Andrew Filipowski
2006-Feb-06 18:18 UTC
[Rails] Sentry Plugin - Easy Question I don''t doubt
I am looking at adding the Sentry plugin to one of the applications that we are working on. I have a need to store some info that will have to be encrypted and decrypted. I have been going through the docs for the plugin and the AsymetricSentry class looks like the best for what we need to do but I am not sure how to generate the key. The docs say: This is a shortcut for using an asymmetrical algorithm with a private/ public key file. To use this, generate a public and private key with Sentry::AsymmetricalSentry.save_random_rsa_key (private_key_file, public_key_file). If you want to encrypt the private key file with a symmetrical algorithm, pass a secret key (neither the key nor the decrypted value will be stored). Sentry::AsymmetricSentry.save_random_rsa_key(private_key_file, public_key_file, :key => ''secret_password'') My question is this. I only want to generate this key once and set the defaults in the environment.rb as mentioned in the docs. How do I go about doing this? I am sure that the answer is probably very simple. Thanks Andrew
On 2/6/06, Andrew Filipowski <a.filipowski@mac.com> wrote:> I am looking at adding the Sentry plugin to one of the applications > that we are working on. I have a need to store some info that will > have to be encrypted and decrypted. I have been going through the > docs for the plugin and the AsymetricSentry class looks like the best > for what we need to do but I am not sure how to generate the key. The > docs say: > > This is a shortcut for using an asymmetrical algorithm with a private/ > public key file. To use this, generate a public and > private key with Sentry::AsymmetricalSentry.save_random_rsa_key > (private_key_file, public_key_file). If you want to encrypt the > private key file with a symmetrical algorithm, pass a secret key > (neither the key nor the decrypted value will be stored). > > Sentry::AsymmetricSentry.save_random_rsa_key(private_key_file, > public_key_file, :key => ''secret_password'') > > My question is this. I only want to generate this key once and set > the defaults in the environment.rb as mentioned in the docs. How do I > go about doing this? I am sure that the answer is probably very simple. > > Thanks > > AndrewFirst, I added a config.yml file for various app settings (sentry keys, payment gateway stuff, etc). config/config.yml: :keys: :public: /config/sentry_keys/pub.key :private: /config/sentry_keys/priv.key :symmetric_key: my_sekrit Then in environment.rb, I load the config, and set the global vars: CONFIG = YAML::load(File.open("#{RAILS_ROOT}/config/config.yml")) # Sentry Sentry::AsymmetricSentry.default_public_key_file "#{RAILS_ROOT}#{CONFIG[:keys][:public]}" Sentry::AsymmetricSentry.default_private_key_file "#{RAILS_ROOT}#{CONFIG[:keys][:private]}" The thing is, you have to pass the secret key each time you want to decrypt. Silly I suppose, but then what''s the point of the encryption? The point of the asymmetric encryption is so the actual key is not on the system at all. If you have sentry installed as a plugin, there is a rake task to generate the key. rake sentry_key PRIV=config/sentry_keys/priv.key PUB=config/sentry_keys/pub.key KEY=my_sekrit -- Rick Olson http://techno-weenie.net
Andrew Filipowski
2006-Feb-07 00:25 UTC
[Rails] Sentry Plugin - Easy Question I don''t doubt
Thanks that was what I was looking for. Did not see the rake task in the docs. Either I overlooked it or it isn''t there. Andrew On Feb 6, 2006, at 4:46 PM, Rick Olson wrote:> On 2/6/06, Andrew Filipowski <a.filipowski@mac.com> wrote: >> I am looking at adding the Sentry plugin to one of the applications >> that we are working on. I have a need to store some info that will >> have to be encrypted and decrypted. I have been going through the >> docs for the plugin and the AsymetricSentry class looks like the best >> for what we need to do but I am not sure how to generate the key. The >> docs say: >> >> This is a shortcut for using an asymmetrical algorithm with a >> private/ >> public key file. To use this, generate a public and >> private key with Sentry::AsymmetricalSentry.save_random_rsa_key >> (private_key_file, public_key_file). If you want to encrypt the >> private key file with a symmetrical algorithm, pass a secret key >> (neither the key nor the decrypted value will be stored). >> >> Sentry::AsymmetricSentry.save_random_rsa_key(private_key_file, >> public_key_file, :key => ''secret_password'') >> >> My question is this. I only want to generate this key once and set >> the defaults in the environment.rb as mentioned in the docs. How do I >> go about doing this? I am sure that the answer is probably very >> simple. >> >> Thanks >> >> Andrew > > First, I added a config.yml file for various app settings (sentry > keys, payment gateway stuff, etc). > > config/config.yml: > :keys: > :public: /config/sentry_keys/pub.key > :private: /config/sentry_keys/priv.key > :symmetric_key: my_sekrit > > Then in environment.rb, I load the config, and set the global vars: > > CONFIG = YAML::load(File.open("#{RAILS_ROOT}/config/config.yml")) > # Sentry > Sentry::AsymmetricSentry.default_public_key_file > "#{RAILS_ROOT}#{CONFIG[:keys][:public]}" > Sentry::AsymmetricSentry.default_private_key_file > "#{RAILS_ROOT}#{CONFIG[:keys][:private]}" > > The thing is, you have to pass the secret key each time you want to > decrypt. Silly I suppose, but then what''s the point of the > encryption? The point of the asymmetric encryption is so the actual > key is not on the system at all. > > If you have sentry installed as a plugin, there is a rake task to > generate the key. > > rake sentry_key PRIV=config/sentry_keys/priv.key > PUB=config/sentry_keys/pub.key KEY=my_sekrit > > -- > Rick Olson > http://techno-weenie.net > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails
Andrew Filipowski
2006-Feb-07 04:17 UTC
[Rails] Sentry Plugin - Easy Question I don''t doubt
Here is another question based on your response. Lets say that I have two apps, one is going to only encrypt, it can never decrypt. I havn''t put any decrypt actions in my app, and i am not going to. But can I not include on this app the :symetric_key in the config file? We are going to be encrypting creditcards with this app and to completely secure data that needs to be as secure as possible we are going to have the app in the DMZ (public interface) set up to use SSL and it is going to store only the last 4 digits of the credit card. Our network is going to be set up so that there is a completely seperate DB behind the firewall that is going to store the actual creditcard number and other sensitive material. The second app is actually going to live behind the firewall and can decrypt the creditcard to send to the payment gateway for processing. I know we are being a little paranoid but a little paranoia doesn''t hurt when dealing with sensitive data. so in this setup can i do what I hope to do which is use the same public and private keys in two different apps going after the same data? And if so do I need the symetric_key info in my outside facing app? or is it only used to decrypt? If it only is used to decrypt than my setup in theory sounds like it should work the way that we want it to. Where the outside app can''t decrypt because it has no knowledge of the symetric_key. This way the highly sensitive data is protected in three ways. The network is configured to only accept writes, the DB is set up with a user who only has write access, and should the server (DMZ) get compromised in anyway there is no way for the malicious user to find out the symetric_key to decrypt the stored values. On a second note, is it possible to have two sets of keys? One key for the creditcard info, and one key for other data that we deem necessary to encrypt that the outside app would need to be able to decrypt? Both of these I will probably end up testing but an answer would greatly shorten my effort if the answer to either is no. Thanks again for all the help Andrew On Feb 6, 2006, at 4:46 PM, Rick Olson wrote:> On 2/6/06, Andrew Filipowski <a.filipowski@mac.com> wrote: >> I am looking at adding the Sentry plugin to one of the applications >> that we are working on. I have a need to store some info that will >> have to be encrypted and decrypted. I have been going through the >> docs for the plugin and the AsymetricSentry class looks like the best >> for what we need to do but I am not sure how to generate the key. The >> docs say: >> >> This is a shortcut for using an asymmetrical algorithm with a >> private/ >> public key file. To use this, generate a public and >> private key with Sentry::AsymmetricalSentry.save_random_rsa_key >> (private_key_file, public_key_file). If you want to encrypt the >> private key file with a symmetrical algorithm, pass a secret key >> (neither the key nor the decrypted value will be stored). >> >> Sentry::AsymmetricSentry.save_random_rsa_key(private_key_file, >> public_key_file, :key => ''secret_password'') >> >> My question is this. I only want to generate this key once and set >> the defaults in the environment.rb as mentioned in the docs. How do I >> go about doing this? I am sure that the answer is probably very >> simple. >> >> Thanks >> >> Andrew > > First, I added a config.yml file for various app settings (sentry > keys, payment gateway stuff, etc). > > config/config.yml: > :keys: > :public: /config/sentry_keys/pub.key > :private: /config/sentry_keys/priv.key > :symmetric_key: my_sekrit > > Then in environment.rb, I load the config, and set the global vars: > > CONFIG = YAML::load(File.open("#{RAILS_ROOT}/config/config.yml")) > # Sentry > Sentry::AsymmetricSentry.default_public_key_file > "#{RAILS_ROOT}#{CONFIG[:keys][:public]}" > Sentry::AsymmetricSentry.default_private_key_file > "#{RAILS_ROOT}#{CONFIG[:keys][:private]}" > > The thing is, you have to pass the secret key each time you want to > decrypt. Silly I suppose, but then what''s the point of the > encryption? The point of the asymmetric encryption is so the actual > key is not on the system at all. > > If you have sentry installed as a plugin, there is a rake task to > generate the key. > > rake sentry_key PRIV=config/sentry_keys/priv.key > PUB=config/sentry_keys/pub.key KEY=my_sekrit > > -- > Rick Olson > http://techno-weenie.net > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails
On 2/6/06, Andrew Filipowski <a.filipowski@mac.com> wrote:> Here is another question based on your response. Lets say that I have > two apps, one is going to only encrypt, it can never decrypt. I > havn''t put any decrypt actions in my app, and i am not going to. But > can I not include on this app the :symetric_key in the config file? > We are going to be encrypting creditcards with this app and to > completely secure data that needs to be as secure as possible we are > going to have the app in the DMZ (public interface) set up to use SSL > and it is going to store only the last 4 digits of the credit card. > Our network is going to be set up so that there is a completely > seperate DB behind the firewall that is going to store the actual > creditcard number and other sensitive material. The second app is > actually going to live behind the firewall and can decrypt the > creditcard to send to the payment gateway for processing. I know we > are being a little paranoid but a little paranoia doesn''t hurt when > dealing with sensitive data. > > so in this setup can i do what I hope to do which is use the same > public and private keys in two different apps going after the same > data? And if so do I need the symetric_key info in my outside facing > app? or is it only used to decrypt? If it only is used to decrypt > than my setup in theory sounds like it should work the way that we > want it to. Where the outside app can''t decrypt because it has no > knowledge of the symetric_key. This way the highly sensitive data is > protected in three ways. The network is configured to only accept > writes, the DB is set up with a user who only has write access, and > should the server (DMZ) get compromised in anyway there is no way for > the malicious user to find out the symetric_key to decrypt the stored > values. > > On a second note, is it possible to have two sets of keys? One key > for the creditcard info, and one key for other data that we deem > necessary to encrypt that the outside app would need to be able to > decrypt? > > Both of these I will probably end up testing but an answer would > greatly shorten my effort if the answer to either is no. > > Thanks again for all the help > > Andrew1) You can use the public/private key anywhere you like. You shouldn''t store the symmetric password ANYWHERE on the system. Ideally it''s something you have to manually enter. However, this means you''d need some manual input for credit card processing. If this doesn''t work, then you should just use the unencrypted private key on the internal processing server. Also, since you''re not going to be decrypting on the public facing site at all, you only need the public key file. 2) Yes you can have multiple keys. But, you''ll have to manually pass them. The unit tests should have examples of this. I believe they test both default key usage and the ability to pass keys. -- Rick Olson http://techno-weenie.net
Andrew Filipowski
2006-Feb-07 11:18 UTC
[Rails] Sentry Plugin - Easy Question I don''t doubt
Rick, thanks for clarifying things for me. I now know how I need to have things set up to work in our environment. Andrew On Feb 6, 2006, at 11:43 PM, Rick Olson wrote:> On 2/6/06, Andrew Filipowski <a.filipowski@mac.com> wrote: >> Here is another question based on your response. Lets say that I have >> two apps, one is going to only encrypt, it can never decrypt. I >> havn''t put any decrypt actions in my app, and i am not going to. But >> can I not include on this app the :symetric_key in the config file? >> We are going to be encrypting creditcards with this app and to >> completely secure data that needs to be as secure as possible we are >> going to have the app in the DMZ (public interface) set up to use SSL >> and it is going to store only the last 4 digits of the credit card. >> Our network is going to be set up so that there is a completely >> seperate DB behind the firewall that is going to store the actual >> creditcard number and other sensitive material. The second app is >> actually going to live behind the firewall and can decrypt the >> creditcard to send to the payment gateway for processing. I know we >> are being a little paranoid but a little paranoia doesn''t hurt when >> dealing with sensitive data. >> >> so in this setup can i do what I hope to do which is use the same >> public and private keys in two different apps going after the same >> data? And if so do I need the symetric_key info in my outside facing >> app? or is it only used to decrypt? If it only is used to decrypt >> than my setup in theory sounds like it should work the way that we >> want it to. Where the outside app can''t decrypt because it has no >> knowledge of the symetric_key. This way the highly sensitive data is >> protected in three ways. The network is configured to only accept >> writes, the DB is set up with a user who only has write access, and >> should the server (DMZ) get compromised in anyway there is no way for >> the malicious user to find out the symetric_key to decrypt the stored >> values. >> >> On a second note, is it possible to have two sets of keys? One key >> for the creditcard info, and one key for other data that we deem >> necessary to encrypt that the outside app would need to be able to >> decrypt? >> >> Both of these I will probably end up testing but an answer would >> greatly shorten my effort if the answer to either is no. >> >> Thanks again for all the help >> >> Andrew > > 1) You can use the public/private key anywhere you like. You > shouldn''t store the symmetric password ANYWHERE on the system. > Ideally it''s something you have to manually enter. However, this > means you''d need some manual input for credit card processing. If > this doesn''t work, then you should just use the unencrypted private > key on the internal processing server. Also, since you''re not going > to be decrypting on the public facing site at all, you only need the > public key file. > > 2) Yes you can have multiple keys. But, you''ll have to manually pass > them. The unit tests should have examples of this. I believe they > test both default key usage and the ability to pass keys. > > -- > Rick Olson > http://techno-weenie.net > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails