Blog Has Moved!
New address: http://www.heathanderson.net
Ruby on Rails Plugin: string_encryption
This is a very simple Ruby on Rails plugin that allows easy encryption of strings. For the sake of simplicity there no customization. The only cipher used is ‘des-ede3-cbc’ (Triple DES using Cipher Block Chaining) . See my post on encrypting/decrypting a string with Ruby for more information. First install the plugin:
script/plugin install git://github.com/handerson/string_encryption.git
Next we need to add an encryption key as the constant ENV['STRING_ENCRYPTION_KEY']. To do this just run
script/generate encryption_key
or you could set
ENV['STRING_ENCRYPTION_KEY'] = "somekey"
where “somekey” is your key in environment.rb.
Now encryption/decryption is easy.
Encryption:
"Test".encrypt #=> "NDFkZTc5NDEyNTg1MzdiZPzBrxZz5aoN%0A"
Decryption:
"NDFkZTc5NDEyNTg1MzdiZPzBrxZz5aoN%0A".decrypt #=> "Test"
Code at Github:
http://github.com/handerson/string_encryption
Initialization Vector Length in MRI Ruby versus JRuby
When using OpenSSL encryption in standard Ruby, the length of an initialization vector (IV) can apparently be as large as you want it to be as long as it is at least the minimum size. This is odd. This can also cause trouble when switching over to JRuby. JRuby appear to be much pickier about IV length.
This works in MRI but not in JRuby:
unencrypted_data = "test"
des = OpenSSL::Cipher::Cipher.new("des-ede3-cbc")
des.encrypt
des.key = '0123456789abcdef01234567890'
des.iv = "ed87acdcca419954edccb736f7dc77a74f5ac8dfe3861c3d5f77248e21592131a5423d63ff91f07956ce1aa386f8359931b5" # 100 characters
encrypted_data = des.update(unencrypted_data) + des.final
puts encrypted_data
JRuby gives you this very helpful message:
ruby_string_encryption.rb:27:in `encrypt': No message available (OpenSSL::Cipher::CipherError)
from ruby_string_encryption.rb:37
Change the IV to 8 characters and everything works fine.
Update 10/14/2009 The code that I originally posted was incorrect. I have updated it. Also I opened a ticket for this issue.
If you are looking for what size an initialization vector should be check out my post on encrypting a string with Ruby.
Ruby String Encryption
Encrypting a string is fairly easy in Ruby. All you need to do is require 'openssl'. For this example I am using the ‘des-ede3-cbc’ (Triple DES using Cipher Block Chaining) cipher. Most–if not all–of the ciphers listed on OpenSSL.org as supported ciphers should work as well.
(more…)
Ruby on Rails Plugin: data_migration
data_migration allows you to separate data you need to load from your normal database migrations in a minimal way. While developing the new version of our flagship site, Knetwit, we decided we needed to separate our data migrations (initial settings and the like) from our structural migrations. We decided the easiest way to do this was to modify the existing Rails migration to allow for a new data migration. So we did.
Install Plugin
script/plugin install git://github.com/handerson/data_migration.git
Generate Migration
script/generate data_migration BlockedDomains
exists db/data create db/data/20090915161242_settings.rb
db/data/20090915161242_settings.rb:
class BlockedDomains < ActiveRecord::Migration def self.up end end
Add your data:
def self.up BlockedEmailDomain.create(:domain => "mailinator.com") BlockedEmailDomain.create(:domain => "spamherelots.com") BlockedEmailDomain.create(:domain => "disposeamail.com") end
Run Migration
rake db:data:migrate
== BlockedDomains: migrating =========================================================== == BlockedDomains: migrated (0.0020s) ==================================================
db:data:migrate adds the data migration version number to the ‘schema_migrations’ table so it will not be ran again.
Code at Github:
http://github.com/handerson/data_migration
Blog of Heath 
Comments Off on Blog Has Moved!