strongbox 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/README.textile +44 -44
  2. data/lib/strongbox.rb +1 -1
  3. data/lib/strongbox/lock.rb +8 -8
  4. metadata +2 -2
data/README.textile CHANGED
@@ -27,57 +27,57 @@ h2. Quick Start
27
27
 
28
28
  In your model:
29
29
 
30
- class User < ActiveRecord::Base
31
- encrypt_with_public_key :secret,
32
- :key_pair => File.join(RAILS_ROOT,'config','keypair.pem'),
33
- end
30
+ bc. class User < ActiveRecord::Base
31
+ encrypt_with_public_key :secret,
32
+ :key_pair => File.join(RAILS_ROOT,'config','keypair.pem')
33
+ end
34
34
 
35
35
  In your migrations:
36
36
 
37
- class AddSecretColumnsToUser < ActiveRecord::Migration
38
- def self.up
39
- add_column :users, :secret, binary
40
- add_column :users, :secret_key, binary
41
- add_column :users, :secret_iv, binary
42
- end
43
- def self.down
44
- remove_column :users, :secret
45
- remove_column :users, :secret_key
46
- remove_column :users, :secret_iv
47
- end
37
+ bc. class AddSecretColumnsToUser < ActiveRecord::Migration
38
+ def self.up
39
+ add_column :users, :secret, :binary
40
+ add_column :users, :secret_key, :binary
41
+ add_column :users, :secret_iv, :binary
48
42
  end
43
+ def self.down
44
+ remove_column :users, :secret
45
+ remove_column :users, :secret_key
46
+ remove_column :users, :secret_iv
47
+ end
48
+ end
49
49
 
50
50
  Generate a key pair:
51
51
 
52
52
  (Choose a strong password.)
53
53
 
54
- openssl genrsa -des3 -out config/private.pem 2048
55
- openssl rsa -in config/private.pem -out config/public.pem -outform PEM -pubout
56
- cat config/private.pem config/public.pem >> config/keypair.pem
54
+ bc. openssl genrsa -des3 -out config/private.pem 2048
55
+ openssl rsa -in config/private.pem -out config/public.pem -outform PEM -pubout
56
+ cat config/private.pem config/public.pem >> config/keypair.pem
57
57
 
58
58
  In your views and forms you don't need to do anything special to encrypt data. To
59
59
  decrypt call:
60
60
 
61
- user.secret.decrypt 'password'
61
+ bc. user.secret.decrypt 'password'
62
62
 
63
63
  h2. Gem installation (Rails 2.1+)
64
64
 
65
65
  In config/environment.rb:
66
66
 
67
- config.gem "spikex-strongbox",
68
- :lib => 'strongbox',
69
- :source => 'http://gems.github.com',
67
+ bc. config.gem "spikex-strongbox",
68
+ :lib => 'strongbox',
69
+ :source => 'http://gems.github.com'
70
70
 
71
71
  h2. Usage
72
72
 
73
73
  _encrypt_with_public_key_ sets up the attribute it's called on for automatic
74
74
  encryption. It's simplest form is:
75
75
 
76
- class User < ActiveRecord::Base
77
- encrypt_with_public_key :secret,
78
- :key_pair => File.join(RAILS_ROOT,'config','keypair.pem')
79
- end
76
+ bc. class User < ActiveRecord::Base
77
+ encrypt_with_public_key :secret,
78
+ :key_pair => File.join(RAILS_ROOT,'config','keypair.pem')
80
79
  end
80
+ end
81
81
 
82
82
  Which will encrypt the attribute "secret". The attribute will be encrypted using
83
83
  symmetric encryption with an automatically generated key and IV encrypted using the
@@ -109,37 +109,37 @@ data.
109
109
  For example, encrypting a small attribute, providing only the public key for extra
110
110
  security, and Base64 encoding the encrypted data:
111
111
 
112
- class User < ActiveRecord::Base
113
- validates_length_of :pin_code, :is => 4
114
- encrypt_with_public_key :pin_code,
115
- :symmetric => :never
116
- :base64 => true
117
- :public_key => File.join(RAILS_ROOT,'config','public.pem'),
118
- end
112
+ bc. class User < ActiveRecord::Base
113
+ validates_length_of :pin_code, :is => 4
114
+ encrypt_with_public_key :pin_code,
115
+ :symmetric => :never,
116
+ :base64 => true,
117
+ :public_key => File.join(RAILS_ROOT,'config','public.pem')
119
118
  end
119
+ end
120
120
 
121
121
  h2. Key Generation
122
122
 
123
123
  Generate a key pair:
124
124
 
125
- openssl genrsa -des3 -out config/private.pem 2048
126
- Generating RSA private key, 2048 bit long modulus
127
- ......+++
128
- .+++
129
- e is 65537 (0x10001)
130
- Enter pass phrase for config/private.pem:
131
- Verifying - Enter pass phrase for config/private.pem:
125
+ bc. openssl genrsa -des3 -out config/private.pem 2048
126
+ Generating RSA private key, 2048 bit long modulus
127
+ ......+++
128
+ .+++
129
+ e is 65537 (0x10001)
130
+ Enter pass phrase for config/private.pem:
131
+ Verifying - Enter pass phrase for config/private.pem:
132
132
 
133
133
  and extract the the public key:
134
134
 
135
- openssl rsa -in config/private.pem -out config/public.pem -outform PEM -pubout
136
- Enter pass phrase for config/private.pem:
137
- writing RSA key
135
+ bc. openssl rsa -in config/private.pem -out config/public.pem -outform PEM -pubout
136
+ Enter pass phrase for config/private.pem:
137
+ writing RSA key
138
138
 
139
139
  If you are going to leave the private key installed it's easiest to create a single
140
140
  key pair file:
141
141
 
142
- cat config/private.pem config/public.pem >> config/keypair.pem
142
+ bc. cat config/private.pem config/public.pem >> config/keypair.pem
143
143
 
144
144
  Or, for added security, store the private key file else where, leaving only the public key.
145
145
 
data/lib/strongbox.rb CHANGED
@@ -5,7 +5,7 @@ require 'strongbox/lock'
5
5
 
6
6
  module Strongbox
7
7
 
8
- VERSION = "0.2.0"
8
+ VERSION = "0.2.1"
9
9
 
10
10
  RSA_PKCS1_PADDING = OpenSSL::PKey::RSA::PKCS1_PADDING
11
11
  RSA_SSLV23_PADDING = OpenSSL::PKey::RSA::SSLV23_PADDING
data/lib/strongbox/lock.rb CHANGED
@@ -45,13 +45,13 @@ module Strongbox
45
45
  encrypted_key = Base64.encode64(encrypted_key)
46
46
  encrypted_iv = Base64.encode64(encrypted_iv)
47
47
  end
48
- @instance.write_attribute(@symmetric_key,encrypted_key)
49
- @instance.write_attribute(@symmetric_iv,encrypted_iv)
48
+ @instance[@symmetric_key] = encrypted_key
49
+ @instance[@symmetric_iv] = encrypted_iv
50
50
  else
51
51
  ciphertext = public_key.public_encrypt(plaintext,@padding)
52
52
  end
53
53
  ciphertext = Base64.encode64(ciphertext) if @base64
54
- @instance.write_attribute(@name,ciphertext)
54
+ @instance[@name] = ciphertext
55
55
  end
56
56
  end
57
57
 
@@ -61,7 +61,7 @@ module Strongbox
61
61
  def decrypt password = ""
62
62
  # Given a private key and a nil password OpenSSL::PKey::RSA.new() will
63
63
  # *prompt* for a password, we default to an empty string to avoid that.
64
- ciphertext = @instance.read_attribute(@name)
64
+ ciphertext = @instance[@name]
65
65
  return nil if ciphertext.nil?
66
66
  return "" if ciphertext.empty?
67
67
 
@@ -75,8 +75,8 @@ module Strongbox
75
75
  ciphertext = Base64.decode64(ciphertext) if @base64
76
76
  private_key = OpenSSL::PKey::RSA.new(File.read(@private_key),password)
77
77
  if @symmetric == :always
78
- random_key = @instance.read_attribute(@symmetric_key)
79
- random_iv = @instance.read_attribute(@symmetric_iv)
78
+ random_key = @instance[@symmetric_key]
79
+ random_iv = @instance[@symmetric_iv]
80
80
  if @base64
81
81
  random_key = Base64.decode64(random_key)
82
82
  random_iv = Base64.decode64(random_iv)
@@ -101,11 +101,11 @@ module Strongbox
101
101
 
102
102
  # Needed for validations
103
103
  def blank?
104
- @instance.read_attribute(@name).blank?
104
+ @instance[@name].blank?
105
105
  end
106
106
 
107
107
  def nil?
108
- @instance.read_attribute(@name).nil?
108
+ @instance[@name].nil?
109
109
  end
110
110
 
111
111
  def size
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: strongbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Spike Ilacqua
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-09-28 00:00:00 -06:00
12
+ date: 2009-10-01 00:00:00 -06:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency