RubyGems - strongbox - Versions diffs - 0.2.2 → 0.3.0 - Mend

strongbox 0.2.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

data/README.textile CHANGED Viewed

@@ -74,7 +74,6 @@ encryption.  It's simplest form is:
 bc. class User < ActiveRecord::Base
   encrypt_with_public_key :secret,
     :key_pair => File.join(RAILS_ROOT,'config','keypair.pem')
-  end
 end
 Which will encrypt the attribute "secret". The attribute will be encrypted using
@@ -113,7 +112,6 @@ bc. class User < ActiveRecord::Base
     :symmetric => :never,
     :base64 => true,
     :public_key => File.join(RAILS_ROOT,'config','public.pem')
-  end
 end
 h2. Key Generation
@@ -150,8 +148,8 @@ is needed.
 If your underlying database allows, use the *binary* column type. If you must store
 your data in text format be sure to enable Base64 encoding and to use the *text*
-column type. The _string_ column type is likely to be too small to hold the encrypted
-string.
+column type. If you use a _string_ column and encrypt anything greater than 186 bytes (245 bytes if you don't enable Base64 encoding) *your data will be lost*.
 h2. Security Caveats

data/lib/strongbox/lock.rb CHANGED Viewed

@@ -30,7 +30,7 @@ module Strongbox
         @size = plaintext.size # For validations
         # Using a blank password in OpenSSL::PKey::RSA.new prevents reading
         # the private key if the file is a key pair
-        public_key = OpenSSL::PKey::RSA.new(File.read(@public_key),"")
+        public_key = get_rsa_key(@public_key,"")
         if @symmetric == :always
           cipher = OpenSSL::Cipher::Cipher.new(@symmetric_cipher)
           cipher.encrypt
@@ -58,22 +58,21 @@ module Strongbox
     # Given the private key password decrypts the attribute.  Will raise
     # OpenSSL::PKey::RSAError if the password is wrong.
-    def decrypt password = ""
+    def decrypt password = nil
       # Given a private key and a nil password OpenSSL::PKey::RSA.new() will
       # *prompt* for a password, we default to an empty string to avoid that.
       ciphertext = @instance[@name]
       return nil if ciphertext.nil?
       return "" if ciphertext.empty?
-      return "*encrypted*" if password.blank?
+      return "*encrypted*" if password.nil?
       unless @private_key
         raise StrongboxError.new("#{@instance.class} model does not have private key_file")
       end
       if ciphertext
         ciphertext = Base64.decode64(ciphertext) if @base64
-        private_key = OpenSSL::PKey::RSA.new(File.read(@private_key),password)
+        private_key = get_rsa_key(@private_key,password)
         if @symmetric == :always
           random_key = @instance[@symmetric_key]
           random_iv = @instance[@symmetric_iv]
@@ -111,5 +110,14 @@ module Strongbox
     def size
       @size
     end
+private
+    def get_rsa_key(key,password = '')
+      return key if key.is_a?(OpenSSL::PKey::RSA)
+      if key !~ /^-----BEGIN RSA/
+        key = File.read(key)
+      end
+      return OpenSSL::PKey::RSA.new(key,password)
+    end
   end
 end

data/lib/strongbox.rb CHANGED Viewed

@@ -5,7 +5,7 @@ require 'strongbox/lock'
 module Strongbox
-  VERSION = "0.2.2"
+  VERSION = "0.3.0"
   RSA_PKCS1_PADDING	= OpenSSL::PKey::RSA::PKCS1_PADDING
   RSA_SSLV23_PADDING	= OpenSSL::PKey::RSA::SSLV23_PADDING

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: strongbox
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.0
 platform: ruby
 authors:
 - Spike Ilacqua
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-12-08 00:00:00 -07:00
+date: 2009-12-14 00:00:00 -07:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency