working on encryption

app/models/key_management.rb

@@ -0,0 +1,5 @@
+class KeyManagement < ActiveRecord::Base
+  attr_accessible :iv, :user_id
+  belongs_to :work_info
+  
+end

app/models/work_info.rb

@@ -1,20 +1,44 @@
 class WorkInfo < ActiveRecord::Base
   attr_accessible :DoB, :SSN, :bonuses, :income, :years_worked
   belongs_to :user
-  #before_save :encrypt_ssn
+  has_one :key_management, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy
+  before_save :encrypt_ssn
+ 
   
   # We should probably use this
   def last_four
     "***-**-" << self.SSN[-4,4]
   end
   
-  def encrypt_ssn(data)
+  def encrypt_ssn
+     aes = OpenSSL::Cipher::Cipher.new(cipher_type)
+     aes.encrypt
+     aes.key = key
+     aes.iv = iv if iv != nil
+     self.encrypted_ssn = aes.update(self.SSN) + aes.final
+     self.SSN = nil
   end
   
-  def decrypt_ssn(encrypted_data)
+  def decrypt_ssn
+     aes = OpenSSL::Cipher::Cipher.new(cipher_type)
+     aes.decrypt
+     aes.key = key
+     aes.iv = iv if iv != nil
+     aes.update(self.encrypted_ssn) + aes.final
   end
   
-  def cipher_mode
+  def key
+    raise "Key Missing" if !(KEY)
+    KEY
+  end
+  
+  def iv
+    "asdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdf"
+    #self.key_management.iv
+    #raise "No IV for this User" if !(key_management.iv)
+  end
+  
+  def cipher_type
     'aes-256-cbc'
   end
   

config/initializers/key.rb

@@ -0,0 +1,5 @@
+if Rails.env.production?
+  # Specify env variable/location/etc. to retrieve key from
+elsif Rails.env.development?
+  KEY = "123456789101112123456789101112123456789101112"
+end

db/migrate/20131113200708_create_key_managements.rb

@@ -0,0 +1,10 @@
+class CreateKeyManagements < ActiveRecord::Migration
+  def change
+    create_table :key_managements do |t|
+      t.string :iv
+      t.integer :user_id
+
+      t.timestamps
+    end
+  end
+end

db/schema.rb

@@ -11,13 +11,20 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20131112235256) do
+ActiveRecord::Schema.define(:version => 20131113200708) do
 
   create_table "benefits", :force => true do |t|
     t.datetime "created_at", :null => false
     t.datetime "updated_at", :null => false
   end
 
+  create_table "key_managements", :force => true do |t|
+    t.string   "iv"
+    t.integer  "user_id"
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+  end
+
   create_table "messages", :force => true do |t|
     t.integer  "creator_id"
     t.integer  "receiver_id"

db/seeds.rb

@@ -184,6 +184,21 @@ paid_time_off = [
     }   
   ]
   
+  key_mgmt = [
+    {
+      :user_id => 2,
+    },
+    {
+      :user_id => 3,
+    },
+    {
+      :user_id => 4,
+    },
+    {
+      :user_id => 5,    
+    }   
+  ]
+  
   performance = [
     {
       :user_id => 2,
@@ -289,12 +304,12 @@ schedule.each do |event|
   sched.save
 end
 
-work_info.each do |wi|
+key_mgmt.each do |key|
-  info = WorkInfo.new(wi.reject {|k| k == :user_id})
+  KeyManagement.create(:user_id => key[:user_id], :iv => Digest::SHA2.new.to_s)
-  info.user_id = wi[:user_id]
-  info.save
 end
 
+
+
 performance.each do |perf|
   p = Performance.new(perf.reject {|k| k == :user_id})
   p.user_id = perf[:user_id]
@@ -306,3 +321,11 @@ messages.each do |message|
   m.creator_id = message[:creator_id]
   m.save
 end
+
+
+work_info.each do |wi|
+  info = WorkInfo.new(wi.reject {|k| k == :user_id})
+  info.user_id = wi[:user_id]
+  info.save
+end
+

spec/models/key_management_spec.rb

@@ -0,0 +1,5 @@
+require 'spec_helper'
+
+describe KeyManagement do
+  pending "add some examples to (or delete) #{__FILE__}"
+end