RubyGems - spikex-strongbox - Versions diffs - 0.1.3 → 0.1.4 - Mend

spikex-strongbox 0.1.3 → 0.1.4

Files changed (8) hide show

data/Rakefile CHANGED Viewed

@@ -31,7 +31,7 @@ spec = Gem::Specification.new do |s|
   s.authors = ["Spike Ilacqua"]
   s.email = "spike@stuff-things.net"
   s.homepage = "http://stuff-things.net/strongbox"
-  s.files = FileList["[A-Z]*", "init.rb", "{lib,rails,test}/**/*"]
+  s.files = FileList["[A-Z]*", "init.rb", "{lib,rails}/**/*"]
   s.add_development_dependency 'thoughtbot-shoulda'
 end

data/lib/strongbox/lock.rb CHANGED Viewed

@@ -36,9 +36,14 @@ module Strongbox
           ciphertext = cipher.update(plaintext)
           ciphertext << cipher.final
-          @instance.write_attribute(@symmetric_key,public_key.public_encrypt(random_key,@padding))
-          @instance.write_attribute(@symmetric_iv,public_key.public_encrypt(random_iv,@padding))
+          encrypted_key = public_key.public_encrypt(random_key,@padding)
+          encrypted_iv = public_key.public_encrypt(random_iv,@padding)
+          if @base64
+            encrypted_key = Base64.encode64(encrypted_key)
+            encrypted_iv = Base64.encode64(encrypted_iv)
+          end
+          @instance.write_attribute(@symmetric_key,encrypted_key)
+          @instance.write_attribute(@symmetric_iv,encrypted_iv)
         else
           ciphertext = public_key.public_encrypt(plaintext,@padding)
         end
@@ -63,11 +68,17 @@ module Strongbox
       if ciphertext
         ciphertext = Base64.decode64(ciphertext) if @base64
         private_key = OpenSSL::PKey::RSA.new(File.read(@private_key),password)
-        if @symmetric == :always
+        if @symmetric == :always
+          random_key = @instance.read_attribute(@symmetric_key)
+          random_iv = @instance.read_attribute(@symmetric_iv)
+          if @base64
+            random_key = Base64.decode64(random_key)
+            random_iv = Base64.decode64(random_iv)
+          end
           cipher = OpenSSL::Cipher::Cipher.new(@symmetric_cipher)
           cipher.decrypt
-          cipher.key = private_key.private_decrypt(@instance.read_attribute(@symmetric_key),@padding)
-          cipher.iv = private_key.private_decrypt(@instance.read_attribute(@symmetric_iv),@padding)
+          cipher.key = private_key.private_decrypt(random_key,@padding)
+          cipher.iv = private_key.private_decrypt(random_iv,@padding)
           plaintext = cipher.update(ciphertext)
           plaintext << cipher.final
         else

data/lib/strongbox.rb CHANGED Viewed

@@ -5,7 +5,7 @@ require 'strongbox/lock'
 module Strongbox
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
   RSA_PKCS1_PADDING	= OpenSSL::PKey::RSA::PKCS1_PADDING
   RSA_SSLV23_PADDING	= OpenSSL::PKey::RSA::SSLV23_PADDING

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: spikex-strongbox
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - Spike Ilacqua
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-04-15 23:00:00 -07:00
+date: 2009-04-16 23:00:00 -07:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -39,11 +39,6 @@ files:
 - lib/strongbox/lock.rb
 - lib/strongbox.rb
 - rails/init.rb
-- test/database.yml
-- test/fixtures
-- test/fixtures/keypair.pem
-- test/strongbox_test.rb
-- test/test_helper.rb
 has_rdoc: false
 homepage: http://stuff-things.net/strongbox
 post_install_message:

data/test/database.yml DELETED Viewed

@@ -1,4 +0,0 @@
-test:
-  adapter: sqlite3
-  database: ":memory:"

data/test/fixtures/keypair.pem DELETED Viewed

@@ -1,24 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,317921A00FB0882F
-f+GWBkcLJLsBUElOEKhqrtYgT1X4nixaZHD5x0VhmW2FrREz4vcqXrxwLTaRQJK/
-vHFJ/7IVmEHScwEognSfw/wX2HMIHczoQT3ugsa29Nt7t1VLGy9jvN1+1f+g90xe
-02jC7CYEKUJ3agZPox49i0/UN9OCIgdtKfecdDHYWyziob8yYTsUdDGyAXlPv0Kx
-0MPSCRDtEh4UJ2PIFyw2HowkYeNss6uIte9rxJGINI11D9vmXR0pH0XyCwHQn+2T
-ScHWg8BJ1rkBKydbKQ4vnfhGMjG+bZyrJXrJSoazXroseuhHu8QRUONm5Kl/zW1f
-GP1CjIfTCQQZECYIa2tXTFdL9y2ZOCn8xit57SwEpmJMvZC58PkQX5+/aHPcOXhl
-YrF+6FEfNpdBz9PUmv4Af2kTa88xZqm1Q3GtTOk7wsJpfeTMhU71KjA1pL9xNPrT
-DnKhtfLGvcgo8Z9BGOiLFe9uQvhhprX7isc1XdysbMigsVIWLvZp9RxRp/zAn7fy
-y56C6mc3tUwcq89RcxAn+bC75gwZO/hyVrnkhManOMfHTEiZXVybU9Ril3SZ+ry6
-8AxMid0ZWbbtCHdDc5rHfXsGeFhJZxBbg/WtMxBPGHNByqs8sWUM9Z8YoK8WMYxV
-GvC9RB4m0jgA4S3MEOMmKOXDuJxa7IgTgApVmLPl+sDOHGK3xAItYJJawJqOZQ1f
-r+x/8g19CuehuflCxDo+D4/RJMqkOEq+0FGUqI8lHv6vR6+YpkGdrQQXUohBy67f
-3Qym1ztZ8ygsttgJwnhwAfMh8FdIrVJc7NZ8pDiBZbg=
------END RSA PRIVATE KEY-----
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9F1ipsLL+V68bGSJFqFLQKgXq
-Glyyplx0s9KxgLbmbDICXpV7DceKaIBUkPZDx2DrlvjZmG+rG5ehdWNI7q/hupao
-NF0WzEiOp+30gISeyl81Z/NAmhcwcOnZpbS9nl4JLaWrN7iGC1geNBNDo+lVbsm1
-O2+Tlt8rjHsNjzgIzQIDAQAB
------END PUBLIC KEY-----

data/test/strongbox_test.rb DELETED Viewed

@@ -1,126 +0,0 @@
-require 'test/test_helper'
-class StrongboxTest < Test::Unit::TestCase
-  context "A Class with a secured field" do
-    setup do
-      rebuild_model :key_pair => File.join(FIXTURES_DIR,'keypair.pem')
-    end
-    should "not error when trying to also create a secure field" do
-      assert_nothing_raised do
-        Dummy.class_eval do
-          encrypt_with_public_key :secret,
-                                  :key_pair => File.join(FIXTURES_DIR,'keypair.pem')
-        end
-      end
-    end
-     context "that is valid" do
-       setup do
-         @dummy = Dummy.new
-         @dummy.secret = 'Shhhh'
-         @dummy.in_the_clear = 'Hey you guys!'
-       end
-       should "not change unencrypted fields" do
-         assert_equal 'Hey you guys!', @dummy.in_the_clear
-       end
-       should "return '*encrypted*' when locked"  do
-         assert_equal "*encrypted*", @dummy.secret.decrypt
-       end
-       should "return secret when unlocked"  do
-         assert_equal "Shhhh", @dummy.secret.decrypt('boost facile')
-       end
-       should "generate and store symmetric encryption key and IV" do
-         assert_not_nil @dummy.attributes['secret_key']
-         assert_not_nil @dummy.attributes['secret_iv']
-       end
-       should "raise on bad password" do
-         assert_raises(OpenSSL::PKey::RSAError) do
-           @dummy.secret.decrypt('letmein')
-         end
-       end
-       context "with symmetric encryption disabled" do
-         setup do
-           rebuild_class(:key_pair => File.join(FIXTURES_DIR,'keypair.pem'),
-                         :symmetric => :never)
-           @dummy = Dummy.new
-           @dummy.secret = 'Shhhh'
-         end
-         should "return '*encrypted*' when locked"  do
-           assert_equal "*encrypted*", @dummy.secret.decrypt
-         end
-         should "return secret when unlocked"  do
-           assert_equal "Shhhh", @dummy.secret.decrypt('boost facile')
-         end
-         should "not generate and store symmetric encryption key and IV" do
-           assert_nil @dummy.attributes['secret_key']
-           assert_nil @dummy.attributes['secret_iv']
-         end
-       end
-       context "with Base64 encoding enabled" do
-         setup do
-           rebuild_class(:key_pair => File.join(FIXTURES_DIR,'keypair.pem'),
-                         :base64 => true)
-           @dummy = Dummy.new
-           @dummy.secret = 'Shhhh'
-         end
-         should 'Base64 encode the ciphertext' do
-           # Base64 encoded text is limited to the charaters A–Z, a–z, and 0–9,
-           # and is padded with 0 to 2 equal-signs
-           assert_match /^[0-9A-Za-z+\/]+={0,2}$/, @dummy.attributes['secret']
-         end
-       end
-     end
-     context "using blowfish cipher instead of AES" do
-       setup do
-         rebuild_class(:key_pair => File.join(FIXTURES_DIR,'keypair.pem'),
-                       :symmetric_cipher => 'bf-cbc')
-         @dummy = Dummy.new
-         @dummy.secret = 'Shhhh'
-       end
-       should "encrypt the data"  do
-         assert_not_equal @dummy.attributes['secret'], 'Shhhh'
-         assert_equal "*encrypted*", @dummy.secret.decrypt
-         assert_equal "Shhhh", @dummy.secret.decrypt('boost facile')
-       end
-     end
-  end
-  context "when a key_pair is not provided" do
-    setup do
-      rebuild_class
-      @dummy = Dummy.new
-    end
-    should "raise on encrypt" do
-      assert_raises(Strongbox::StrongboxError) do
-        @dummy.secret = 'Shhhh'
-      end
-    end
-    should "raise on decrypt with a password" do
-      assert_raises(Strongbox::StrongboxError) do
-        @dummy.secret.decrypt('boost facile')
-      end
-    end
-    should "return '*encrypted*' when still locked" do
-      assert_equal "*encrypted*", @dummy.secret.decrypt
-    end
-  end
-end

data/test/test_helper.rb DELETED Viewed

@@ -1,50 +0,0 @@
-ROOT       = File.join(File.dirname(__FILE__), '..')
-RAILS_ROOT = ROOT
-$LOAD_PATH << File.join(ROOT, 'lib')
-require 'rubygems'
-require 'test/unit'
-require 'activerecord'
-gem 'thoughtbot-shoulda', ">= 2.9.0"
-require 'shoulda'
-begin require 'redgreen'; rescue LoadError; end
-require 'strongbox'
-ENV['RAILS_ENV'] ||= 'test'
-FIXTURES_DIR = File.join(File.dirname(__FILE__), "fixtures")
-config = YAML::load(IO.read(File.dirname(__FILE__) + '/database.yml'))
-ActiveRecord::Base.logger = Logger.new(File.dirname(__FILE__) + "/debug.log")
-ActiveRecord::Base.establish_connection(config['test'])
-# rebuild_model and rebuild_class are borrowed directly from the Paperclip gem
-#
-# http://thoughtbot.com/projects/paperclip
-# rebuild_model (re)creates a database table for our Dummy model.
-# Call this to initial create a model, or to reset the database.
-def rebuild_model options = {}
-  ActiveRecord::Base.connection.create_table :dummies, :force => true do |table|
-    table.string :in_the_clear
-    table.binary :secret
-    table.binary :secret_key
-    table.binary :secret_iv
-  end
-  rebuild_class options
-end
-# rebuild_class creates or replaces the Dummy ActiveRecord Model.
-# Call this when changing the options to encrypt_with_public_key
-def rebuild_class options = {}
-  ActiveRecord::Base.send(:include, Strongbox)
-  Object.send(:remove_const, "Dummy") rescue nil
-  Object.const_set("Dummy", Class.new(ActiveRecord::Base))
-  Dummy.class_eval do
-    include Strongbox
-    encrypt_with_public_key :secret, options
-  end
-end