cerebus

Cerebus

Summary

Cerebus was the many headed guardian at the entrance of hell. So... he guards things of little value, kind of like this library. This is a simple library which wraps openssl to provide a (hopefully) secure encryption system for arbitrary strings. The aim was to remove all the hard stuff and make it blindingly easy to encrypt and decrypt strings. Of course, this doesn't mean you can ignore basic crypographic best practices. Play safe, this is serious stuff.

It uses an RSA public key to encryt a Blowfish key which is used to encrypt the data. Decryption uses the RSA private key to decrypt the Blowfish key and then the data. Which is a fairly common pattern. It would be easy to adapt to use AES-256, IDEA or any of the other popular block cyphers.

The main value of this library is hiding the implementation internals of such a common operation. I couldn't find anything off-the-shelf that made this easy.

Examples

For regular ruby:

require 'cerebus'
cleartext = 'It is a secret to everybody!'
encrypted = Cerebus.encrypt cleartext, 'test/keys/public.pem'

Decryption is similarly simple.

require 'cerebus'
cleartext = Cerebus.decrypt encrypted_text, 'test/keys/private.pem',
'pass phrase'

Passphrase can be optionally left off and you will be prompted for it on the terminal. For rails just add it to the Gemfile and bundle install.

Making Keys

You can generate some new keys with the included make_keys.sh script. Be sure to use a good passphrase and keep your private.pem file stored safely (whatever that means for the application in question.)

Bugs

Please fix them and send me a pull request. Or create an issue. Or email me at jonathan (a.t) blazingdev , com.