I have no added released EzCrypto 0.2, where the big news is
ActiveCrypto which adds crypto support to Rails applications. The idea
was to add cryptography via a single line or two of code in your
activerecord model and another line or two in a controller somewhere.
Features
- Transparent encryption/decryption
- Ruby on Rails like domain language
Simple examples
A SIMPLE ENCRYPTED CLASS
You specify in your class which fields are encrypted:
class Document < ActiveRecord::Base
encrypt :title,:body
end
Two encrypt it you need to enter a key. For ease of use there is a
method called enter_password which sets the key based on a password of
your choice.
doc=Document.new
doc.enter_password "This stuff is secret man!!!"
doc.title="Plan to take over the world"
doc.body="Write apps in Rails"
doc.save
This needs to be done as well if you want to read your document:
doc=Document.find 1
doc.enter_password "This stuff is secret man!!!"
puts doc.name
If you don’t remember to set a key it will through a MissingKeyError.
MORE REALISTIC EXAMPLE WITH KEYHOLDER
It probably isn’t much use if each record needs its own key. The
solution to this is the KeyHolder. A KeyHolder is an object that holds
keys for use by other objects. A typical example would be a user.
class User < ActiveRecord::Base
has_many :documents
keyholder
end
We use standard ActiveRecord associations to associate the User with
his documents. We also need to specify that he is a keyholder. We now
modify our Document class as follows:
class Document < ActiveRecord::Base
belongs_to :user
encrypt :title,:body,:key=>:user
end
We have the standard associations going on here, but we have also
added the option :key=>:user to the encrypt statement. Now we could do
this:
@user=User.new
@user.enter_password "This stuff is secret man!!!"
@user.save
@doc=Document.new
@doc.user=@user
@doc.title="Plan to take over the world"
@doc.body="Write apps in Rails"
@doc.save
You could also do ordinary rails like stuf such as:
@user.documents.each do |doc|
puts doc.name
end
Decryption is done transparently.
When doing this within a rails application, active_crypto
automatically maintains a list of keys for each user session. Besides
the 2 steps below you don’t need to do anything special within your
controller.
-
When a user logs on with a password enter his password like this:
@user.enter_password @params[‘password’]
-
When a user logs off call the following
clear_session_keys
I welcome feedback. As mentioned I am doing some for me some hairy
ruby programming linking it into Rails. I would like to hear
suggestions from some of the actual Rails frameworks maintainers and
others about what could be done to improve it and integrate it even
better into rails.
See my blog where I talk a bit about current and future usage patterns:
http://neubia.com/archives/000402.html
Cheers
Pelle
···
–
https://stakeitout.com + Stake out your own micro ventures
http://stakeventures.com + Bootstrapping blog
http://neubia.com + Geek blog
http://SoapBX.com + Get on the box and shout
