stderr-sentry 0.5.4

data/VERSION

@@ -0,0 +1 @@
+0.5.3

data/init.rb

@@ -0,0 +1 @@
+require 'sentry'

data/lib/active_record/sentry.rb

@@ -0,0 +1,105 @@
+module ActiveRecord # :nodoc:
+  module Sentry
+    def self.included(base) # :nodoc:
+      base.extend ClassMethods
+    end
+
+    module ClassMethods
+      def generates_crypted(attr_name, options = {})
+        mode = options[:mode] || :asymmetric
+        case mode
+          when :sha
+            generates_crypted_hash_of(attr_name)
+          when :asymmetric, :asymmetrical
+            asymmetrically_encrypts(attr_name)
+          when :symmetric, :symmetrical
+            symmetrically_encrypts(attr_name)
+        end
+      end
+
+      #def generates_crypted_hash_of(attribute)
+      #  before_validation ::Sentry::ShaSentry.new(attribute)
+      #  attr_accessor attribute
+      #end
+
+      def asymmetrically_encrypts(attr_name, options = {})
+        #temp_sentry = ::Sentry::AsymmetricSentryCallback.new(attr_name)
+        #before_validation temp_sentry
+        #after_save temp_sentry
+        unless instance_methods.include?("#{attr_name}_with_decryption")
+          define_read_methods
+
+          define_method("#{attr_name}_with_decryption") do |*optional|
+            begin
+              crypted_value = self.send("#{attr_name}_without_decryption")
+              #puts "crypted value: #{crypted_value}"
+              return nil if crypted_value.nil?
+              key = optional.shift || (options[:key].is_a?(Proc) ? options[:key].call : options[:key]) || ::Sentry.default_key
+              decrypted_value = ::Sentry::AsymmetricSentry.decrypt_large_from_base64(crypted_value, key)
+              return decrypted_value
+            rescue Exception => e
+              nil
+            end
+          end
+
+          alias_method_chain attr_name, :decryption
+          alias_method "crypted_#{attr_name}", "#{attr_name}_without_decryption"
+          alias_method "#{attr_name}_before_type_cast", "#{attr_name}_with_decryption"
+
+          define_method("#{attr_name}_with_encryption=") do |value|
+            encrypted_value = self.class.encrypt_for_sentry(value)
+            self.send("#{attr_name}_without_encryption=", encrypted_value)
+            nil
+          end
+
+          alias_method_chain "#{attr_name}=", :encryption
+        end
+
+      end
+
+      def encrypt_for_sentry(string)
+        return nil if string.nil?
+        return ::Sentry::AsymmetricSentry.encrypt_large_to_base64(string)
+      end
+
+      private
+
+      def symmetrically_encrypts(attr_name)
+        temp_sentry = ::Sentry::SymmetricSentryCallback.new(attr_name)
+        before_validation temp_sentry
+        after_save temp_sentry
+         
+        define_method("#{attr_name}=") do |value|
+          decrypted_values[attr_name] = value
+          nil
+        end
+       
+       define_method(attr_name) do
+         send("#{attr_name}!") rescue nil
+       end
+      
+       define_method("#{attr_name}!") do
+         return decrypted_values[attr_name] unless decrypted_values[attr_name].nil?
+
+         return nil if send("crypted_#{attr_name}").nil?
+         ::Sentry::SymmetricSentry.decrypt_from_base64(send("crypted_#{attr_name}"))
+       end
+      
+      
+      
+       private
+       define_method(:decrypted_values) do
+         @decrypted_values ||= {}
+       end
+      end
+    end
+
+    @@CHARS = ('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a
+
+    def self.rand_string(length=8)
+      s=''
+      length.times{ s << @@CHARS[rand(@@CHARS.length)] }
+      s
+    end
+  end
+end

data/lib/sentry.rb

@@ -0,0 +1,71 @@
+#Copyright (c) 2005 Rick Olson
+#
+#Permission is hereby granted, free of charge, to any person obtaining
+#a copy of this software and associated documentation files (the
+#"Software"), to deal in the Software without restriction, including
+#without limitation the rights to use, copy, modify, merge, publish,
+#distribute, sublicense, and/or sell copies of the Software, and to
+#permit persons to whom the Software is furnished to do so, subject to
+#the following conditions:
+#
+#The above copyright notice and this permission notice shall be
+#included in all copies or substantial portions of the Software.
+#
+#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+#EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+#MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+#NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+#LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+#OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+#WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'openssl'
+require 'base64'
+require 'sentry/symmetric_sentry'
+require 'sentry/asymmetric_sentry'
+require 'sentry/sha_sentry'
+require 'sentry/symmetric_sentry_callback'
+require 'sentry/asymmetric_sentry_callback'
+
+module Sentry
+  class NoKeyError < StandardError
+  end
+  class NoPublicKeyError < StandardError
+  end
+  class NoPrivateKeyError < StandardError
+  end
+  mattr_accessor :default_key
+end
+
+begin
+  require 'active_record/sentry'
+  ActiveRecord::Base.class_eval do
+    include ActiveRecord::Sentry
+  end
+rescue NameError
+  nil
+end
+
+class OpenSSL::PKey::RSA
+  def max_encryptable_length
+    @max_encryption_length ||= calc_max_encrypted_length
+  end
+
+  private
+
+  def calc_max_encrypted_length
+    upper_bound = 4*1024
+    test_length = upper_bound / 2
+    while test_length != (upper_bound - 1)
+      probe = "a" * test_length
+      begin
+        self.public_encrypt(probe)
+        test_length = test_length + ((upper_bound - test_length) / 2)
+      rescue Exception => e
+        upper_bound = test_length
+        test_length = test_length / 2
+      end
+    end
+    return test_length
+  end
+end

data/lib/sentry/asymmetric_sentry.rb

@@ -0,0 +1,192 @@
+module Sentry
+  class AsymmetricSentry
+    attr_reader   :private_key_file
+    attr_reader   :public_key_file
+    attr_accessor :symmetric_algorithm
+    @@default_private_key_file = nil
+    @@default_public_key_file = nil
+    @@default_symmetric_algorithm = nil
+
+    # available options:
+    # * <tt>:private_key_file</tt> - encrypted private key file
+    # * <tt>:public_key_file</tt>  - public key file
+    # * <tt>:symmetric_algorithm</tt> - algorithm to use for SymmetricSentry
+    def initialize(options = {})
+      @public_key = @private_key = nil
+      self.private_key_file = options[:private_key_file]
+      self.public_key_file  = options[:public_key_file] || @@default_public_key_file
+      @symmetric_algorithm = options[:symmetric_algorithm] || @@default_symmetric_algorithm
+    end
+  
+    def encrypt(data)
+      raise NoPublicKeyError unless public?
+      rsa = public_rsa
+      return rsa.public_encrypt(data)
+    end
+
+    def decrypt_large_from_base64(data, key=nil)
+      raise NoPrivateKeyError unless private?
+      chunk_length = public_rsa.max_encryptable_length + 11 # 11 is magic padding for RSA encoding
+      b64_decoded = Base64.decode64(data)
+      padding_length = b64_decoded[0]
+      data = b64_decoded[1, data.length]
+      return (0...data.length).step(chunk_length).inject("") { |accum, idx| accum + decrypt_with_padding(data.slice(idx, chunk_length), padding_length, key)}
+    end
+
+    def chunk_size(padding_length)
+      return public_rsa.max_encryptable_length - padding_length
+    end
+    
+    def encrypt_large_to_base64(data)
+      raise NoPublicKeyError unless public?
+      padding_length = 8
+      chunk_length = chunk_size(padding_length)
+      return Base64.encode64(padding_length.chr + (0...data.length).step(chunk_length).inject("") {|accum, idx| accum + encrypt_with_padding( data.slice(idx, chunk_length), padding_length)} )
+    end
+
+    def decrypt_with_padding(data, padding_length, key=nil)
+      decrypted = decrypt(data, key)
+      return decrypted[0, decrypted.length - padding_length]
+    end
+
+    def encrypt_with_padding(data, padding_length)
+      encrypt(data + rand_string(padding_length))
+    end
+
+    @@CHARS = ('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a
+
+    def rand_string(length=8)
+      s=''
+      length.times{ s << @@CHARS[rand(@@CHARS.length)] }
+      s
+    end
+  
+    def encrypt_to_base64(data)
+      Base64.encode64(encrypt(data))
+    end
+  
+    def decrypt(data, key = nil)
+      raise NoPrivateKeyError unless private?
+      rsa = private_rsa(key)
+      return rsa.private_decrypt(data)
+    end
+  
+    def decrypt_from_base64(data, key = nil)
+      decrypt(Base64.decode64(data), key)
+    end
+  
+    def private_key_file=(file)
+      @private_key_file = file and load_private_key
+    end
+  
+    def public_key_file=(file)
+      @public_key_file = file and load_public_key
+    end
+  
+    def public?
+      return true unless @public_key.nil?
+      load_public_key and return @public_key
+    end
+  
+    def private?
+      return true unless @private_key.nil?
+      load_private_key and return @private_key
+    end
+
+    class << self
+      # * <tt>:key</tt> - secret password
+      # * <tt>:symmetric_algorithm</tt> - symmetrical algorithm to use
+      def save_random_rsa_key(private_key_file, public_key_file, options = {})
+        rsa = OpenSSL::PKey::RSA.new(512)
+        public_key = rsa.public_key
+        private_key = options[:key].to_s.empty? ? 
+          rsa.to_s :
+          SymmetricSentry.new(:algorithm => options[:symmetric_algorithm]).encrypt_to_base64(rsa.to_s, options[:key])
+        File.open(public_key_file, 'w')  { |f| f.write(public_key) }
+        File.open(private_key_file, 'w') { |f| f.write(private_key) }
+      end
+
+      def encrypt(data)
+        self.new.encrypt(data)
+      end
+  
+      def encrypt_to_base64(data)
+        self.new.encrypt_to_base64(data)
+      end
+
+      def encrypt_large_to_base64(data)
+        self.new.encrypt_large_to_base64(data)
+      end
+  
+      def decrypt(data, key = nil)
+        self.new.decrypt(data, key)
+      end
+  
+      def decrypt_large_from_base64(data, key = nil)
+         self.new.decrypt_large_from_base64(data, key)
+      end
+      
+      def decrypt_from_base64(data, key = nil)
+        self.new.decrypt_from_base64(data, key)
+      end
+
+      # cattr_accessor would be lovely
+      def default_private_key_file
+        @@default_private_key_file
+      end
+      
+      def default_private_key_file=(value)
+        @@default_private_key_file = value
+      end
+      
+      def default_public_key_file
+        @@default_public_key_file
+      end
+      
+      def default_public_key_file=(value)
+        @@default_public_key_file = value
+      end
+      
+      def default_symmetric_algorithm
+        @@default_symmetric_algorithm
+      end
+      
+      def default_symmetric_algorithm=(value)
+        @@default_symmetric_algorithm = value
+      end
+    end
+  
+    private
+    def encryptor
+      @encryptor ||= SymmetricSentry.new(:algorithm => @symmetric_algorithm)
+    end
+
+    def load_private_key
+      @private_rsa = nil
+      @private_key_file ||= @@default_private_key_file
+      if @private_key_file and File.file?(@private_key_file)
+        @private_key = File.open(@private_key_file) { |f| f.read }
+      end
+      return @private_key
+    end
+  
+    def load_public_key
+      @public_rsa = nil
+      @public_key_file ||= @@default_public_key_file
+      if @public_key_file and File.file?(@public_key_file)
+        @public_key = File.open(@public_key_file) { |f| f.read }
+      end
+    end
+
+    # retrieves private rsa from encrypted private key
+    def private_rsa(key = nil)
+      return @private_rsa ||= OpenSSL::PKey::RSA.new(@private_key) unless key
+      OpenSSL::PKey::RSA.new(encryptor.decrypt_from_base64(@private_key, key))
+    end
+
+    # retrieves public rsa
+    def public_rsa
+      @public_rsa ||= OpenSSL::PKey::RSA.new(@public_key)
+    end
+  end
+end

data/lib/sentry/asymmetric_sentry_callback.rb

@@ -0,0 +1,17 @@
+module Sentry
+  class AsymmetricSentryCallback
+    def initialize(attr_name)
+      @attr_name = attr_name
+    end
+  
+   # Performs encryption on before_validation Active Record callback
+    def before_validation(model)
+      return if model.send(@attr_name).blank?
+      model.send("crypted_#{@attr_name}=", AsymmetricSentry.encrypt_to_base64(model.send(@attr_name)))
+    end
+    
+    def after_save(model)
+      model.send("#{@attr_name}=", nil)
+    end
+  end
+end

data/lib/sentry/sha_sentry.rb

@@ -0,0 +1,41 @@
+require 'digest/sha1'
+module Sentry
+  class ShaSentry
+    @@salt = 'salt'
+    attr_accessor :salt
+    
+    # Encrypts data using SHA.
+    def encrypt(data)
+      self.class.encrypt(data + salt.to_s)
+    end
+    
+    # Initialize the class.  
+    # Used by ActiveRecord::Base#generates_crypted to set up as a callback object for a model
+    def initialize(attribute = nil)
+      @attribute = attribute
+    end
+    
+    # Performs encryption on before_validation Active Record callback
+    def before_validation(model)
+      return unless model.send(@attribute)
+      model.send("crypted_#{@attribute}=", encrypt(model.send(@attribute)))
+    end
+        
+    class << self
+      # Gets the class salt value used when encrypting
+      def salt
+        @@salt
+      end
+      
+      # Sets the class salt value used when encrypting
+      def salt=(value)
+        @@salt = value
+      end
+      
+      # Encrypts the data
+      def encrypt(data)
+        Digest::SHA1.hexdigest(data + @@salt)
+      end
+    end
+  end
+end

data/lib/sentry/symmetric_sentry.rb

@@ -0,0 +1,82 @@
+module Sentry
+  class SymmetricSentry
+    @@default_algorithm = 'DES-EDE3-CBC'
+    @@default_key = nil
+    attr_accessor :algorithm
+    def initialize(options = {})
+      @algorithm = options[:algorithm] || @@default_algorithm
+    end
+  
+    def encrypt(data, key = nil)
+      key = check_for_key!(key)
+      des = encryptor
+      des.encrypt
+      des.pkcs5_keyivgen(key)
+      cipher = des.update(data)
+      
+      cipher << des.final
+    end
+  
+    def encrypt_to_base64(text, key = nil)
+      Base64.encode64(encrypt(text, key))
+    end
+  
+    def decrypt(data, key = nil)
+      key = check_for_key!(key)
+      des = encryptor
+      des.decrypt
+      des.pkcs5_keyivgen(key)
+      text = des.update(data)
+      text << des.final
+    end
+  
+    def decrypt_from_base64(text, key = nil)
+      decrypt(Base64.decode64(text), key)
+    end
+
+    class << self
+      def default_algorithm
+        @@default_algorithm
+      end
+    
+      def default_algorithm=(value)
+        @@default_algorithm = value
+      end
+      
+      def default_key
+        @@default_key
+      end
+      
+      def default_key=(value)
+        @@default_key = value
+      end
+
+      def encrypt(data, key = nil)
+        self.new.encrypt(data, key)
+      end
+  
+      def encrypt_to_base64(text, key = nil)
+        self.new.encrypt_to_base64(text, key)
+      end
+  
+      def decrypt(data, key = nil)
+        self.new.decrypt(data, key)
+      end
+  
+      def decrypt_from_base64(text, key = nil)
+        self.new.decrypt_from_base64(text, key)
+      end
+    end
+
+    private
+    def encryptor
+      @encryptor ||= OpenSSL::Cipher::Cipher.new(@algorithm)
+    end
+    
+    def check_for_key!(key)
+      valid_key = key || @@default_key
+      raise Sentry::NoKeyError if valid_key.nil?
+      valid_key
+    end
+  end
+end