text-smuggler 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +7 -0
- data/Gemfile +5 -0
- data/LICENSE +20 -0
- data/README.md +45 -0
- data/Rakefile +15 -0
- data/lib/text_smuggler.rb +50 -0
- data/test/test_text_smuggler.rb +46 -0
- data/text-smuggler.gemspec +19 -0
- metadata +54 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 48f827fccf6e86574d27d251913a007521468df1
|
4
|
+
data.tar.gz: 6548856366c6a2968245383acb4b19020aba2925
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: cb6db323b61eacf096c542d13190d318d2e2552fc9f58e2150dd07e8f41c5eadae276321237f21b26a4c3b1528fbd1d1723fc5365f43a921e84a7849adf4a8db
|
7
|
+
data.tar.gz: b66e9f2f1c125ceb60a8d63ba8192f9ecb8e26c3a9476f4a1f033c0525172f93924057ac172a2aded8711052d8a43361259b3332eca56f407ce6d74c471413b5
|
data/.gitignore
ADDED
data/Gemfile
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2016 Mickael Riga
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
of this software and associated documentation files (the "Software"), to deal
|
5
|
+
in the Software without restriction, including without limitation the rights
|
6
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
copies of the Software, and to permit persons to whom the Software is
|
8
|
+
furnished to do so, subject to the following conditions:
|
9
|
+
|
10
|
+
The above copyright notice and this permission notice shall be included in
|
11
|
+
all copies or substantial portions of the Software.
|
12
|
+
|
13
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
THE SOFTWARE.
|
20
|
+
|
data/README.md
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
Text Smuggler
|
2
|
+
=============
|
3
|
+
|
4
|
+
`TextSmuggler` makes it easy to obfuscate pieces of text which need to be decoded later on, using OpenSSL::Cipher. Possibly incorporated in a URL.
|
5
|
+
|
6
|
+
Put this in your `Gemfile`:
|
7
|
+
|
8
|
+
```
|
9
|
+
gem 'text-smuggler'
|
10
|
+
```
|
11
|
+
|
12
|
+
Then use it like this:
|
13
|
+
|
14
|
+
```
|
15
|
+
secret_location = 'The secret location of Luke Skywalker is xxxxxx.'
|
16
|
+
han_solo = TextSmuggler.new key: 'change_me'
|
17
|
+
|
18
|
+
encoded = han_solo.encode secret_location
|
19
|
+
|
20
|
+
# Now you can use this string in a database or in a URL quite safely.
|
21
|
+
# And then when you need to decode it...
|
22
|
+
|
23
|
+
decoded = han_solo.decode encoded
|
24
|
+
```
|
25
|
+
|
26
|
+
You can also initialize a `TextSmuggler` with a specific type of ciper.
|
27
|
+
The default is `aes-256-cbc`.
|
28
|
+
|
29
|
+
```
|
30
|
+
smuggler = TextSmuggler.new({
|
31
|
+
key: 'change_me',
|
32
|
+
cipher_type: 'aes-256-cbc'
|
33
|
+
})
|
34
|
+
```
|
35
|
+
|
36
|
+
For more details about `OpenSSL::Cipher`, you can [read documentation here](http://ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/Cipher.html)
|
37
|
+
|
38
|
+
Warning
|
39
|
+
-------
|
40
|
+
|
41
|
+
Bear in mind that while this method is quite safe, you should only use it when
|
42
|
+
you absolutely have to retrieve the data. For example, avoid saving passwords
|
43
|
+
in a database with this method. Passwords only need to be compared and are safer
|
44
|
+
if they are saved with a non-reversible method (i.e. Hashed and salted).
|
45
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'rake/testtask'
|
2
|
+
|
3
|
+
task :default => :test
|
4
|
+
|
5
|
+
Rake::TestTask.new do |t|
|
6
|
+
t.libs << "test"
|
7
|
+
t.pattern = 'test/test_*.rb'
|
8
|
+
unless ENV['TESTONLY'].nil?
|
9
|
+
t.pattern = t.pattern.sub(/\*/, ENV['TESTONLY'])
|
10
|
+
end
|
11
|
+
t.options = '--pride'
|
12
|
+
# t.verbose = true
|
13
|
+
# t.warning = true
|
14
|
+
end
|
15
|
+
|
@@ -0,0 +1,50 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
require 'base64'
|
3
|
+
|
4
|
+
class TextSmuggler
|
5
|
+
|
6
|
+
DEFAULT_CIPHER_TYPE = 'aes-256-cbc'
|
7
|
+
DEFAULT_KEY = '0123456789abcdef0123456789abcdef'
|
8
|
+
|
9
|
+
def initialize opts={}
|
10
|
+
@opts = {
|
11
|
+
cipher_type: DEFAULT_CIPHER_TYPE,
|
12
|
+
key: (ENV['TEXT_SMUGGLER_KEY'] || DEFAULT_KEY)
|
13
|
+
}.merge(opts)
|
14
|
+
end
|
15
|
+
|
16
|
+
def encode s
|
17
|
+
cipher = cipher_for :encrypt
|
18
|
+
iv = cipher.random_iv
|
19
|
+
encrypted = cipher.update(s) + cipher.final
|
20
|
+
encrypted = iv + encrypted
|
21
|
+
url_friendly(encrypted)
|
22
|
+
end
|
23
|
+
|
24
|
+
def decode s
|
25
|
+
cipher = cipher_for :decrypt
|
26
|
+
encrypted = from_url_friendly s
|
27
|
+
cipher.iv = encrypted.slice!(0,16)
|
28
|
+
decrypted = cipher.update(encrypted) + cipher.final
|
29
|
+
decrypted
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def cipher_for direction=:encrypt
|
35
|
+
cipher = OpenSSL::Cipher.new(@opts[:cipher_type])
|
36
|
+
cipher.public_send(direction)
|
37
|
+
cipher.key = @opts[:key]
|
38
|
+
cipher
|
39
|
+
end
|
40
|
+
|
41
|
+
def url_friendly s
|
42
|
+
Base64.strict_encode64(s).tr('+/=', '-_,')
|
43
|
+
end
|
44
|
+
|
45
|
+
def from_url_friendly s
|
46
|
+
Base64.strict_decode64(s.tr('-_,', '+/='))
|
47
|
+
end
|
48
|
+
|
49
|
+
end
|
50
|
+
|
@@ -0,0 +1,46 @@
|
|
1
|
+
require 'minitest/autorun'
|
2
|
+
require 'text_smuggler'
|
3
|
+
|
4
|
+
ENV['RACK_ENV'] = 'test'
|
5
|
+
|
6
|
+
describe TextSmuggler do
|
7
|
+
|
8
|
+
parallelize_me!
|
9
|
+
|
10
|
+
subject { TextSmuggler.new }
|
11
|
+
let(:custom) {
|
12
|
+
TextSmuggler.new(key: TextSmuggler::DEFAULT_KEY.reverse)
|
13
|
+
}
|
14
|
+
|
15
|
+
let(:strings) {
|
16
|
+
[
|
17
|
+
'simple string', 'me@example.com', "Long text\nwith\nreturn lines",
|
18
|
+
'http://example.com/path/to/page?foo=1&bar=2'
|
19
|
+
]
|
20
|
+
}
|
21
|
+
|
22
|
+
it 'Encodes text' do
|
23
|
+
strings.each do |s|
|
24
|
+
refute_equal s, subject.encode(s)
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'Encodes something different each time' do
|
29
|
+
strings.each do |s|
|
30
|
+
refute_equal subject.encode(s), subject.encode(s)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
it 'Decodes text' do
|
35
|
+
strings.each do |s|
|
36
|
+
assert_equal s, subject.decode(subject.encode(s))
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
it 'Encodes URL friendly text' do
|
41
|
+
strings.each do |s|
|
42
|
+
assert_match(/^[a-zA-Z0-9,\-_]+$/, subject.encode(s))
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
Gem::Specification.new do |s|
|
2
|
+
|
3
|
+
s.authors = ['Mickael Riga']
|
4
|
+
s.email = ['mig@mypeplum.com']
|
5
|
+
s.homepage = 'https://github.com/mig-hub/text-smuggler'
|
6
|
+
s.licenses = ['MIT']
|
7
|
+
|
8
|
+
s.name = 'text-smuggler'
|
9
|
+
s.version = '0.0.1'
|
10
|
+
s.summary = 'TextSmuggler is for encoding/decoding text'
|
11
|
+
s.description = 'TextSmuggler makes it easy to obfuscate pieces of text which need to be decoded later on using OpenSSL::Cipher. Possibly incorporated in a URL'
|
12
|
+
|
13
|
+
s.platform = Gem::Platform::RUBY
|
14
|
+
s.files = `git ls-files`.split("\n").sort
|
15
|
+
s.test_files = s.files.grep(/^test\//)
|
16
|
+
s.require_paths = ['lib']
|
17
|
+
|
18
|
+
end
|
19
|
+
|
metadata
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: text-smuggler
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Mickael Riga
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-08-10 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description: TextSmuggler makes it easy to obfuscate pieces of text which need to
|
14
|
+
be decoded later on using OpenSSL::Cipher. Possibly incorporated in a URL
|
15
|
+
email:
|
16
|
+
- mig@mypeplum.com
|
17
|
+
executables: []
|
18
|
+
extensions: []
|
19
|
+
extra_rdoc_files: []
|
20
|
+
files:
|
21
|
+
- ".gitignore"
|
22
|
+
- Gemfile
|
23
|
+
- LICENSE
|
24
|
+
- README.md
|
25
|
+
- Rakefile
|
26
|
+
- lib/text_smuggler.rb
|
27
|
+
- test/test_text_smuggler.rb
|
28
|
+
- text-smuggler.gemspec
|
29
|
+
homepage: https://github.com/mig-hub/text-smuggler
|
30
|
+
licenses:
|
31
|
+
- MIT
|
32
|
+
metadata: {}
|
33
|
+
post_install_message:
|
34
|
+
rdoc_options: []
|
35
|
+
require_paths:
|
36
|
+
- lib
|
37
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - ">="
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: '0'
|
42
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - ">="
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '0'
|
47
|
+
requirements: []
|
48
|
+
rubyforge_project:
|
49
|
+
rubygems_version: 2.2.2
|
50
|
+
signing_key:
|
51
|
+
specification_version: 4
|
52
|
+
summary: TextSmuggler is for encoding/decoding text
|
53
|
+
test_files:
|
54
|
+
- test/test_text_smuggler.rb
|