@@ -1,15 +1,35 @@ +require 'openssl' +require 'Base64' + class Rudolph class Crypt - def initialize key - @key = key + def initialize data_path + @data_path = data_path + @private = get_key 'id_rsa' + @public = get_key 'id_rsa.pub' end - + def encrypt_string message - message + Base64::encode64(@public.public_encrypt(message)).rstrip end - + def decrypt_string message - message + @private.private_decrypt Base64::decode64(message) + end + + def self.generate_keys data_path + rsa_path = File.join(data_path, 'rsa') + privkey = File.join(rsa_path, 'id_rsa') + pubkey = File.join(rsa_path, 'id_rsa.pub') + keypair = OpenSSL::PKey::RSA.generate(1024) + Dir.mkdir(rsa_path) unless File.exist?(rsa_path) + File.open(privkey, 'w') { |f| f.write keypair.to_pem } unless File.exists? privkey + File.open(pubkey, 'w') { |f| f.write keypair.public_key.to_pem } unless File.exists? pubkey + end + + private + def get_key filename + OpenSSL::PKey::RSA.new File.read(File.join(@data_path, 'rsa', filename)) end end end \ No newline at end of file src/rudolph/crypt.rb @@ -1,18 +1,19 @@ -require 'sqlite3' +require 'yaml' class Rudolph class Datastore def initialize - @db = SQLite3::Database.new File.join(data_path, "data.db") + @path = File.join(data_path, "data.yml") end def get_credentials - @db.execute("select user, password from #{Rudolph::SQL_TABLE}").first.map { |u,p| [u,cipher.decrypt_string(p)]} + YAML::load_file(@path).tap { |a| a[1] = cipher.decrypt_string a[1] } end - def insert username, password, first_time - @db.execute "create table #{Rudolph::SQL_TABLE}(user varchar(256), password varchar(256))" if first_time - @db.execute "insert into rudolph(user, password) values (?, ?)", username, cipher.encrypt_string(password) + def store_credentials username, password, first_time + Rudolph::Crypt.generate_keys(data_path) if first_time + puts "#{cipher.encrypt_string(password)}******#{password}" + File.open(@path, 'w') { |f| YAML::dump([username, cipher.encrypt_string(password)], f) } end def data_path @@ -22,7 +23,7 @@ class Rudolph end def cipher - @cipher||=Rudolph::Crypt.new(Digest::SHA1.hexdigest(data_path)) + @cipher||=Rudolph::Crypt.new data_path end end src/rudolph/datastore.rb @@ -17,7 +17,7 @@ Shoes.app :title => Rudolph::SYS_USR, :width => Rudolph::APP_WIDTH, render_update Rudolph::SYS_USR, Rudolph.message(:invalid_login_pass) ask_credentials first_time else - @dstore.insert @username, @password, first_time + @dstore.store_credentials @username, @password, first_time end end src/twitter.rb b8821fedf3e8ad0433cd844b4406666e54ea453b Nuno Job dscape@dscape-2.local http://github.com/dscape/rudolph/commit/c3545b22add23d42cd363cfda230b321f8a2efc1 c3545b22add23d42cd363cfda230b321f8a2efc1 2008-12-07T21:03:16-08:00 2008-12-07T21:03:16-08:00 Added RSA encryptation to prevent an even easier password theft b088a53419930fa30a5df5be36cd8c23d062dab8 Nuno Job dscape@dscape-2.local