Mercurial > hg > soundsoftware-site

annotate lib/redmine/ciphering.rb @ 1478:5ca1f4a47171 bibplugin_db_migrations

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Close obsolete branch bibplugin_db_migrations
author Chris Cannam
date Fri, 30 Nov 2012 14:40:50 +0000
parents cbb26bc654de
children 433d4f72a19b
rev   line source
Chris@245 1 # Redmine - project management software
Chris@245 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
Chris@245 3 #
Chris@245 4 # This program is free software; you can redistribute it and/or
Chris@245 5 # modify it under the terms of the GNU General Public License
Chris@245 6 # as published by the Free Software Foundation; either version 2
Chris@245 7 # of the License, or (at your option) any later version.
Chris@245 8 #
Chris@245 9 # This program is distributed in the hope that it will be useful,
Chris@245 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@245 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@245 12 # GNU General Public License for more details.
Chris@245 13 #
Chris@245 14 # You should have received a copy of the GNU General Public License
Chris@245 15 # along with this program; if not, write to the Free Software
Chris@245 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@245 17
Chris@245 18 module Redmine
Chris@245 19 module Ciphering
Chris@909 20 def self.included(base)
Chris@245 21 base.extend ClassMethods
Chris@245 22 end
Chris@909 23
Chris@245 24 class << self
Chris@245 25 def encrypt_text(text)
Chris@909 26 if cipher_key.blank? || text.blank?
Chris@245 27 text
Chris@245 28 else
Chris@245 29 c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
Chris@245 30 iv = c.random_iv
Chris@245 31 c.encrypt
Chris@245 32 c.key = cipher_key
Chris@245 33 c.iv = iv
Chris@245 34 e = c.update(text.to_s)
Chris@245 35 e << c.final
Chris@245 36 "aes-256-cbc:" + [e, iv].map {|v| Base64.encode64(v).strip}.join('--')
Chris@245 37 end
Chris@245 38 end
Chris@909 39
Chris@245 40 def decrypt_text(text)
Chris@245 41 if text && match = text.match(/\Aaes-256-cbc:(.+)\Z/)
Chris@909 42 if cipher_key.blank?
Chris@909 43 logger.error "Attempt to decrypt a ciphered text with no cipher key configured in config/configuration.yml" if logger
Chris@909 44 return text
Chris@909 45 end
Chris@245 46 text = match[1]
Chris@245 47 c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
Chris@245 48 e, iv = text.split("--").map {|s| Base64.decode64(s)}
Chris@245 49 c.decrypt
Chris@245 50 c.key = cipher_key
Chris@245 51 c.iv = iv
Chris@245 52 d = c.update(e)
Chris@245 53 d << c.final
Chris@245 54 else
Chris@245 55 text
Chris@245 56 end
Chris@245 57 end
Chris@909 58
Chris@245 59 def cipher_key
Chris@245 60 key = Redmine::Configuration['database_cipher_key'].to_s
Chris@245 61 key.blank? ? nil : Digest::SHA256.hexdigest(key)
Chris@245 62 end
Chris@909 63
Chris@909 64 def logger
Chris@909 65 Rails.logger
Chris@909 66 end
Chris@245 67 end
Chris@909 68
Chris@245 69 module ClassMethods
Chris@245 70 def encrypt_all(attribute)
Chris@245 71 transaction do
Chris@245 72 all.each do |object|
Chris@245 73 clear = object.send(attribute)
Chris@245 74 object.send "#{attribute}=", clear
Chris@245 75 raise(ActiveRecord::Rollback) unless object.save(false)
Chris@245 76 end
Chris@245 77 end ? true : false
Chris@245 78 end
Chris@909 79
Chris@245 80 def decrypt_all(attribute)
Chris@245 81 transaction do
Chris@245 82 all.each do |object|
Chris@245 83 clear = object.send(attribute)
Chris@245 84 object.write_attribute attribute, clear
Chris@245 85 raise(ActiveRecord::Rollback) unless object.save(false)
Chris@245 86 end
Chris@245 87 end
Chris@245 88 end ? true : false
Chris@245 89 end
Chris@909 90
Chris@245 91 private
Chris@909 92
Chris@245 93 # Returns the value of the given ciphered attribute
Chris@245 94 def read_ciphered_attribute(attribute)
Chris@245 95 Redmine::Ciphering.decrypt_text(read_attribute(attribute))
Chris@245 96 end
Chris@909 97
Chris@245 98 # Sets the value of the given ciphered attribute
Chris@245 99 def write_ciphered_attribute(attribute, value)
Chris@245 100 write_attribute(attribute, Redmine::Ciphering.encrypt_text(value))
Chris@245 101 end
Chris@245 102 end
Chris@245 103 end