[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

Encrypting/decrypting data

(D. Alvarado)

1/21/2008 6:02:00 PM

Hi,

I'm using the latest version of Ruby for Fedora Core 6 Linux. I want
to store credit card info in my database. I'd like to store it in an
encrypted form, but I'd also like to be able to decrypt it later.
Does anyone have any useful encryption/decryption routines?

Thanks, - Dave
3 Answers

ara.t.howard

1/21/2008 6:32:00 PM

0


On Jan 21, 2008, at 11:05 AM, laredotornado@zipmail.com wrote:

>
> I'm using the latest version of Ruby for Fedora Core 6 Linux. I want
> to store credit card info in my database. I'd like to store it in an
> encrypted form, but I'd also like to be able to decrypt it later.
> Does anyone have any useful encryption/decryption routines?
>
> Thanks, - Dave
>

module Site
module Encryption
class << self
attr_accessor 'mac_address'
def mac_address
return @mac_address if defined? @mac_address
re = %r/[^:\-](?:[0-9A-F][0-9A-F][:\-]){5}[0-9A-F][0-9A-F][^:
\-]/io
cmds = '/sbin/ifconfig', '/bin/ifconfig', 'ifconfig',
'ipconfig /all'

null = test(?e, '/dev/null') ? '/dev/null' : 'NUL'

lines = nil
cmds.each do |cmd|
stdout = IO.popen("#{ cmd } 2> #{ null }"){|fd|
fd.readlines} rescue next
next unless stdout and stdout.size > 0
lines = stdout and break
end
raise "all of #{ cmds.join ' ' } failed" unless lines

candidates = lines.select{|line| line =~ re}
raise 'no mac address candidates' unless candidates.first
candidates.map!{|c| c[re]}

maddr = candidates.first
raise 'no mac address found' unless maddr

maddr.strip!
maddr.instance_eval{ @list = candidates; def list() @list end }

@mac_address = maddr
end
attr_accessor 'blowfish'
def blowfish
@blowfish ||= Crypt::Blowfish.new(key)
end
attr_accessor 'key'
def key
@key ||= "--#{ mac_address }--#{ hostname }--"[0,56]
end
attr_accessor 'hostname'
def hostname
@hostname ||= Socket.gethostname
end
def encrypt string
Base64.encode64(blowfish.encrypt_string(string.to_s)).chop #
kill "\n"
end
def decrypt string, kw = {}
blowfish.decrypt_string(Base64.decode64("#{ string }\n")).strip
end
end
end
def self.encryption() Encryption end
def self.encrypt(*a, &b)
Encryption.encrypt(*a, &b)
end
def self.decrypt(*a, &b)
Encryption.decrypt(*a, &b)
end
end


you will want to set both the mac_address, the key, or both. you'll
need crypt/blowfish for tis to work, obviously.

regards.

a @ http://codeforp...
--
share your knowledge. it's a way to achieve immortality.
h.h. the 14th dalai lama

Rick DeNatale

1/21/2008 6:46:00 PM

0

On Jan 21, 2008 1:05 PM, laredotornado@zipmail.com
<laredotornado@zipmail.com> wrote:
> Hi,
>
> I'm using the latest version of Ruby for Fedora Core 6 Linux. I want
> to store credit card info in my database. I'd like to store it in an
> encrypted form, but I'd also like to be able to decrypt it later.
> Does anyone have any useful encryption/decryption routines?
>

You can use the net/ssl standard library code to do this. Here's a
blog post I found on this subject
http://blog.leetsoft.com/2006/03/14/simple-...

I just scored my first "googlewhack" when I tried to find this post
again right now, with the search "ruby openssl create_keys"
create_keys coming from the code in the rails app where I used this.

That said, one needs to be very careful in considering storing credit
card info, that private key is precious since if someone gets it and
the cc info get's leak, you might well be legally responsible.

In the site where I used this, the public-facing machine has only a
public key which is used to encrypt the cc data in the database which
is running inside a company network accessible only through an ssh
connection, only the firewalled database server machine has the
private key.


--
Rick DeNatale

My blog on Ruby
http://talklikeaduck.denh...

(D. Alvarado)

1/21/2008 10:10:00 PM

0

On Jan 21, 12:32 pm, "ara.t.howard" <ara.t.how...@gmail.com> wrote:
> On Jan 21, 2008, at 11:05 AM, laredotorn...@zipmail.com wrote:
>
>
>
> > I'm using the latest version of Ruby for Fedora Core 6 Linux.  I want
> > to store credit card info in my database.  I'd like to store it in an
> > encrypted form, but I'd also like to be able to decrypt it later.
> > Does anyone have any useful encryption/decryption routines?
>
> > Thanks, - Dave
>
> module Site
>    module Encryption
>      class << self
>        attr_accessor 'mac_address'
>        def mac_address
>          return @mac_address if defined? @mac_address
>          re = %r/[^:\-](?:[0-9A-F][0-9A-F][:\-]){5}[0-9A-F][0-9A-F][^:
> \-]/io
>          cmds = '/sbin/ifconfig', '/bin/ifconfig', 'ifconfig',  
> 'ipconfig /all'
>
>          null = test(?e, '/dev/null') ? '/dev/null' : 'NUL'
>
>          lines = nil
>          cmds.each do |cmd|
>            stdout = IO.popen("#{ cmd } 2> #{ null }"){|fd|  
> fd.readlines} rescue next
>            next unless stdout and stdout.size > 0
>            lines = stdout and break
>          end
>          raise "all of #{ cmds.join ' ' } failed" unless lines
>
>          candidates = lines.select{|line| line =~ re}
>          raise 'no mac address candidates' unless candidates.first
>          candidates.map!{|c| c[re]}
>
>          maddr = candidates.first
>          raise 'no mac address found' unless maddr
>
>          maddr.strip!
>          maddr.instance_eval{ @list = candidates; def list() @list end }
>
>          @mac_address = maddr
>        end
>        attr_accessor 'blowfish'
>        def blowfish
>          @blowfish ||= Crypt::Blowfish.new(key)
>        end
>        attr_accessor 'key'
>        def key
>          @key ||= "--#{ mac_address }--#{ hostname }--"[0,56]
>        end
>        attr_accessor 'hostname'
>        def hostname
>          @hostname ||= Socket.gethostname
>        end
>        def encrypt string
>          Base64.encode64(blowfish.encrypt_string(string.to_s)).chop #  
> kill "\n"
>        end
>        def decrypt string, kw = {}
>          blowfish.decrypt_string(Base64.decode64("#{ string }\n")).strip
>        end
>      end
>    end
>    def self.encryption() Encryption end
>    def self.encrypt(*a, &b)
>      Encryption.encrypt(*a, &b)
>    end
>    def self.decrypt(*a, &b)
>      Encryption.decrypt(*a, &b)
>    end
> end
>
> you will want to set both the mac_address, the key, or both.  you'll  
> need crypt/blowfish for tis to work, obviously.
>
> regards.
>
> a @http://codeforp...
> --
> share your knowledge.  it's a way to achieve immortality.
> h.h. the 14th dalai lama

I'm trying to install ruby blowfish, which I got from this link --
http://webscripts.softpedia.com/scriptDownload/Crypt-Blowfish-Download-1....
But when logged in as root to my Fedora Core 6 Linux box, this is the
error I got when trying to install:

[root@mymachine crypt_blowfish-0.6.1]# ruby make.rb
Do you want to install the binary (b) or pure-ruby (r) core? (b/r)?
r
make.rb:22: private method `rm' called for File:Class (NoMethodError)
from make.rb:9:in `loop'
from make.rb:9


I get the same result if I choose the "b" option. - Dave