spikex-strongbox 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
data/Rakefile CHANGED
@@ -31,7 +31,7 @@ spec = Gem::Specification.new do |s|
31
31
  s.authors = ["Spike Ilacqua"]
32
32
  s.email = "spike@stuff-things.net"
33
33
  s.homepage = "http://stuff-things.net/strongbox"
34
- s.files = FileList["[A-Z]*", "init.rb", "{lib,rails,test}/**/*"]
34
+ s.files = FileList["[A-Z]*", "init.rb", "{lib,rails}/**/*"]
35
35
  s.add_development_dependency 'thoughtbot-shoulda'
36
36
  end
37
37
 
@@ -36,9 +36,14 @@ module Strongbox
36
36
 
37
37
  ciphertext = cipher.update(plaintext)
38
38
  ciphertext << cipher.final
39
-
40
- @instance.write_attribute(@symmetric_key,public_key.public_encrypt(random_key,@padding))
41
- @instance.write_attribute(@symmetric_iv,public_key.public_encrypt(random_iv,@padding))
39
+ encrypted_key = public_key.public_encrypt(random_key,@padding)
40
+ encrypted_iv = public_key.public_encrypt(random_iv,@padding)
41
+ if @base64
42
+ encrypted_key = Base64.encode64(encrypted_key)
43
+ encrypted_iv = Base64.encode64(encrypted_iv)
44
+ end
45
+ @instance.write_attribute(@symmetric_key,encrypted_key)
46
+ @instance.write_attribute(@symmetric_iv,encrypted_iv)
42
47
  else
43
48
  ciphertext = public_key.public_encrypt(plaintext,@padding)
44
49
  end
@@ -63,11 +68,17 @@ module Strongbox
63
68
  if ciphertext
64
69
  ciphertext = Base64.decode64(ciphertext) if @base64
65
70
  private_key = OpenSSL::PKey::RSA.new(File.read(@private_key),password)
66
- if @symmetric == :always
71
+ if @symmetric == :always
72
+ random_key = @instance.read_attribute(@symmetric_key)
73
+ random_iv = @instance.read_attribute(@symmetric_iv)
74
+ if @base64
75
+ random_key = Base64.decode64(random_key)
76
+ random_iv = Base64.decode64(random_iv)
77
+ end
67
78
  cipher = OpenSSL::Cipher::Cipher.new(@symmetric_cipher)
68
79
  cipher.decrypt
69
- cipher.key = private_key.private_decrypt(@instance.read_attribute(@symmetric_key),@padding)
70
- cipher.iv = private_key.private_decrypt(@instance.read_attribute(@symmetric_iv),@padding)
80
+ cipher.key = private_key.private_decrypt(random_key,@padding)
81
+ cipher.iv = private_key.private_decrypt(random_iv,@padding)
71
82
  plaintext = cipher.update(ciphertext)
72
83
  plaintext << cipher.final
73
84
  else
data/lib/strongbox.rb CHANGED
@@ -5,7 +5,7 @@ require 'strongbox/lock'
5
5
 
6
6
  module Strongbox
7
7
 
8
- VERSION = "0.1.3"
8
+ VERSION = "0.1.4"
9
9
 
10
10
  RSA_PKCS1_PADDING = OpenSSL::PKey::RSA::PKCS1_PADDING
11
11
  RSA_SSLV23_PADDING = OpenSSL::PKey::RSA::SSLV23_PADDING
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spikex-strongbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Spike Ilacqua
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-04-15 23:00:00 -07:00
12
+ date: 2009-04-16 23:00:00 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -39,11 +39,6 @@ files:
39
39
  - lib/strongbox/lock.rb
40
40
  - lib/strongbox.rb
41
41
  - rails/init.rb
42
- - test/database.yml
43
- - test/fixtures
44
- - test/fixtures/keypair.pem
45
- - test/strongbox_test.rb
46
- - test/test_helper.rb
47
42
  has_rdoc: false
48
43
  homepage: http://stuff-things.net/strongbox
49
44
  post_install_message:
data/test/database.yml DELETED
@@ -1,4 +0,0 @@
1
- test:
2
- adapter: sqlite3
3
- database: ":memory:"
4
-
@@ -1,24 +0,0 @@
1
- -----BEGIN RSA PRIVATE KEY-----
2
- Proc-Type: 4,ENCRYPTED
3
- DEK-Info: DES-EDE3-CBC,317921A00FB0882F
4
-
5
- f+GWBkcLJLsBUElOEKhqrtYgT1X4nixaZHD5x0VhmW2FrREz4vcqXrxwLTaRQJK/
6
- vHFJ/7IVmEHScwEognSfw/wX2HMIHczoQT3ugsa29Nt7t1VLGy9jvN1+1f+g90xe
7
- 02jC7CYEKUJ3agZPox49i0/UN9OCIgdtKfecdDHYWyziob8yYTsUdDGyAXlPv0Kx
8
- 0MPSCRDtEh4UJ2PIFyw2HowkYeNss6uIte9rxJGINI11D9vmXR0pH0XyCwHQn+2T
9
- ScHWg8BJ1rkBKydbKQ4vnfhGMjG+bZyrJXrJSoazXroseuhHu8QRUONm5Kl/zW1f
10
- GP1CjIfTCQQZECYIa2tXTFdL9y2ZOCn8xit57SwEpmJMvZC58PkQX5+/aHPcOXhl
11
- YrF+6FEfNpdBz9PUmv4Af2kTa88xZqm1Q3GtTOk7wsJpfeTMhU71KjA1pL9xNPrT
12
- DnKhtfLGvcgo8Z9BGOiLFe9uQvhhprX7isc1XdysbMigsVIWLvZp9RxRp/zAn7fy
13
- y56C6mc3tUwcq89RcxAn+bC75gwZO/hyVrnkhManOMfHTEiZXVybU9Ril3SZ+ry6
14
- 8AxMid0ZWbbtCHdDc5rHfXsGeFhJZxBbg/WtMxBPGHNByqs8sWUM9Z8YoK8WMYxV
15
- GvC9RB4m0jgA4S3MEOMmKOXDuJxa7IgTgApVmLPl+sDOHGK3xAItYJJawJqOZQ1f
16
- r+x/8g19CuehuflCxDo+D4/RJMqkOEq+0FGUqI8lHv6vR6+YpkGdrQQXUohBy67f
17
- 3Qym1ztZ8ygsttgJwnhwAfMh8FdIrVJc7NZ8pDiBZbg=
18
- -----END RSA PRIVATE KEY-----
19
- -----BEGIN PUBLIC KEY-----
20
- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9F1ipsLL+V68bGSJFqFLQKgXq
21
- Glyyplx0s9KxgLbmbDICXpV7DceKaIBUkPZDx2DrlvjZmG+rG5ehdWNI7q/hupao
22
- NF0WzEiOp+30gISeyl81Z/NAmhcwcOnZpbS9nl4JLaWrN7iGC1geNBNDo+lVbsm1
23
- O2+Tlt8rjHsNjzgIzQIDAQAB
24
- -----END PUBLIC KEY-----
@@ -1,126 +0,0 @@
1
- require 'test/test_helper'
2
-
3
- class StrongboxTest < Test::Unit::TestCase
4
- context "A Class with a secured field" do
5
- setup do
6
- rebuild_model :key_pair => File.join(FIXTURES_DIR,'keypair.pem')
7
- end
8
-
9
- should "not error when trying to also create a secure field" do
10
- assert_nothing_raised do
11
- Dummy.class_eval do
12
- encrypt_with_public_key :secret,
13
- :key_pair => File.join(FIXTURES_DIR,'keypair.pem')
14
- end
15
- end
16
- end
17
-
18
- context "that is valid" do
19
- setup do
20
- @dummy = Dummy.new
21
- @dummy.secret = 'Shhhh'
22
- @dummy.in_the_clear = 'Hey you guys!'
23
- end
24
-
25
- should "not change unencrypted fields" do
26
- assert_equal 'Hey you guys!', @dummy.in_the_clear
27
- end
28
-
29
- should "return '*encrypted*' when locked" do
30
- assert_equal "*encrypted*", @dummy.secret.decrypt
31
- end
32
-
33
- should "return secret when unlocked" do
34
- assert_equal "Shhhh", @dummy.secret.decrypt('boost facile')
35
- end
36
-
37
- should "generate and store symmetric encryption key and IV" do
38
- assert_not_nil @dummy.attributes['secret_key']
39
- assert_not_nil @dummy.attributes['secret_iv']
40
- end
41
-
42
- should "raise on bad password" do
43
- assert_raises(OpenSSL::PKey::RSAError) do
44
- @dummy.secret.decrypt('letmein')
45
- end
46
- end
47
-
48
- context "with symmetric encryption disabled" do
49
- setup do
50
- rebuild_class(:key_pair => File.join(FIXTURES_DIR,'keypair.pem'),
51
- :symmetric => :never)
52
- @dummy = Dummy.new
53
- @dummy.secret = 'Shhhh'
54
- end
55
-
56
- should "return '*encrypted*' when locked" do
57
- assert_equal "*encrypted*", @dummy.secret.decrypt
58
- end
59
-
60
- should "return secret when unlocked" do
61
- assert_equal "Shhhh", @dummy.secret.decrypt('boost facile')
62
- end
63
-
64
- should "not generate and store symmetric encryption key and IV" do
65
- assert_nil @dummy.attributes['secret_key']
66
- assert_nil @dummy.attributes['secret_iv']
67
- end
68
-
69
- end
70
-
71
- context "with Base64 encoding enabled" do
72
- setup do
73
- rebuild_class(:key_pair => File.join(FIXTURES_DIR,'keypair.pem'),
74
- :base64 => true)
75
- @dummy = Dummy.new
76
- @dummy.secret = 'Shhhh'
77
- end
78
-
79
- should 'Base64 encode the ciphertext' do
80
- # Base64 encoded text is limited to the charaters A–Z, a–z, and 0–9,
81
- # and is padded with 0 to 2 equal-signs
82
- assert_match /^[0-9A-Za-z+\/]+={0,2}$/, @dummy.attributes['secret']
83
- end
84
- end
85
- end
86
-
87
- context "using blowfish cipher instead of AES" do
88
- setup do
89
- rebuild_class(:key_pair => File.join(FIXTURES_DIR,'keypair.pem'),
90
- :symmetric_cipher => 'bf-cbc')
91
- @dummy = Dummy.new
92
- @dummy.secret = 'Shhhh'
93
- end
94
-
95
- should "encrypt the data" do
96
- assert_not_equal @dummy.attributes['secret'], 'Shhhh'
97
- assert_equal "*encrypted*", @dummy.secret.decrypt
98
- assert_equal "Shhhh", @dummy.secret.decrypt('boost facile')
99
- end
100
- end
101
- end
102
-
103
- context "when a key_pair is not provided" do
104
- setup do
105
- rebuild_class
106
- @dummy = Dummy.new
107
- end
108
-
109
- should "raise on encrypt" do
110
- assert_raises(Strongbox::StrongboxError) do
111
- @dummy.secret = 'Shhhh'
112
- end
113
- end
114
-
115
- should "raise on decrypt with a password" do
116
- assert_raises(Strongbox::StrongboxError) do
117
- @dummy.secret.decrypt('boost facile')
118
- end
119
- end
120
-
121
- should "return '*encrypted*' when still locked" do
122
- assert_equal "*encrypted*", @dummy.secret.decrypt
123
- end
124
- end
125
- end
126
-
data/test/test_helper.rb DELETED
@@ -1,50 +0,0 @@
1
- ROOT = File.join(File.dirname(__FILE__), '..')
2
- RAILS_ROOT = ROOT
3
- $LOAD_PATH << File.join(ROOT, 'lib')
4
-
5
- require 'rubygems'
6
- require 'test/unit'
7
- require 'activerecord'
8
- gem 'thoughtbot-shoulda', ">= 2.9.0"
9
- require 'shoulda'
10
- begin require 'redgreen'; rescue LoadError; end
11
-
12
- require 'strongbox'
13
-
14
- ENV['RAILS_ENV'] ||= 'test'
15
-
16
- FIXTURES_DIR = File.join(File.dirname(__FILE__), "fixtures")
17
- config = YAML::load(IO.read(File.dirname(__FILE__) + '/database.yml'))
18
- ActiveRecord::Base.logger = Logger.new(File.dirname(__FILE__) + "/debug.log")
19
- ActiveRecord::Base.establish_connection(config['test'])
20
-
21
-
22
- # rebuild_model and rebuild_class are borrowed directly from the Paperclip gem
23
- #
24
- # http://thoughtbot.com/projects/paperclip
25
-
26
- # rebuild_model (re)creates a database table for our Dummy model.
27
- # Call this to initial create a model, or to reset the database.
28
-
29
- def rebuild_model options = {}
30
- ActiveRecord::Base.connection.create_table :dummies, :force => true do |table|
31
- table.string :in_the_clear
32
- table.binary :secret
33
- table.binary :secret_key
34
- table.binary :secret_iv
35
- end
36
- rebuild_class options
37
- end
38
-
39
- # rebuild_class creates or replaces the Dummy ActiveRecord Model.
40
- # Call this when changing the options to encrypt_with_public_key
41
-
42
- def rebuild_class options = {}
43
- ActiveRecord::Base.send(:include, Strongbox)
44
- Object.send(:remove_const, "Dummy") rescue nil
45
- Object.const_set("Dummy", Class.new(ActiveRecord::Base))
46
- Dummy.class_eval do
47
- include Strongbox
48
- encrypt_with_public_key :secret, options
49
- end
50
- end