
+          private_key = @private_key.decrypt(:symmetric, options)
+          OpenSSL::PKey::RSA.new(private_key)
+        else
+          @private_rsa ||= OpenSSL::PKey::RSA.new(@private_key)
+        end
+      end
+      
+      # Retrieves the public RSA
+      def public_rsa
+        @public_rsa ||= OpenSSL::PKey::RSA.new(@public_key)
+      end
+  end
+end