SecureString is a special string subclass that provides two pieces of functionality that can be used individually:
Byte string support: Although a string can already contain bytes, this makes it easier to view and work with strings holding binary data, including conversion to/from raw hex or Base64 encoded values.
Secure string support: Easy methods for RSA encryption, AES encoding, and SHA/MD5 digest hashing, of the data in the strings.
One of the basic philosophies of SecureString is that it does not override–only extends–the feature set of String. However there is one difference that was added: inspect is overridden to return the data as a hex-string, rather than using the specified character encoding. This does not mean it's value has in any way changed, just its presentation. Use to_s to recover the standard String version of the value.
WARNING: it is important to note that the String method length is not a good measure of a byte string's length, as depending on the encoding, it may count multibyte characters as a single element. To ensure that you get the byte length, use the standard string method bytesize. See the section on String Encodings for more detail.
Installation & Configuration
SecureString was tested and works successfully in ruby 1.8.7 and 1.9.2.
To install, first install the gem:
gem install secure_string
Then require the gem like so:
By default, this creates the SecureString class, which is completely configured and ready to go like so:
Some people like to monkey patch String to translate to a SecureString like so:
# This is an optional configuration: class String def to_ss return SecureString.new(self) end end
Alternatively, if you would like to add the SecureString methods directly onto all Strings, simply add the following code to your program:
# This is an optional configuration: class String include SecurizeString end
Unless you already have code that modifies String in a conflicting way–or code that depends on the value of inspect, this should not change the behavior of your existing code.
Creation of a SecureString from an normal String instance is easy:
ss = SecureString.new("Hello World!") ss.to_s --> "Hello World!" ss.inspect --> "<48656c6c6f20576f726c6421>"
Additionally, you can get at the byte data in various ways:
ss.to_hex --> "48656c6c6f20576f726c6421" ss.to_i --> 22405534230753928650781647905 ss.to_base64 --> "SGVsbG8gV29ybGQh\n"
One can initialize a SecureString from any of these types like so:
ss1 = SecureString.new("Hello World!", :type => :data) ss2 = SecureString.new("48656c6c6f20576f726c6421", :type => :hex) ss3 = SecureString.new(22405534230753928650781647905, :type => :int) ss4 = SecureString.new("SGVsbG8gV29ybGQh", :type => :base64) ss1 == ss --> true ss2 == ss --> true ss3 == ss --> true ss4 == ss --> true
All of these create equal-valued strings to "HelloWorld!".
Base64 Methods Overview
The SecureString::Base64Methods module adds to_base64, which we've seen:
SecureString.new("Hello World!").to_base64 --> "SGVsbG8gV29ybGQh\n"
It also adds from_base64, which can decode a Base64 encoded string. The following example shows the various ways of decoding Bas64 data:
SecureString.new("SGVsbG8gV29ybGQh", :type => :base64) == "Hello World!" --> true SecureString.new("SGVsbG8gV29ybGQh") == "Hello World!" --> false SecureString.new("SGVsbG8gV29ybGQh").from_base64 == "Hello World!" --> true
Digest Methods Overview
The SecureString::DigestMethods module adds convenience methods for calculating cryptographic hash sums for the data in the string. Note that since SecureString handles binary data well, the string value returns is NOT the hex string; to get the hex digest, simply call to_hex:
ss = SecureString.new("Hello World!") ss.to_md5.to_hex --> "ed076287532e86365e841e92bfc50d8c" ss.to_sha1.to_hex --> "2ef7bde608ce5404e97d5f042f95f89f1c232871" ss.to_sha256.to_hex --> "7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069" ss.to_digest('SHA-512').to_hex --> "861844d6704e8573fec34d967e20bcfef3d424cf48be04e6dc08f2bd58c729743371015ead891cc3cf1c9d34b49264b510751b1ff9e537937bc46b5d6ff4ecc8"
RSA Methods Overview
The SecureString::RSAMethods module adds convenience methods for RSA key generation, encryption, and signing, and verification.
The basic features of this module are illustrated on the following worked example:
First, alice and bob much each generate their public and private keys. For the example, we do it like so:
alice_pvt_key, alice_pub_key = SecureString.rsa_keygen bob_pvt_key, bob_pub_key = SecureString.rsa_keygen
Now, Alice creates a message and encrypts it for Bob and signs it.
message = SecureString.new("Hello World") encrypted_message = message.to_rsa(bob_pub_key) signature = encrypted_message.sign(alice_pvt_key)
Alice sends Bob the data in encrypted_message and signature. Bob verifies the message's signature, and then decrypts it:
is_verified = encrypted_message.verify?(alice_pub_key, signature) if( is_verified ) decrypted_message = encrypted_message.from_rsa(bob_pvt_key).to_s else raise RuntimeError, "This is not from Alice!" end
The value of Alice's original message variable, and Bob's decrypted_message should be identical.
Cipher Methods Overview
The SecureString::CipherMethods module adds convenience methods for block cipher encryption, particularly for the AES-256-CBC block cipher.
The following methods illustrate a sample session for the default AES-256-CBC cipher:
# Generate a random key and initialization vector. key, iv = SecureString.aes_keygen # Now encrypt a message: message = SecureString.new("Hello World!") cipher_text = message.to_aes(key, iv) # Now decrypt the message: decoded_text = cipher_text.from_aes(key, iv)
Starting in Ruby 1.9.x, String instances manage their own encodings. For example, a string with Unicode characters are usually encoded as UTF-8, while a lot of source is still written in US-ASCII.
Binary data is independent of the encoding that encodes it, however using the binary data when it is assigned a multi-byte character encoding strategy can lead to a few surprises.
For example, for a Unicode string, the length method returns the number of characters in the string, while bytesize returns the number of bytes encoded in the string:
s = "Resum\u00E9" s.encoding --> UTF-8 s.length --> 6 s.bytesize --> 7
SecureString's basic design philosophy is to–as much as possible–only extend the behavior of String, not replace it. Therefore, SecureString does NOT affect the encoding of the string it is using.
This is normally not a problem–as long as you use bytesize instead of length to get the byte count of the data in the string.
In rare cases, you may want to change a String to the ASCII-8BIT binary encoding without changing its data. To accomplish this, one should call force_encoding like so:
s = "Resum\u00E9" s.force_encoding('BINARY') s.encoding --> ASCII-8BIT s.length --> 7 s.bytesize --> 7
Note that when you do this, equality tests can be broken like so:
s = "Resum\u00E9" b = s.dup.force_encoding('BINARY') s == b --> false s.bytes.to_a == b.bytes.to_a --> true
If you have any questions, comments, concerns, patches, or bugs, you can contact me via the github repository at:
or directly via e-mail at:
- 1.3.3 - 2011-Jul-19
Added new functionality
(FEATURE) Added PKCS5 v2 keygen from a passphrase support.
(FEATURE) Addition of escaped hex string literal support for pasting into code.
(FIX) Hex conversion is more consistently fast now.
- 1.3.2 - 2011-Jun-15
Changed minimum requirements from 1.8.6 to 1.8.7.
(CHANGE) Minimum requirements are 1.8.7 due to too many bugs in 1.8.6.
(FIX) Update to the documentation to reflect 1.8.7 support.
- 1.3.1 - 2011-Jun-15
Added public key extraction from private keys.
(FEATURE) Public keys can be extracted from private keys using either the separate_keys class method or the extract_public_key instance method.
- 1.3.0 - 2011-Jun-15
Ruby 1.8 compatibility.
(FEATURE) Emulation urlsafe base64 encodings in ruby 1.8.
(CHANGE) SecureString.new arguments changed to work with ruby 1.8. Instead of specifying the argument type hint first, you now do that with an options hash. (You will get a descriptive error if you try to do it the old way.)
- 1.2.1 - 2011-Jun-15
(FIX) To/From Base64 methods were returning normal strings, making chaining impossible.
- 1.2.0 - 2011-May-17
Re-wrote Base64 module to address problems with RFC 2045 vs. RFC 4648 compatibility.
Added testing against source strings that generate incompatible encodings between RFC 2045 and RFC 4648.
(FEATURE) added option to strip newlines from the returned base64 string.
(CHANGE) to_base64 defaults to the standard Base64 instead of websafe Base64.
(FIX) added option to decode as websafe Base64.
- 1.1.2 - 2010-Nov-08
Minor gemspec file change for compatibility with bundler.
- 1.1.1 - 2010-Nov-05
Backed down requirements to ruby 1.9.x; Bugfixes and minor changes.
Tested in 1.9.1 and 1.9.2.
Added some documentation and tests on String encodings.
Added more spec tests.
(FEATURE) Digest methods may be supplied via string now.
(FEATURE) RSA encryption works with both public and private keys.
(FEATURE) RSA keys encoded as SecureString can be asked if public or private.
(CHANGE) BinaryStringDataMethods now is non-clobbering and independent.
(CHANGE) An empty string's integer value is now zero.
(FIX) Non-hex characters are ignored when accepting hex data input.
- 1.1.0 - 2010-Nov-04
Extracted methods into a module that can be easily included on any String class.
- 1.0.0 - 2010-Nov-04
Added Tests, Examples, and Bugfixes
Added a full suite of spec tests.
(FEATURE) Can get a list of supported ciphers.
(FEATURE) Auto-determine AES key length in to_aes and from_aes.
(CHANGE) RSA now defaults to 2048-bit keys instead of just 1024.
(FIX) Init from integer works now.
(FIX) RSA signatures can take digest classes, not just instances.
- 0.9.0 - 2010-Nov-03
Feature complete, but lacks spec tests and examples.
See what happens when including SecurizeString into an object that is not a String. What are the expected root methods? to_s, self.new(string) are two that I know of.
Add HMAC support.
The files contained in this repository are released under the commercially and GPL compatible “New BSD License”, given below:
Copyright (c) 2010, Jeffrey C. Reinecke All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the copyright holders nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JEFFREY REINECKE BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.