jmckible / lucifer

Rails plugin to transparently encrypt attributes — Read more

http://tuples.us/2008/06/17/the-prince-of-darkness-and-database-encryption/

This URL has Read+Write access

Rails.root is a PathName in Rails 2.3, so update loading of the key file 
path accordingly.

jmckible (author)

Tue Feb 17 13:05:38 -0800 2009

commit 20d7f476a1fae56ef85cb357c04cf410b9ca2ea5
tree 958243f59c4f1484ea572cf3fc17cb00c47c33d3
parent bb3e598c8f156d088c0a8c8efe0144a4507d8c85

lucifer / README.rdoc

100644 57 lines (36 sloc) 1.47 kb

raw blame history

lucifer

Lucifer is Rails plugin which utilizes the ezcrypto gem to encrypt/decrypt database columns transparently.

Why is it called Lucifer? en.wikipedia.org/wiki/Lucifer_(cipher)

Installation

  ./script/plugin install git://github.com/jmckible/lucifer.git

Lucifer looks for a key and salt in config/key.yml. See key.yml.example

Usage

Add Lucifer to a class like so:

  class Person < ActiveRecord::Base
    # Database columns - id(integer), ssn_b(binary)
    encrypt_attributes
  end

Lucifer will treat any binary column that ends in _b as encryptable.

  person = Person.new :ssn=>'000-00-0000'
  => Person...
  person.save
  => true
  Person.first.ssn
  => '000-00-0000'

If you check out the database, you’ll see

  > select * from people;
   ---------------------------------
  | id         | ssn_b              |
   ----------------------------------
  | 1          | U??6?7f%25(?????   |
   ---------------------------------

Configuration

You can customize Lucifer by passing options like so:

  class Person < ActiveRecord::Base
    encrypt_attributes :suffix=>'_encrypted', :key_file=>'lucifer.yml'
  end

:suffix - You can override the _b selector with this option
:key_file - If you’d like to use a different file in your config/ directory, pass the name here

Author

Lucifer was created by Jordan McKible jordan.mckible.com
Available on GitHub at github.com/jmckible/lucifer/tree/master