Last Update: Tue Sep 12 13:19:22 CEST 2006

0.7 September 12th, 2006 PKYP services support

Marking the release of a new no nonsense Public Key directory, this allows you register your public keys and certificates on a public server. If you have web applications with certificates or public keys you can point your users at{key.digest} for more info about a certificate.

Register a public key or certificate at PKYP with the new method register_with_pkyp like this:


If you have the public key or certificate digest you can fetch the full public key or certificate like this:

    verifier=EzCrypto::Verifier.from_pkyp "e93e18114cbefaaa89fda908b09df63d3662879a"
    verifier.verify sig, request_text

This allows a simpler way of transfering certificates. The idea of including certificates with every request is not really necessary in an online world. For example you could pass the digest in a HTTP header for a REST web services request.

0.6.2 August 15th, 2006 Trust something release

Now comes complete with a fairly trusted list of root certs as extracted from Apple’s keystore. With the addition of CACerts and GoDaddy SSL Certs (Buy from If you feel any important ones are missing let me know.

You can create a trust store from this with TrustStore.default_trusted. Note many of these CA’s are useless and you shouldn’t really trust them, but this makes it easy to emulate the browsers support.

0.6.1 August 14th, 2006 Subject!=Issuer bug fix

I discovered a not so little bug in the certificate handling. The issuer method of the Certificate mistakenly returned the subject.

0.6 August 10th, 2006 Certified PKI release

Finally I have had a good reason to add Digital Signature support to EzCrypto. We have support for RSA and DSA private and public keys as well as basic X509 certificate support. All in typical EzCrypto simple Ruby like methods.

KNOWN PROBLEM. The DSA Signer.public_key method has some sort of problem but will be fixed for 0.6.1.

0.5 July 19th, 2006 Good citizen release

I have cleaned up the ActiveCrypto namespaces. It now does not use ActiveRecord::Crypto, but ActiveCrypto::*, if you have called stuff directly please update your code.

The reason for this is to really be a good citizen in the world of rails and not unnecessarily pollute the ActiveRecord name space.

I have also created much more thorough unit tests and refactored some things that did not work in version 0.4 that the world thankfully did not see.

0.4 Flawed internal release

0.3 February 25th, 2006 new encrypted file support by Dirk ( Thanks Dirk.

  • Added test case for the file-related stuff. file-stuff seems to work fine
  • Replaced hard coded IO buffersize (512) with class attribute Key#block_size and default value.
  • Modification to create {De,En}crypters only via the factory methods Key#{de,en}crypter.
  • Added Key#{de,en}crypt_file methods that take a file and de- or encrypts it.
  • The methods are implemented to call the cipher with small chunks of data (512 bytes) to keep memory usage low.
  • By default, the original file is first overwritten and then removed.
  • This overwrite is not really safe but should make it harder to restore the data of the removed file from the filesystem.
  • Added Key#{store,load} methods that read and write Key data to/from files.
  • Added Key#safe_{create,delete,read} methods to encapsulate the handling of files inside EzCrypto.

0.2.2 January 4th, 2006 Bug fixes and unit tests for active_crypto

There were some serious problems with ActiveCrypto’s support for having keys in associated classes. I also added unit tests to active_crypto. The support code was brutaly stolen from Rick Olson’s acts_as_paranoid library. Unfortunately I disabled the schema stuff for now, but will add it in the next release, which hopefully is soon.

0.2.1 November 2nd, 2005 New method in KeyHolder

Added set_encoded_key(enc) to KeyHolder for setting a key with the Base64 encoded keyvalue.

0.2 October 30th, 2005 Ruby on Rails integration

As promised I have now included my first version of ActiveCrypto the crypto layer for ActiveRecord and Ruby on Rails.

0.1.1 August 27, 2005 Minor fixes

Thanks to Jason Vasquez mugatu at mugfu dot com for noticing that Key#to_s called the nonexistent encoded method.

I also made a few slight changes to the documentation.