Lockbox icon indicating copy to clipboard operation
Lockbox copied to clipboard

verified publisher icon jimsynz

Metadata

Reversible, secure secret storing for your rails model using public/private key encryption and acts_as_lockbox.

Lockbox

Lockbox is a simple rails plugin that let's you use public key crypto to encrypt and decrypt strings. This is just a quick hack, I decided not to go for anything more elaborate because it met the minimum requirements of what I'm building and nothing more. You can always get the latest version of this plugin from Github:

  • http://github.com/jamesotron/Lockbox [web url]
  • git://github.com/jamesotron/Lockbox.git [clone url]

If you're using Lockbox in production please email me and give me your feedback to [email protected]. Feel free to fork Lockbox on github and or send me patches, I'm always interested in use cases.

Lockbox is released under the Mozilla MPL 1.1, all code is copyright 2009 James Harton.

Example

Use openssl to generate the keys:

openssl genrsa -des3 -out private.pem 2048

Generating RSA private key, 2048 bit long modulus ..................................................................................................................+++ ..........+++ e is 65537 (0x10001) Enter pass phrase for private.pem: Verifying - Enter pass phrase for private.pem:

openssl rsa -in private.pem -out public.pem -outform PEM -pubout

Enter pass phrase for private.pem: writing RSA key

Next, move the private and public key files into $RAILS_ROOT/config/ and configure Lockbox:

mv public.pem private.pem config/ cat <<EOF > config/lockbox.yml development: public_key_path: config/public.pem private_key_path: config/private.pem

testing: public_key_path: vendor/plugins/lockbox/test/public.pem private_key_path: vendor/plugins/lockbox/test/private.pem pass_phrase: test

production: public_key_path: config/public.pem private_key_path: config/private.pem EOF

You might wish to stop your Rails application from running, and display a passphrase entry dialogue if the Lockbox hasn't been unlocked:

class ApplicationController < ActionController::Base

before_filter :unlock_box

def unlock_box if Lockbox.locked? redirect_to :controller => 'unlock', :action => 'prompt' end end

end

You can use lockbox in your model by using the acts_as_lockbox class method:

class User < ActiveRecord::Base

acts_as_lockbox :for => [ :password, :credit_card_number ]

end

Copyright (c) 2009 James Harton, released under the Mozilla Public License version 1.1

Metadata

30
Stars
2
Forks
Watchers

Owner

verified publisher icon jimsynz

Metadata

Reversible, secure secret storing for your rails model using public/private key encryption and acts_as_lockbox.

Back