spikex / strongbox

Secures ActiveRecord attributes with public key encryption — Read more

Sort by: Priority | Votes | Last Updated

Loading…

4.

0 votes

if private key has no passphrase, the decrypted data can't be accessed
1 comment Created 25 days ago by rjharmon

Title

Body
It looks like you're asking if the passphrase is blank? instead of nil - if the secret key is not encrypted (being secured through other means), then the data can't be recovered with the current version of your code :) Fortunately, it's an easy fix.
or cancel

It looks like you're asking if the passphrase is blank? instead of nil - if the secret key is not encrypted (being secured through other means), then the data can't be recovered with the current version of your code :)

Fortunately, it's an easy fix.

Comments

spikex Mon Dec 14 10:39:02 -0800 2009 | link

I've updated the code to support an unencrypted private key by setting the password to an empty string. Grab version 0.3.0.

I'm not sure I like using a blank password to imply an unencrypted key, so I may rework this in the future.

As part of this change I make it possible to also pass the keys as a string or a OpenSSL::PKey::RSA object, in addition to a file path.

Comment
I've updated the code to support an unencrypted private key by setting the password to an empty string. Grab version 0.3.0. I'm not sure I like using a blank password to imply an unencrypted key, so I may rework this in the future. As part of this change I make it possible to also pass the keys as a string or a OpenSSL::PKey::RSA object, in addition to a file path.
or cancel

Parsed with GitHub Flavored Markdown
3.

0 votes

OpenSSL::PKey::RSAError: padding check failed
1 comment Created 27 days ago by rjharmon

Title

Body
Docs are a bit unclear on this one. The data that can be encrypted with asymmetric-only is limited to the size of the key minus 11 bytes. Particularly: 1. 2048 bits equals 256 bytes 2. 245 bytes is the limit of the INCOMING data 3. The encrypted data will be longer than the key, and won't fit into a 255 byte column I understand that "a string field is unlikely to be able to store the result"... but more detail would be clearer. Thanks!
or cancel
Docs are a bit unclear on this one. The data that can be encrypted with asymmetric-only is limited to the size of the key minus 11 bytes. Particularly:
1. 2048 bits equals 256 bytes
2. 245 bytes is the limit of the INCOMING data
3. The encrypted data will be longer than the key, and won't fit into a 255 byte column
I understand that "a string field is unlikely to be able to store the result"... but more detail would be clearer.

Thanks!
Comments

spikex Mon Dec 14 10:22:09 -0800 2009 | link

I spelled this out, and the 186 byte limit if using Base64 in the orignal post, but neglected to carry that language over into the docs. I've updated the docs to make it clearer.

Comment
I spelled this out, and the 186 byte limit if using Base64 in the orignal post, but neglected to carry that language over into the docs. I've updated the docs to make it clearer.
or cancel

Parsed with GitHub Flavored Markdown
2.

0 votes

spikex-strongbox gem is an old revision
2 comments Created 27 days ago by rjharmon

Title

Body
The readme says to config.gem spikex-strongbox, but that produces version 0.1.5 instead of 0.2.1 :(
or cancel

The readme says to config.gem spikex-strongbox, but that produces version 0.1.5 instead of 0.2.1 :(

Comments

spikex Tue Dec 08 13:25:08 -0800 2009 | link

I've updated the README. Just use "strongbox".

Comment
I've updated the README. Just use "strongbox".
or cancel

rjharmon Tue Dec 08 15:21:22 -0800 2009 | link

:D

Comment
:D
or cancel

Parsed with GitHub Flavored Markdown
1.

0 votes

Only works on a single field per model
1 comment Created 2 months ago by theIntuitionist

Title

Body
This code: class User < ActiveRecord::Base encrypt_with_public_key :first_name, :symmetric => :never, :base64 => true, :public_key => File.join(RAILS_ROOT,'config','public.pem') encrypt_with_public_key :last_name, :symmetric => :never, :base64 => true, :public_key => File.join(RAILS_ROOT,'config','public.pem') end results in >> User.create(:first_name => 'jason', :last_name => 'ward) => #<User id: 2, first_name: nil, last_name: "pMLj/Sa87FgR6mV1et8Hbo6F/eTI/efSgb6qenVVegNVUMEyjz9...", created_at: "2009-10-09 05:05:55", updated_at: "2009-10-09 05:05:55">
or cancel

This code:

class User < ActiveRecord::Base
encrypt_with_public_key :first_name, :symmetric => :never, :base64 => true, :public_key => File.join(RAILS_ROOT,'config','public.pem') encrypt_with_public_key :last_name, :symmetric => :never, :base64 => true, :public_key => File.join(RAILS_ROOT,'config','public.pem') end

results in

User.create(:first_name => 'jason', :last_name => 'ward) => #

Comments

spikex Fri Oct 09 10:48:14 -0700 2009 | link

This was fixed in version 0.2.0 (0.2.1 is current). However, github gems have been broken since their move to Rackspace, so they haven't updated their copy. You can get the current version from Gemcutter or RubyForge.

Comment
This was fixed in version 0.2.0 (0.2.1 is current). However, github gems have been broken since their move to Rackspace, so they haven't updated their copy. You can get the current version from Gemcutter or RubyForge.
or cancel

Parsed with GitHub Flavored Markdown

Labels

spikex / strongbox

Pledgie Donations

if private key has no passphrase, the decrypted data can't be accessed

Comments

OpenSSL::PKey::RSAError: padding check failed

Comments

spikex-strongbox gem is an old revision

Comments

Only works on a single field per model

Comments