tokenifier 0.0.1

data/README.md

@@ -0,0 +1,63 @@
+# Tokenifier
+
+Tokenifier is a Gibberish gem wrapper.
+It provides an approach to encrypt and decrypt structures like Strings, Hashes.
+
+## Installation
+
+Put the string into Gemfile
+
+    gem "tokenifier"
+
+Add config/tokenifier.yml in rails application
+
+    development:
+      secret: 7e991d82a0dd42b0afa293a339308c6f
+
+## Usage
+
+To encrypt data into hash
+
+    Tokenifier.encrypt("string")          # => 
+    Tokenifier.encrypt(:key => 'value')   # => 
+
+To decrypt data into hash
+
+    Tokenifier.decrypt(" ...")            # => 
+    Tokenifier.decrypt(" ...")            # => 
+
+Errors handling
+
+    Tokenifier.encrypt(nil)               # => raises Tokenifier::Error
+    Tokenifier.encrypt("")                # => raises Tokenifier::Error
+
+    Tokenifier.decrypt("malformed hash")  # => raises Tokenifier::Error
+
+Using custom secret
+
+    data = Tokenifier.encrypt("string", :secret => 'secret')
+    Tokenifier.decrypt(data, :secret => 'secret')               # => "string"
+    Tokenifier.decrypt(data)                                    # => raises Tokenifier::Error, "Got a malformed string"
+
+## CLI usage
+
+Usage:
+
+    tokenifier [options] COMMAND 'custom string'
+
+Commands:
+
+    s|secret - Generates secret string
+    e|encrypt - Does data encryption of any string data
+    d|decrypt - Does data decryption from hashed data.
+
+    NOTE: You have to use permanent secret to decryption data.
+          Tokinifier generates dafult secret each execution time.
+
+Examples:
+
+     tokenifier encrypt "CUSTOM DATA"
+     tokenifier decrypt "CUSTOM DATA"
+
+     tokenifier --secret MYSECRET e "CUSTOM DATA"
+     tokenifier --secret MYSECRET d "ENCRYPTED DATA"

data/Rakefile

@@ -0,0 +1,11 @@
+require 'rubygems'
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new do |r|
+  r.pattern = "spec/**/*_spec.rb"
+  r.rspec_opts = '-fs -c'
+end

data/bin/tokenifier

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+require 'tokenifier'
+require 'tokenifier/cli'
+
+Tokenifier::Cli.run

data/lib/generators/tokenifier/install/USAGE

@@ -0,0 +1,11 @@
+Description:
+    Sets up Tokenifier in your Rails project. After running this generator you will
+    get a new config/tokenifier.yml file with newly generated secrets.
+
+    If you want to share tokens between applications use same secret strings
+    in proper environment.
+
+Examples:
+    `rails generate tokenifier:install`
+
+    `rails generate tokenifier:install --help`

data/lib/generators/tokenifier/install/install_generator.rb

@@ -0,0 +1,22 @@
+require 'rbconfig'
+
+module Tokenifier
+  class InstallGenerator < ::Rails::Generators::Base
+    source_root File.expand_path("../templates", __FILE__)
+
+    def create_templates
+      template 'config/tokenifier.yml.erb', 'config/tokenifier.yml'
+    end
+
+    protected
+
+    def embed_file(source, indent='')
+      IO.read(File.join(self.class.source_root, source)).gsub(/^/, indent)
+    end
+
+    def embed_template(source, indent='')
+      template = File.join(self.class.source_root, source)
+      ERB.new(IO.read(template), nil, '-').result(binding).gsub(/^/, indent)
+    end
+  end
+end

data/lib/generators/tokenifier/install/templates/config/tokenifier.yml.erb

@@ -0,0 +1,8 @@
+production:
+  secret: <%= Tokenifier::Random.secret %>
+
+development:
+  secret: <%= Tokenifier::Random.secret %>
+
+test:
+  secret: <%= Tokenifier::Random.secret %>

data/lib/tokenifier/cipher.rb

@@ -0,0 +1,14 @@
+module Tokenifier
+  module Cipher
+
+    def secret
+      @secret ||= Tokenifier::Rails.secret || Tokenifier::Random.secret
+    end
+
+    def cipher(*args, &block)
+      aes = Gibberish::AES.new(args.first || secret)
+      block_given? ? yield(aes) : aes
+    end
+
+  end
+end

data/lib/tokenifier/cli.rb

@@ -0,0 +1,79 @@
+require 'optparse'
+
+module Tokenifier
+  module Cli
+    extend self
+
+    def options
+      @options ||= {}
+    end
+
+    def optparse
+      OptionParser.new do |opts|
+        opts.banner =<<-USAGE
+
+Usage:
+
+        tokenifier [options] COMMAND 'custom string'
+
+Commands:
+
+        s|secret - Generates secret string
+        e|encrypt - Does data encryption of any string data
+        d|decrypt - Does data decryption from hashed data.
+
+        NOTE: You have to use permanent secret to decryption data.
+              Tokinifier generates dafult secret each execution time.
+
+Examples:
+
+        tokenifier encrypt "CUSTOM DATA"
+        tokenifier decrypt "CUSTOM DATA"
+
+        tokenifier --secret MYSECRET e "CUSTOM DATA"
+        tokenifier --secret MYSECRET d "ENCRYPTED DATA"
+
+
+USAGE
+
+        opts.on('-s', '--secret SECRET', 'Using custom secret phrase') do |secret|
+          options[:secret] = secret
+        end
+
+        opts.on('-h', '--help', 'Display this screen') do
+          puts opts
+          exit
+        end
+      end
+    end
+
+    def run
+      optparse.parse!
+
+      begin
+        case ARGV.first
+          when /^e/
+            if options[:secret].nil?
+              options[:secret] = Tokenifier::Random.secret
+              puts "SECRET: #{options[:secret]}"
+            end
+
+            puts Tokenifier.encrypt(ARGV.last, options)
+          when /^d/
+            puts Tokenifier.decrypt(ARGV.last, options)
+          when /^s/
+            puts Tokenifier::Random.secret
+          else
+            puts optparse.help
+            exit
+        end
+      rescue Tokenifier::Error => e
+        puts "ERROR: Token processing error."
+        puts optparse.help
+        exit
+      end
+
+    end
+
+  end
+end

data/lib/tokenifier/decrypt.rb

@@ -0,0 +1,30 @@
+module Tokenifier
+  module Decrypt
+
+    # data marshaling differs depending to ruby version
+    # so its better to pack hash into string accoring to some rule
+    def unpack_string(data)
+      case data
+        when /[\:(\#)?]/
+          hsh = data.split('#').map {|s| s.split(':')}.inject({}) {|c, (k, v)| c.merge({k => v})}
+          hsh.respond_to?(:with_indifferent_access) ? hsh.with_indifferent_access : hsh
+        else
+          data
+      end
+    end
+
+    def decrypt(token, options = {})
+
+      raise Error, "Encrypted data should be a String" unless token.is_a?(String)
+      raise Error, "Got an incomlete encrypted string" if token.size < 12
+
+      cipher(options[:secret]) do |c|
+        unpack_string(c.dec(token))
+      end
+
+    rescue OpenSSL::Cipher::CipherError => e
+      raise Error, "Got a malformed string"
+    end
+
+  end
+end

data/lib/tokenifier/encrypt.rb

@@ -0,0 +1,22 @@
+module Tokenifier
+  module Encrypt
+
+    # data marshaling differs depending to ruby version
+    # so its better to pack hash into string accoring to some rule
+    def pack_hash(hsh)
+      hsh.map { |v| v.join(':') }.join('#')
+    end
+
+    def encrypt(data, options = {})
+
+      raise Tokenifier::Error, "DATA should not be nil" if data.nil?
+      raise Tokenifier::Error, "DATA should not be empty" if data.respond_to?(:empty?) && data.empty?
+
+      cipher(options[:secret]) do |c|
+        c.enc(data.is_a?(Hash) ? pack_hash(data) : data.to_s)
+      end
+
+    end
+
+  end
+end

data/lib/tokenifier/error.rb

@@ -0,0 +1,3 @@
+module Tokenifier
+  class Error < StandardError; end
+end

data/lib/tokenifier/rails.rb

@@ -0,0 +1,18 @@
+if env_caller
+  require 'rails'
+  
+  Rails.logger.info "I am required in rails"
+
+  filename = File.expand_path(env_caller + "/../../config/tokenifier.yml")
+
+  if File.exists?(filename)
+    Rails.logger.info YAML::load(
+      ERB.new(
+        IO.read(filename)
+      ).result
+    )[Rails.env].inspect
+  else
+    Rails.logger.info "Config file not found"
+  end
+
+end

data/lib/tokenifier/random.rb

@@ -0,0 +1,7 @@
+module Tokenifier
+  class Random
+    def self.secret
+      Gibberish::SHA256 [Time.now, rand(999999) + 100000].map(&:to_s).join
+    end
+  end
+end

data/lib/tokenifier/version.rb

@@ -0,0 +1,3 @@
+module Tokenifier
+  VERSION = '0.0.1'
+end

data/lib/tokenifier.rb

@@ -0,0 +1,13 @@
+require 'gibberish'
+require 'tokenifier/error'
+require 'tokenifier/random'
+require 'tokenifier/rails'
+require 'tokenifier/cipher'
+require 'tokenifier/encrypt'
+require 'tokenifier/decrypt'
+
+module Tokenifier
+  extend Cipher
+  extend Encrypt
+  extend Decrypt
+end

data/spec/cipher_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe Tokenifier::Cipher do
+
+  subject { Class.new.extend(described_class) }
+
+  describe ".cipher" do
+
+    context "calling method" do
+      specify { subject.cipher.should be_a(Gibberish::AES) }
+      specify { subject.cipher.cipher.should be_a(OpenSSL::Cipher::Cipher) }
+    end
+
+    context "passing block" do
+      specify { subject.cipher { |c| c.should_not be_nil } }
+      specify { subject.cipher { |c| c.should be_a(Gibberish::AES) } }
+      specify { subject.cipher { |c| c.cipher.should be_a(OpenSSL::Cipher::Cipher) } }
+    end
+
+    context "using encryption" do
+      let(:cipher) { subject.cipher }
+      specify { cipher.enc("string").should_not be_empty }
+      specify { cipher.dec(cipher.enc("string")).should == "string" }
+    end
+
+    context "custom secret" do
+
+      context "default secret" do
+        let(:first_call) { subject.cipher.password }
+        let(:second_call) { subject.cipher.password }
+
+        specify { first_call.should == second_call }
+        specify { second_call.should == first_call }
+      end
+
+      context "custom secret" do
+        let(:first_call) { subject.cipher("CUSTOM SECRET").password }
+        let(:second_call) { subject.cipher("CUSTOM SECRET").password }
+        let(:default) { subject.cipher.password }
+
+        specify { default.should_not == second_call }
+        specify { first_call.should == second_call }
+        specify { second_call.should == first_call }
+        specify { second_call.should == "CUSTOM SECRET" }
+      end
+
+    end
+
+  end
+
+end

data/spec/decrypt_spec.rb

@@ -0,0 +1,71 @@
+require 'spec_helper'
+
+describe Tokenifier::Decrypt do
+
+  subject { Class.new.extend(described_class) }
+
+  describe ".unpack_string" do
+
+    let(:unpacked) { subject.unpack_string(data) }
+
+    context "empty string" do
+      let(:data) { "" }
+      specify { unpacked.should == "" }
+    end
+
+    context "contains numeric value or string" do
+      let(:data) { "12345" }
+      specify { unpacked.should == "12345" }
+    end
+
+    context "contans packed hash" do
+      let(:data) { "a:1234567#d:d f#c:1.2.3" }
+      specify { unpacked.should == { "a" => "1234567", "c" => "1.2.3", "d" => "d f" } }
+    end
+
+    context "with_indifferent_access" do
+      let(:data) { "a:1234567#d:d f#c:1.2.3" }
+      let(:active_supported_hash) { mock(:active_supported_hash, :with_indifferent_access => "active_supported_hash") }
+      before { data.stub_chain(:split, :map, :inject).and_return(active_supported_hash) }
+      specify { unpacked.should == "active_supported_hash" }
+    end
+
+  end
+
+  describe ".decrypt" do
+
+    let(:cipher) { Proc.new{|*args, &block| yield(*args) } }
+
+    context "exception handing" do
+      before {
+        cipher.stub(:dec).and_return("some output")
+        subject.stub(:cipher).and_yield(cipher)
+      }
+
+      specify { lambda { subject.decrypt(nil) }.should raise_error(Tokenifier::Error) }
+      specify { lambda { subject.decrypt("") }.should  raise_error(Tokenifier::Error) }
+
+    end
+
+    context "data types" do
+
+      before {
+        cipher.should_receive(:dec).and_return(data)
+        subject.should_receive(:cipher).and_yield(cipher)
+      }
+
+      context "String or Numeric" do
+        let(:data) { "123456789097" }
+        specify { subject.decrypt(data).should == "123456789097" }
+      end
+
+      context "Packed Hash" do
+        let(:data) { "a:123456789097#b:kjjdfr" }
+        specify { subject.decrypt(data).should == {"a" => "123456789097", "b" => "kjjdfr"} }
+      end
+
+    end
+
+  end
+
+end

data/spec/encrypt_spec.rb

@@ -0,0 +1,81 @@
+require 'spec_helper'
+
+describe Tokenifier::Encrypt do
+
+  subject { Class.new.extend(described_class) }
+
+  describe "#pack_hash" do
+
+    let(:packed) { subject.pack_hash(hsh) }
+
+    context "empty hash" do
+      let(:hsh) { {} }
+      let(:expected) { "" }
+      specify { packed.should == expected }
+    end
+
+    context "one key-value pair" do
+      let(:hsh) { {:a => 2} }
+      let(:expected) { "a:2" }
+      specify { packed.should == expected }
+    end
+
+    context "a few key-value pairs" do
+      let(:hsh) { {:a => 2, :b => 'string 123', :c => true} }
+      let(:expected) { "c:true#a:2#b:string 123" }
+      specify { packed.should == expected }
+    end
+
+    context "we are not supporting nested hashes yet due simplicity of solution" do
+      let(:hsh) { {:a => 2, :b => 'string 123', :sub => { :a => 33 } } }
+      let(:expected) { "sub:a33#a:2#b:string 123" }
+      specify { packed.should == expected }
+    end
+
+  end
+
+  describe ".encrypt" do
+
+    let(:cipher) { Proc.new{|*args, &block| yield(*args) } }
+
+    context "exception handing" do
+      before {
+        cipher.stub(:enc).and_return("some output")
+        subject.stub(:cipher).and_yield(cipher)
+      }
+
+      specify { lambda { subject.encrypt(nil) }.should raise_error(Tokenifier::Error) }
+      specify { lambda { subject.encrypt("") }.should  raise_error(Tokenifier::Error) }
+      specify { lambda { subject.encrypt({}) }.should  raise_error(Tokenifier::Error) }
+      specify { lambda { subject.encrypt(123) }.should_not  raise_error }
+      specify { lambda { subject.encrypt(1.1) }.should_not  raise_error }
+      specify { lambda { subject.encrypt("1") }.should_not  raise_error }
+      specify { lambda { subject.encrypt(:a => "1") }.should_not  raise_error }
+    end
+
+    context "data types" do
+
+      before {
+        subject.should_receive(:cipher).and_yield(cipher)
+      }
+
+      context "Numeric" do
+        before { cipher.should_receive(:enc).with("1").and_return("test output = 1") }
+        specify { subject.encrypt(1).should == "test output = 1" }
+      end
+
+      context "String" do
+        before { cipher.should_receive(:enc).with("value").and_return("test output = value") }
+        specify { subject.encrypt("value").should == "test output = value" }
+      end
+
+      context "Hash" do
+        before { cipher.should_receive(:enc).with("a:1234").and_return("test output = a:1234") }
+        specify { subject.encrypt(:a => 1234).should == "test output = a:1234" }
+      end
+
+    end
+
+  end
+
+end

data/spec/random_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+describe Tokenifier::Random do
+
+  subject { described_class }
+
+  describe ".secret" do
+    its(:secret) { should_not be_nil }
+    its(:secret) { should be_a(String) }
+    its(:secret) { should_not == "" }
+
+    context "uniqness" do
+      let(:first) { described_class.secret }
+      let(:second) { described_class.secret }
+
+      specify { first.should_not == second }
+      specify { second.should_not == first }
+    end
+
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1 @@
+require 'tokenifier'

data/spec/tekenifier_spec.rb

@@ -0,0 +1,32 @@
+require 'spec_helper'
+
+describe Tokenifier do
+
+  it { should respond_to(:encrypt) }
+  it { should respond_to(:decrypt) }
+
+  context "by default" do
+    let(:data) { "some custom string" }
+    let(:encrypted) { described_class.encrypt(data) }
+    let(:decrypted) { described_class.decrypt(encrypted) }
+    
+    specify { decrypted.should == data }
+    specify { data.should == decrypted }
+  end
+
+  context "custom secret" do
+    let(:data) { "some custom string" }
+    let(:secret) { "MY CUSTOM SECRET" }
+    let(:encrypted) { described_class.encrypt(data, :secret => secret) }
+    let(:decrypted) { described_class.decrypt(encrypted, :secret => secret) }
+
+    specify { lambda { described_class.decrypt(encrypted) }.should raise_error(Tokenifier::Error) }
+    specify { decrypted.should == data }
+    specify { data.should == decrypted }
+  end
+
+  context "rails support" do
+    
+  end
+
+end

data/tokenifier.gemspec

@@ -0,0 +1,19 @@
+require 'lib/tokenifier/version'
+
+Gem::Specification.new do |s|
+  s.name          = 'tokenifier'
+  s.version       = Tokenifier::VERSION
+  s.authors       = ['Dmtiry Larkin']
+  s.email         = ['dmitry.larkin@gmail.com']
+  s.homepage      = 'https://github.com/ludo/tokenifier'
+  s.summary       = 'Tokenifier Gem'
+  s.description   = 'Tokenifier is a Gibberish gem wrapper. It provides an aproach to encrypt and decrypt structures like Strings, Hashes.'
+
+  s.add_runtime_dependency 'gibberish', '~>1.2'
+  s.add_development_dependency 'rspec', '>= 2.6.0'
+
+  s.require_path  = 'lib'
+  s.files         = Dir['{lib,spec,rails_generators}/**/*', 'bin/tokenifier', "[a-zA-Z]*"]
+  s.test_files    = Dir['spec/**/*']
+  s.executables   = ['tokenifier']
+end

metadata

@@ -0,0 +1,122 @@
+--- !ruby/object:Gem::Specification 
+name: tokenifier
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Dmtiry Larkin
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-12-23 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: gibberish
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 11
+        segments: 
+        - 1
+        - 2
+        version: "1.2"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 23
+        segments: 
+        - 2
+        - 6
+        - 0
+        version: 2.6.0
+  type: :development
+  version_requirements: *id002
+description: Tokenifier is a Gibberish gem wrapper. It provides an aproach to encrypt and decrypt structures like Strings, Hashes.
+email: 
+- dmitry.larkin@gmail.com
+executables: 
+- tokenifier
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- lib/generators/tokenifier/install/install_generator.rb
+- lib/generators/tokenifier/install/templates/config/tokenifier.yml.erb
+- lib/generators/tokenifier/install/USAGE
+- lib/tokenifier/cipher.rb
+- lib/tokenifier/cli.rb
+- lib/tokenifier/decrypt.rb
+- lib/tokenifier/encrypt.rb
+- lib/tokenifier/error.rb
+- lib/tokenifier/rails.rb
+- lib/tokenifier/random.rb
+- lib/tokenifier/version.rb
+- lib/tokenifier.rb
+- spec/cipher_spec.rb
+- spec/decrypt_spec.rb
+- spec/encrypt_spec.rb
+- spec/random_spec.rb
+- spec/spec_helper.rb
+- spec/tekenifier_spec.rb
+- bin/tokenifier
+- Rakefile
+- README.md
+- tokenifier.gemspec
+homepage: https://github.com/ludo/tokenifier
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Tokenifier Gem
+test_files: 
+- spec/cipher_spec.rb
+- spec/decrypt_spec.rb
+- spec/encrypt_spec.rb
+- spec/random_spec.rb
+- spec/spec_helper.rb
+- spec/tekenifier_spec.rb