Permalink
Browse files

initial commit

  • Loading branch information...
1 parent 237c5df commit 5ba344892da105d7d732c888cc927e6bc3df6c4e @randysecrist randysecrist committed Aug 11, 2012
View
14 Gemfile
@@ -0,0 +1,14 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ripple-contrib.gemspec
+gemspec
+
+gem 'riak-client', git: 'git://github.com/basho/riak-ruby-client.git', ref: '15a1fcb3cc5adf5365ae7d920cff8f13bc57743c'
+gem 'ripple', git: "git://github.com/seancribbs/ripple.git", ref: 'c68106a8a431cbef6be1ad79a5080359a9f7f540'
+
+
+group :development, :test do
+ gem 'linecache19', :git => 'git://github.com/mark-moseley/linecache'
+ gem 'ruby-debug-base19x', '~> 0.11.30.pre4'
+ gem "ruby-debug19", "0.11.6"
+end
View
@@ -0,0 +1,82 @@
+GIT
+ remote: git://github.com/basho/riak-ruby-client.git
+ revision: 15a1fcb3cc5adf5365ae7d920cff8f13bc57743c
+ ref: 15a1fcb3cc5adf5365ae7d920cff8f13bc57743c
+ specs:
+ riak-client (1.0.4)
+ beefcake (~> 0.3.7)
+ builder (>= 2.1.2)
+ i18n (>= 0.4.0)
+ multi_json (~> 1.0)
+
+GIT
+ remote: git://github.com/mark-moseley/linecache
+ revision: 869c6a65155068415925067e480741bd0a71527e
+ specs:
+ linecache19 (0.5.12)
+ ruby_core_source (>= 0.1.4)
+
+GIT
+ remote: git://github.com/seancribbs/ripple.git
+ revision: c68106a8a431cbef6be1ad79a5080359a9f7f540
+ ref: c68106a8a431cbef6be1ad79a5080359a9f7f540
+ specs:
+ ripple (1.0.0.beta2)
+ activemodel (>= 3.0.0, < 3.3.0)
+ activesupport (>= 3.0.0, < 3.3.0)
+ riak-client (~> 1.0.0)
+ tzinfo
+
+PATH
+ remote: .
+ specs:
+ ripple-encryption (0.1.0)
+ riak-client
+ ripple
+
+GEM
+ remote: https://rubygems.org/
+ specs:
+ activemodel (3.2.8)
+ activesupport (= 3.2.8)
+ builder (~> 3.0.0)
+ activesupport (3.2.8)
+ i18n (~> 0.6)
+ multi_json (~> 1.0)
+ archive-tar-minitar (0.5.2)
+ beefcake (0.3.7)
+ builder (3.0.0)
+ columnize (0.3.6)
+ contest (0.1.3)
+ i18n (0.6.0)
+ multi_json (1.3.6)
+ rake (0.9.2.2)
+ ruby-debug-base19 (0.11.25)
+ columnize (>= 0.3.1)
+ linecache19 (>= 0.5.11)
+ ruby_core_source (>= 0.1.4)
+ ruby-debug-base19x (0.11.30.pre10)
+ columnize (>= 0.3.1)
+ linecache19 (>= 0.5.11)
+ rake (>= 0.8.1)
+ ruby_core_source (>= 0.1.4)
+ ruby-debug19 (0.11.6)
+ columnize (>= 0.3.1)
+ linecache19 (>= 0.5.11)
+ ruby-debug-base19 (>= 0.11.19)
+ ruby_core_source (0.1.5)
+ archive-tar-minitar (>= 0.5.2)
+ tzinfo (0.3.33)
+
+PLATFORMS
+ ruby
+
+DEPENDENCIES
+ contest
+ linecache19!
+ rake
+ riak-client!
+ ripple!
+ ripple-encryption!
+ ruby-debug-base19x (~> 0.11.30.pre4)
+ ruby-debug19 (= 0.11.6)
View
16 LICENSE
@@ -0,0 +1,16 @@
+Copyright (c) 2012 Randy Secrist and Basho Technologies, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+All of the files in this project are under the project-wide license
+unless they are otherwise marked.
View
@@ -1,2 +1,67 @@
-ripple-encryption
-=================
+# Ripple::Encryption
+
+The ripple-encryption gem provides encryption and decryption for Ripple documents.
+[riak-ruby](https://github.com/basho/riak-ruby-client) [ripple](https://github.com/seancribbs/ripple)
+
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+ gem 'ripple-encryption'
+
+And then execute:
+
+ $ bundle
+
+Or install it yourself as:
+
+ $ gem install ripple-encryption
+
+## Overview
+
+You call the activation, which initializes a global serializer within
+Ripple. Any object that gets saved with content-type 'application/x-json-encrypted'
+then goes through the Encryption::Serializer, which loads or unloads the
+data from Riak through the JsonDocument and EncryptedJsonDocument,
+respectively. Both of these have a dependency on Encryption::Encrypter,
+which makes the actual calls to OpenSSL.
+
+JsonDocument stores the encrypted data wrapped in JSON encapsulation so
+that you can still introspect the Riak object and see which version of
+this gem was used to encrypt it.
+
+There is also a Rake file to convert between encrypted and decrypted
+JSON objects.
+
+## Usage
+
+Include the gem in your Gemfile. Activate it somewhere in your
+application initialization by pointing it to your encryption config file
+like so:
+
+ Ripple::Encryption::Activation.new PATH_TO_CONFIG_FILE
+
+Then include the Ripple::Encryption module in your document class:
+
+ class SomeDocument
+ include Ripple::Document
+ include Ripple::Encryption
+ property :message, String
+ end
+
+These documents will now be stored encrypted.
+
+## Running the Tests
+
+Adjust the 'test/fixtures/ripple.yml' to point to a test riak database.
+
+ bundle exec rake
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
View
@@ -0,0 +1,32 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+
+require 'rake'
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+ t.libs << "test"
+ t.test_files = FileList['test/**/test_*.rb']
+ t.verbose = true
+end
+
+namespace :test do
+ desc "Test everything"
+ task :all => [:test]
+end
+
+task :default => :test
+
+# Connect to Riak and test the client connection.
+
+namespace :migrate do
+ desc "Read in all unencrypted files, and save them to encrypted encoding."
+ task :encrypt do
+ Ripple::Encrytion::Migrate.new.convert(:encrypt)
+ end
+
+ desc "Read in all encrypted files, and save them unencrypted."
+ task :decrypt do
+ Ripple::Encrytion::Migrate.new.convert(:decrypt)
+ end
+end
@@ -0,0 +1,20 @@
+# AES-256-CBC requires a 32-byte key and 16 byte iv
+
+# remove iv if a random generated iv is desired
+
+development:
+ cipher: AES-256-CBC
+ key: fantasticobscurekeygoesherenowty
+ iv: !binary |
+ ABYLnUHWE/fIwE2gKYC6hg==
+
+test:
+ cipher: AES-256-CBC
+ key: fantasticobscurekeygoesherenowty
+ iv: !binary |
+ ABYLnUHWE/fIwE2gKYC6hg==
+
+prod:
+ cipher: AES-256-CBC
+ key: fantasticobscurekeygoesherenowty
+ base64: true
@@ -0,0 +1,9 @@
+development:
+ host: 127.0.0.1
+ http_port: 8098
+ namespace: local_ns~
+
+test:
+ host: 127.0.0.1
+ http_port: 9000
+ namespace: test_ns~
View
@@ -0,0 +1,82 @@
+module Ripple
+ module Encryption
+ class Migration
+ # create log files in the tmp dir
+ def initialize
+ relative_root = File.expand_path(File.join('..','..','..'),__FILE__)
+ require File.join(relative_root,'lib','ripple-encryption.rb')
+ tmp_dir = File.join(relative_root,'tmp')
+ output_dir = File.join(tmp_dir,Time.now.strftime("%m-%d-%Y-%I%M%p"))
+ Dir.mkdir(tmp_dir) unless File.exists?(tmp_dir)
+ Dir.mkdir(output_dir) unless File.exists?(output_dir)
+ @fetched_file = File.open(File.join(output_dir,'fetched.log'),'w')
+ @stored_file = File.open(File.join(output_dir,'stored.log'),'w')
+ @error_file = File.open(File.join(output_dir,'error.log'),'w')
+ end
+
+ # finde only the encryptable models
+ def models
+ Objects.constants.map{|c| "#{c}".constantize}.select{|c| c.include?(Ripple::Encryption)}
+ end
+
+ # cycle through all objects and save them
+ def convert(type)
+ # the difference between encryption or decryption is
+ # simply changing the content-type of the object so
+ # that ripple knows what way to serialize it
+ case type
+ when :encrypt
+ content_type = 'application/x-json-encrypted'
+ when :decrypt
+ content_type = 'application/json'
+ end
+
+ # we don't need no stinking warnings :-)
+ Riak.disable_list_keys_warnings = true
+
+ # cycle through each key in the database and
+ # read it, then save it
+ print 'Processing buckets: '
+ models.each do |model|
+ success = nil
+ count = 0
+ bucket_name = model.bucket_name
+ model.bucket.keys do |streaming_keys|
+ streaming_keys.each do |key|
+ begin
+ object = model.find key
+ log :fetched, "/buckets/#{bucket_name}/keys/#{key}"
+ object.robject.content_type = content_type
+ object.save!
+ log :stored, "/buckets/#{bucket_name}/keys/#{key}"
+ count += 1
+ rescue => e
+ log :error, "/buckets/#{bucket_name}/keys/#{key} #{e}".force_encoding('UTF-8')
+ success = 'E, '
+ end
+ end
+ end
+ print success || "#{count}, "
+ end
+ puts ' Done.'
+
+ # warn us. please. :-)
+ Riak.disable_list_keys_warnings = false
+ end
+
+ # log the object action
+ def log(type, object, error=nil)
+ case type
+ when :fetched
+ @fetched_file.puts object
+ when :stored
+ @stored_file.puts object
+ when :error
+ @error_file.write object
+ @error_file.write error
+ @error_file.write "\n"
+ end
+ end
+ end
+ end
+end
View
@@ -0,0 +1,10 @@
+require 'openssl'
+require 'ripple'
+
+module Ripple
+ module Encryption
+ end
+end
+
+# Include all of the support files.
+FileList[File.expand_path(File.join('..','ripple-encryption','*.rb'),__FILE__)].each{|f| require f}
@@ -0,0 +1,13 @@
+module Ripple
+ module Encryption
+ class Activation
+ def initialize(path)
+ config = Ripple::Encryption::Config.new path
+ # short-circuit encryption via the config file if desired
+ if !Riak::Serializers['application/x-json-encrypted'] && (config.to_h['encryption'] != false)
+ Riak::Serializers['application/x-json-encrypted'] = Ripple::Encryption::Serializer.new config
+ end
+ end
+ end
+ end
+end
Oops, something went wrong.

0 comments on commit 5ba3448

Please sign in to comment.