yattr_encrypted 0.1.1

data/Gemfile

@@ -0,0 +1,7 @@
+source 'http://rubygems.org'
+
+gem 'rake'
+gem 'pry'
+gem 'minitest'
+gem 'activerecord'
+gem 'mocha'

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 Sean Huber - shuber@huberry.com
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.mdown

@@ -0,0 +1,149 @@
+# YattrEncrypted #
+
+Version: 0.1.0  (but you should check lib/yattr_encrypted/version.rb to be sure)
+
+## Applicability ##
+
+This code has been tested
+
+* using ruby 1.9.2-p290
+* stand alone
+* Rails 3.1.4
+
+## Description ##
+
+This is based on code stolen from *yattr_encrypted* and *encryptor* - both by
+github.com/shuber - and both very fine gems.
+
+So why another dumb attribute encryptor gem?
+
+shuber's gems don't do what I want and they appear to be dormant.
+
+The primary difference between **shuber**'s gems and this one is a matter of
+flexibility and simplicity. **yattr_encrypted** is simple, easy to use and
+(should be) pretty secure. This comes at the expense of *flexibility*.
+
+In **yattr_encrypted** you do not have a choice of algorithm, encoding, additional
+encrypt/decrypt methods, conditional encryption, or underlying data mapper.
+You also have to use Rails 3.1+.
+
+In more detail, here is where they differ:
+
+**yattr_encrypted** does not support:
+
+* DataMapper
+* Sequel
+* ActiveRecord find_by*** methods for encrypted fields
+* alternate encryption methods
+* alternate encryption algorithms
+* String#encrypt, #encrypt!, #decrypt, and #decrypt!
+* most of the options **yattr_encrypted** supports
+* conditional encrypting - **yattr_encrypted** supports conditionally encrypting
+fields based on some logic. I don't have a use case for this, so **yattr_encrypted**
+does not support it.
+
+**yattr_encrypted** is also self contained - only relies on the *openssl* (part
+of the Ruby Standard Library), whereas the *shuber* gem depends on *encryptor*.
+
+What **yattr_encrypted** *does* support:
+
+* **yattr_encrypted** ONLY works with ActiveRecord
+* random initial values for each encrypted attribute. This is done by creating a
+random *iv* and including it in the encrypted data. See *openssl* documentation
+for details [OpenSSL::Cipher]
+* detects when fields are modified by actions other than assignment. This supports
+encrypting complex types - such as hashes and arrays. This is implemented by adding
+*save* and *save!* methods to models
+* Rails 3.1 & Rails 3.2 - doesn't pretend to support anything lower (but it might work)
+
+
+## Installation ##
+
+Either
+
+    gem install yattr_encrypted
+
+Or add to your Gemfile
+
+    gem yattr_encrypted
+
+## Usage ##
+
+Name each field you want to encrypt in the `yattr_encrypted` macro.
+
+For example, assume that you want to encrypt a field named `foo`. Then create
+a field in your *migration* named `foo_encrypted`.
+
+    class Foo < ActiveRecord::Base
+      yattr_encrypted :foo
+    end
+
+This will add accessor methods `foo` and `foo=` to your model. You do not use the
+actual `foo_encrypted` field directly.
+
+NOTE: `foo` is not useable for search. If you want to search on encrypted fields,
+use **attr\_encrypted**. **yattr\_encrypted** does not create searchable fields because
+it automatically generates random initial values so it is not possible to generate
+matching encrypted values without retrieving the encrypted data.
+
+### Options ###
+
+The encrypted field name defaults to `<field>_encrypted`. You can change this on
+a field by field basis using the `:prefix` and `:suffix`  - which define strings
+which are prefixed and suffixed to the field name to create the encrypted field name.
+They default to:
+
+    :prefix = ''
+    :suffix = '_encrypted'
+
+Notice that the underscore ('_') must be included in `:prefix` and `:suffix`, if you
+want them.
+
+### Encryption keys
+
+The default encryption key is the value of `<application>::Application.config.secret_token`
+which is in `config/initializers/secret_token.rb`.
+
+If you want to use some other key - on a field by field basis,
+you can specify the key on a field by field basis using the `:key` option.
+
+NOTE: all encryption uses `ase-256-cbc` with random initial values. For some reason this
+triggers a key length check in **openssl** which raises an exception if your key is
+too short. I don't know what the required key length is, but `secrete_token` is long enough
+and 'this is a very long secret key' is not.
+
+If you supply your own key, it can be a String or a Proc which returns a String.
+
+### Initial Values ###
+
+As stated everywhere - random initial values are automatically generated for all fields.
+They are prepended to the actual encrypted data and stripped during decryption. You can't
+override this, nor can you provide your own initial values.
+
+### Encryption Method ###
+
+**yattr\_encrypted** only uses `aes-256-cbc`. If you want variety, use **attr\_encrypted**, which
+supports the entire gamete supplied by **openssl**
+
+### Encoding of Encrypted Data and Database Compatibility ###
+
+All data saved in the database is `base64` encode. All fields are further
+serialized as JSON objects. This is to avoid dealing with any database idiodicy
+and to transparently handle complex data types being used in database fields [such as
+Hashes and Arrays].
+
+The encoding algorithm for a field is:
+
+    field_jsonified = ActiveSupprt::JSON.encode field
+    iv = lambda { (0..16).map { |x| rand(256).chr }.join() }.call
+    encrypted_data = YattrEncrypted.encrypt field_jsonified, iv
+    field_encrypted = ActiveSupport::Base64.encode64 ("%04d" % iv.length) + iv + encrypted_data
+    
+The decoding algorithm is:
+
+    field_decoded = ActiveSupport::Base64::decode64 field_encrypted
+    len = field_decoded[0..3].to_i + 1
+    iv = field_decoded[4..(len)]
+    encrypted_data = field_decoded[(len+1)..-1]
+    field_jsonified = YattrEncrypted.decrypt encrypted_data, iv
+    field = ActiveSupprt::JSON.decode field_jsonified

data/Rakefile

@@ -0,0 +1,38 @@
+require 'rake'
+# require 'rake/testtask'
+# require 'rdoc/task'
+
+desc 'Default: run unit tests.'
+task :default => :test
+
+desc 'Test the yattr_encrypted gem.'
+task :test do
+  if ENV['TEST']
+    system "ruby #{ENV['TEST']}"
+  else
+    system "ruby test/*_test.rb"
+  end
+end
+# Rake::TestTask.new(:test) do |t|
+#   t.libs << 'lib'
+#   # t.pattern = 'test/**/*_test.rb'
+#   t.pattern = ENV['TEST'] ? ENV['TEST'] : 'test/**/*_test.rb'
+#   t.verbose = true
+# end
+
+desc 'Build Gem'
+task 'gem' do
+  system 'gem build yattr_encrypted.gemspec'
+end
+
+desc 'Generate documentation for the yattr_encrypted gem.'
+task 'rdoc' do
+  system 'rdoc README.rdoc lib/'
+end
+# RDoc::Task.new do |rdoc|
+#     rdoc.rdoc_dir = 'rdoc'
+#     rdoc.title    = 'yattr_encrypted'
+#     rdoc.options << '--line-numbers' << '--inline-source'
+#     rdoc.rdoc_files.include('README*')
+#     rdoc.rdoc_files.include('lib/**/*.rb')
+# end

data/lib/yattr_encrypted/railtie.rb

@@ -0,0 +1,11 @@
+module YattrEncrypted
+  class Railtie < Rails::Railtie
+    initializer "active_record.initialize_yattr_encrypted" do
+      ActiveSupport.on_load(:active_record) do
+        class ActiveRecord::Base
+          include YattrEncrypted
+        end
+      end
+    end
+  end
+end

data/lib/yattr_encrypted/version.rb

@@ -0,0 +1,3 @@
+module YattrEncrypted
+  VERSION = '0.1.1'
+end

data/lib/yattr_encrypted.rb

@@ -0,0 +1,261 @@
+require 'openssl'
+require 'active_support'
+require 'base64'
+require 'yattr_encrypted/railtie' if defined?(Rails)
+require 'yattr_encrypted/version'
+
+# how to use
+#
+#   class Foo < ActiveRecord::Base
+#     yattr_encrypted :foo, :bar
+#   end
+
+# Adds attr_accessors that encrypt and decrypt an object's attributes
+module YattrEncrypted
+    
+  ALGORITHM = 'aes-256-cbc'
+
+  # Generates attr_accessors that encrypt and decrypt attributes transparently
+  #
+  # Options (any other options you specify are passed to the
+  # encryptor's encrypt and decrypt methods)
+  #
+  #   :prefix A prefix used to generate the name of the referenced
+  #            encrypted attributes.  For example <tt>attr_accessor
+  #            :email, :password, :prefix => 'crypted_'</tt> would
+  #            generate attributes named 'crypted_email' and
+  #            'crypted_password' to store the encrypted email and
+  #            password.  Defaults to ''.
+  #
+  #   :suffix A suffix used to generate the name of the referenced
+  #            encrypted attributes.  For example <tt>attr_accessor
+  #            :email, :password, :prefix => '', :suffix =>
+  #            '_encrypted'</tt> would generate attributes named
+  #            'email_encrypted' and 'password_encrypted' to store the
+  #            encrypted email.  Defaults to '_encrypted'.
+  #
+  #   :key     The encryption key. Not generally required.
+  #            Defaults to Rails.application.config.secret_token
+  #
+  # Example
+  #
+  #   class User
+  #     yattr_encrypted :email
+  #   end
+  #
+  #   @user = User.new
+  #   @user.encrypted_email # nil? is true
+  #   @user.email? # false
+  #   @user.email = 'test@example.com'
+  #   @user.email? # true
+  #   @user.encrypted_email # returns the encrypted version of 'test@example.com'
+  #
+
+  def self.included(base)
+    class << base
+      attr_accessor :yate_encrypted_attributes
+
+      def yattr_encrypted(*attributes)
+        # construct options
+        options = {
+          :prefix           => '',
+          :suffix           => '_encrypted',
+          :key              => defined?(::Rails) ? ::Rails.application.config.secret_token : nil,
+        }
+        # merge specific options
+        options.merge!(attributes.pop) if Hash === attributes.last
+
+        # tell self to define instance methods from the database if they have not already been generated
+        define_attribute_methods unless attribute_methods_generated?
+
+        # collect existing instance methods
+        instance_methods_as_symbols = instance_methods.map { |method| method.to_sym }
+
+        # iterate through attributes
+        attributes.map { |x| x.to_sym }.each do |attribute|
+          encrypted_attribute_name = [options[:prefix], attribute, options[:suffix]].join.to_sym
+
+          # barf if reader and write doesn't exist for encrypted attribute
+          raise ArgumentError.new("No Reader method for encrypted version of #{attribute}: #{encrypted_attribute_name}") \
+              unless instance_methods_as_symbols.include?(encrypted_attribute_name)
+          raise ArgumentError.new("No Write method for encrypted version of #{attribute}: #{encrypted_attribute_name}") \
+              unless instance_methods_as_symbols.include?(:"#{encrypted_attribute_name}=")
+
+          tmp =<<-XXX
+          puts "defining #{attribute}"
+          def #{attribute}
+            unless @#{attribute} && !@#{attribute}.empty?
+              options = yate_encrypted_attributes[:#{attribute}]
+              @#{attribute} = #{encrypted_attribute_name} ? \
+                  yate_decrypt(#{encrypted_attribute_name}, options[:key]) : \
+                  ''
+              self.yate_checksums[:#{attribute}] = yate_field_hash_value(:#{attribute})
+              self.yate_dirty[:#{attribute}] = true
+            end
+            @#{attribute}
+          end
+          XXX
+          class_eval(tmp)
+
+          tmp =<<-XXX
+          puts "self: #{self}"
+          def #{attribute}= value
+            @#{attribute} = value
+            options = yate_encrypted_attributes[:#{attribute}]
+            self.#{encrypted_attribute_name} = yate_encrypt(value, options[:key])
+            self.yate_checksums[:#{attribute}] = yate_field_hash_value(:#{attribute})
+            self.yate_dirty[:#{attribute}] = true
+          end
+          XXX
+          class_eval(tmp)
+
+          define_method("#{attribute}?") do
+            value = send(attribute)
+            value.respond_to?(:empty?) ? !value.empty? : !!value
+          end
+
+          self.yate_encrypted_attributes ||= {}
+
+          self.yate_encrypted_attributes[attribute.to_sym] = \
+              options.merge(:attribute => encrypted_attribute_name)
+        end
+      end
+    end
+  end
+  
+  # Checks if an attribute is configured with <tt>yattr_encrypted</tt>
+  def yattr_encrypted?(attribute)
+    self.class.yate_encrypted_attributes.has_key?(attribute.to_sym)
+  end
+
+  def save *args
+    yate_update_encrypted_values
+    super
+  end
+  
+  def save! *args
+    yate_update_encrypted_values
+    super
+  end
+  
+  def update_attribute attribute, value
+    if (options = yate_encrypted_attributes[attribute])
+      self.send "#{attribute}=".to_sym, value
+      update_attribute options[:attribute], self.send(options[:attribute]) if yate_field_changed? attribute
+    else
+      super
+    end
+  end
+
+  def update_attributes params, options = {}
+    tmp = {}
+    params.keys.each do |attribute|
+      if (options = yate_encrypted_attributes[attribute])
+        self.send "#{attribute}=", params[attribute]
+        tmp[options[:attribute]] = self.send options[:attribute]
+      else
+        tmp[attribute] = params[attribute]
+      end
+    end
+    params = tmp
+    super
+  end
+
+  # protected methods - nobody needs to use these outside of the model
+  protected
+  
+  def yate_checksums
+    @yate_checksums ||= {}
+  end
+
+  def yate_dirty
+    @yate_dirty ||= {}
+  end
+
+  def yate_encrypted_attributes
+    self.class.yate_encrypted_attributes
+  end
+
+  private
+
+  # yate_encrypt(value, key)
+  #
+  def yate_encrypt(value, key)
+    cipher = OpenSSL::Cipher.new(ALGORITHM)
+    cipher.encrypt
+    cipher.key = key
+    iv = cipher.random_iv
+    
+    # jsonify data
+    value_marshalled = Marshal.dump value
+
+    # encrypt data
+    result = cipher.update value_marshalled
+    result << cipher.final
+
+    # return encrypted data and iv
+    Base64.encode64(("%04d" % iv.length) + iv + result)
+  end
+
+  # yate_decrypt(encrypted_value, key)
+  def yate_decrypt(marshalled_value, key)
+    # initialize decryptor
+    cipher = OpenSSL::Cipher.new(ALGORITHM)
+    cipher.decrypt
+    cipher.key = key
+    
+    # extract encrypted_value
+    encrypted_value = Base64.decode64 marshalled_value
+
+    # extract and set iv
+    iv_end = encrypted_value[0..3].to_i + 3
+    cipher.iv = encrypted_value[4..(iv_end)]
+    encrypted_value = encrypted_value[(iv_end+1)..-1]
+
+    # derypte and return
+    result = cipher.update(encrypted_value)
+    result << cipher.final
+    
+    Marshal.load result
+  end
+
+  # support for fields which are not atomic values
+  def yate_field_hash_value(attribute)
+    attribute = attribute.to_s if Symbol === attribute
+    OpenSSL::HMAC.digest('md5', 'ersatz key', Marshal.dump(self.instance_variable_get("@#{attribute}")))
+  end
+
+  def yate_field_changed?(attribute)
+    attribute = attribute.to_sym unless Symbol === attribute
+    yate_field_hash_value(attribute) != self.yate_checksums[attribute] || self.yate_dirty[attribute]
+  end
+  
+  def yate_update_encrypted_values
+    yate_encrypted_attributes.each do |attribute, options|
+      if yate_field_changed?(attribute)
+        self.send "#{options[:attribute]}=".to_sym, yate_encrypt(self.send(attribute), options[:key])
+        yate_dirty.delete(attribute)
+      end
+    end
+  end
+
+  # protected
+  # 
+  # # Returns yattr_encrypted options evaluated in the current object's scope for the attribute specified
+  # def yate_evaluated_options_for(attribute)
+  #   self.class.encrypted_attributes[attribute.to_sym].inject({}) do |hash, (option, value)|
+  #     hash.merge!(option => yate_evaluate_option(value))
+  #   end
+  # end
+  # 
+  # # Evaluates symbol (method reference) or proc (responds to call) options
+  # #
+  # # If the option is not a proc then the original option is returned
+  # def yate_evaluate_option(option)
+  #   if option.respond_to?(:call)
+  #     option.call(self)
+  #   else
+  #     option
+  #   end
+  # end
+end

data/test/test_helper.rb

@@ -0,0 +1,8 @@
+require 'pry'
+require 'minitest/autorun'
+require 'digest/sha2'
+require 'rubygems'
+
+$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$:.unshift(File.dirname(__FILE__))
+require 'yattr_encrypted'

data/test/yattr_encrypted_test.rb

@@ -0,0 +1,66 @@
+require File.expand_path('../test_helper', __FILE__)
+
+# require 'active_record'
+require 'yattr_encrypted'
+
+module ActiveRecord
+  class Base
+    include YattrEncrypted
+
+    def self.attribute_methods_generated?
+      true
+    end
+
+    def save
+      true
+    end
+    
+    def save!
+      true
+    end
+    
+    def update_attribute attribute, value
+      true
+    end
+    
+    def update_attributes attribute_hash, options
+      true
+    end
+  end
+end
+
+class SomeClass < ActiveRecord::Base
+  attr_accessor :field_encrypted
+  yattr_encrypted :field, :key => 'a honkin big key: honk honk honk honk honk'
+end
+
+class TestYattrEncrypted < MiniTest::Unit::TestCase
+  def setup
+    @sc = SomeClass.new
+  end
+  
+  def test_yattr_encrypted_should_create_accessors
+    assert @sc.respond_to?(:field), "a SomeClass instance should respond to :field"
+    assert @sc.respond_to?(:field=), "a SomeClass instance should respond to :field="
+    assert @sc.respond_to?(:field?), "a SomeClass instance should respond to :field?"
+    assert @sc.respond_to?(:yate_encrypted_attributes), "a SomeClass instance should respond to :yate_encrypted_attributes"
+  end
+  
+  def test_assigning_field_should_assign_field_encrypted
+    assert_nil @sc.field_encrypted, "field_encrypted should be nil prior to assignment to field"
+    @sc.field = 'a field value'
+    refute_nil @sc.field_encrypted, "field_encrypted should not be nil"
+    assert_equal 'a field value', @sc.field, "@sc.field should match input"
+    options = @sc.send(:yate_encrypted_attributes)[:field]
+    assert_equal 'a field value', @sc.send(:yate_decrypt, @sc.field_encrypted, options[:key]), \
+      "decrypting @sc.field_encrypted should match input"
+  end
+  
+  def test_save_should_update_encrypted
+    @sc.field = { key: 'value' }
+    @sc.save
+    options = @sc.send(:yate_encrypted_attributes)[:field]
+    decrypted = @sc.send(:yate_decrypt, @sc.field_encrypted, options[:key])
+    assert_equal( { key: 'value' }, decrypted, "decrypt @sc.field_encrypted should be correct")
+  end
+end

metadata

@@ -0,0 +1,74 @@
+--- !ruby/object:Gem::Specification
+name: yattr_encrypted
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+  prerelease: 
+platform: ruby
+authors:
+- Mike Howard
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-03-18 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: &2151816860 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2151816860
+description: Generates yattr_accessors that encrypt and decrypt attributes transparently.
+  Based on attr_encrypted by Sean Huber [https://github.com/shuber]
+email: mike@clove.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/yattr_encrypted/railtie.rb
+- lib/yattr_encrypted/version.rb
+- lib/yattr_encrypted.rb
+- MIT-LICENSE
+- Rakefile
+- README.mdown
+- Gemfile
+- test/test_helper.rb
+- test/yattr_encrypted_test.rb
+homepage: http://github.mikhoward/yattr_encrypted
+licenses: []
+post_install_message: 
+rdoc_options:
+- --line-numbers
+- --inline-source
+- --main
+- README.mdown
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3522761952983170560
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.6
+signing_key: 
+specification_version: 3
+summary: Encrypt and decrypt attributes
+test_files:
+- test/test_helper.rb
+- test/yattr_encrypted_test.rb