RubyGems - attr_encrypted - Versions diffs - 1.3.3 → 3.0.1 - Mend

attr_encrypted 1.3.3 → 3.0.1

Files changed (33) hide show

checksums.yaml +7 -0
checksums.yaml.gz.sig +1 -0
data.tar.gz.sig +0 -0
data/.gitignore +6 -0
data/.travis.yml +24 -0
data/CHANGELOG.md +79 -0
data/Gemfile +3 -0
data/README.md +444 -0
data/Rakefile +4 -15
data/attr_encrypted.gemspec +63 -0
data/certs/saghaulor.pem +21 -0
data/checksum/attr_encrypted-3.0.0.gem.sha256 +1 -0
data/checksum/attr_encrypted-3.0.0.gem.sha512 +1 -0
data/lib/attr_encrypted.rb +196 -105
data/lib/attr_encrypted/adapters/active_record.rb +64 -21
data/lib/attr_encrypted/adapters/data_mapper.rb +1 -0
data/lib/attr_encrypted/adapters/sequel.rb +1 -0
data/lib/attr_encrypted/version.rb +3 -3
data/test/active_record_test.rb +157 -57
data/test/attr_encrypted_test.rb +117 -55
data/test/compatibility_test.rb +20 -37
data/test/data_mapper_test.rb +6 -6
data/test/legacy_active_record_test.rb +16 -12
data/test/legacy_attr_encrypted_test.rb +31 -30
data/test/legacy_compatibility_test.rb +22 -31
data/test/legacy_data_mapper_test.rb +11 -8
data/test/legacy_sequel_test.rb +13 -9
data/test/run.sh +12 -52
data/test/sequel_test.rb +6 -6
data/test/test_helper.rb +28 -16
metadata +121 -70
metadata.gz.sig +0 -0
data/README.rdoc +0 -302

data/test/data_mapper_test.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require File.expand_path('../test_helper', __FILE__)
+require_relative 'test_helper'
 DataMapper.setup(:default, 'sqlite3::memory:')
@@ -27,7 +27,7 @@ end
 DataMapper.auto_migrate!
-class DataMapperTest < Test::Unit::TestCase
+class DataMapperTest < Minitest::Test
   def setup
     Client.all.each(&:destroy)
@@ -36,16 +36,16 @@ class DataMapperTest < Test::Unit::TestCase
   def test_should_encrypt_email
     @client = Client.new :email => 'test@example.com'
     assert @client.save
-    assert_not_nil @client.encrypted_email
-    assert_not_equal @client.email, @client.encrypted_email
+    refute_nil @client.encrypted_email
+    refute_equal @client.email, @client.encrypted_email
     assert_equal @client.email, Client.first.email
   end
   def test_should_marshal_and_encrypt_credentials
     @client = Client.new
     assert @client.save
-    assert_not_nil @client.encrypted_credentials
-    assert_not_equal @client.credentials, @client.encrypted_credentials
+    refute_nil @client.encrypted_credentials
+    refute_equal @client.credentials, @client.encrypted_credentials
     assert_equal @client.credentials, Client.first.credentials
     assert Client.first.credentials.is_a?(Hash)
   end

data/test/legacy_active_record_test.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-require File.expand_path('../test_helper', __FILE__)
+require_relative 'test_helper'
 ActiveRecord::Base.establish_connection :adapter => 'sqlite3', :database => ':memory:'
@@ -22,8 +22,12 @@ create_people_table
 ActiveRecord::MissingAttributeError = ActiveModel::MissingAttributeError unless defined?(ActiveRecord::MissingAttributeError)
 class LegacyPerson < ActiveRecord::Base
+  self.attr_encrypted_options[:insecure_mode] = true
+  self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
+  self.attr_encrypted_options[:mode] = :single_iv_and_salt
   attr_encrypted :email, :key => 'a secret key'
-  attr_encrypted :credentials, :key => Proc.new { |user| Encryptor.encrypt(:value => user.salt, :key => 'some private key') }, :marshal => true
+  attr_encrypted :credentials, :key => Proc.new { |user| Encryptor.encrypt(:value => user.salt, :key => 'some private key', insecure_mode: true, algorithm: 'aes-256-cbc') }, :marshal => true
   ActiveSupport::Deprecation.silenced = true
   def after_initialize; end
@@ -45,7 +49,7 @@ class LegacyPersonWithValidation < LegacyPerson
   validates_uniqueness_of :encrypted_email
 end
-class LegacyActiveRecordTest < Test::Unit::TestCase
+class LegacyActiveRecordTest < Minitest::Test
   def setup
     ActiveRecord::Base.connection.tables.each { |table| ActiveRecord::Base.connection.drop_table(table) }
@@ -55,22 +59,22 @@ class LegacyActiveRecordTest < Test::Unit::TestCase
   def test_should_decrypt_with_correct_encoding
     if defined?(Encoding)
       @person = LegacyPerson.create :email => 'test@example.com'
-      assert_equal 'UTF-8', LegacyPerson.find(:first).email.encoding.name
+      assert_equal 'UTF-8', LegacyPerson.first.email.encoding.name
     end
   end
   def test_should_encrypt_email
     @person = LegacyPerson.create :email => 'test@example.com'
-    assert_not_nil @person.encrypted_email
-    assert_not_equal @person.email, @person.encrypted_email
-    assert_equal @person.email, LegacyPerson.find(:first).email
+    refute_nil @person.encrypted_email
+    refute_equal @person.email, @person.encrypted_email
+    assert_equal @person.email, LegacyPerson.first.email
   end
   def test_should_marshal_and_encrypt_credentials
     @person = LegacyPerson.create
-    assert_not_nil @person.encrypted_credentials
-    assert_not_equal @person.credentials, @person.encrypted_credentials
-    assert_equal @person.credentials, LegacyPerson.find(:first).credentials
+    refute_nil @person.encrypted_credentials
+    refute_equal @person.credentials, @person.encrypted_credentials
+    assert_equal @person.credentials, LegacyPerson.first.credentials
   end
   def test_should_find_by_email
@@ -86,13 +90,13 @@ class LegacyActiveRecordTest < Test::Unit::TestCase
   def test_should_scope_by_email
     @person = LegacyPerson.create(:email => 'test@example.com')
-    assert_equal @person, LegacyPerson.scoped_by_email('test@example.com').find(:first) rescue NoMethodError
+    assert_equal @person, LegacyPerson.scoped_by_email('test@example.com').first rescue NoMethodError
   end
   def test_should_scope_by_email_and_password
     LegacyPerson.create(:email => 'test@example.com', :password => 'invalid')
     @person = LegacyPerson.create(:email => 'test@example.com', :password => 'test')
-    assert_equal @person, LegacyPerson.scoped_by_email_and_password('test@example.com', 'test').find(:first) rescue NoMethodError
+    assert_equal @person, LegacyPerson.scoped_by_email_and_password('test@example.com', 'test').first rescue NoMethodError
   end
   def test_should_encode_by_default

data/test/legacy_attr_encrypted_test.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-require File.expand_path('../test_helper', __FILE__)
+require_relative 'test_helper'
 class LegacySillyEncryptor
   def self.silly_encrypt(options)
@@ -12,7 +12,11 @@ class LegacySillyEncryptor
 end
 class LegacyUser
+  extend AttrEncrypted
   self.attr_encrypted_options[:key] = Proc.new { |user| user.class.to_s } # default key
+  self.attr_encrypted_options[:insecure_mode] = true
+  self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
+  self.attr_encrypted_options[:mode] = :single_iv_and_salt
   attr_encrypted :email, :without_encoding, :key => 'secret key'
   attr_encrypted :password, :prefix => 'crypted_', :suffix => '_test'
@@ -43,12 +47,13 @@ class LegacyAdmin < LegacyUser
 end
 class LegacySomeOtherClass
+  extend AttrEncrypted
   def self.call(object)
     object.class
   end
 end
-class LegacyAttrEncryptedTest < Test::Unit::TestCase
+class LegacyAttrEncryptedTest < Minitest::Test
   def test_should_store_email_in_encrypted_attributes
     assert LegacyUser.encrypted_attributes.include?(:email)
@@ -63,7 +68,7 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
   end
   def test_attr_encrypted_should_not_use_the_same_attribute_name_for_two_attributes_in_the_same_line
-    assert_not_equal LegacyUser.encrypted_attributes[:email][:attribute], LegacyUser.encrypted_attributes[:without_encoding][:attribute]
+    refute_equal LegacyUser.encrypted_attributes[:email][:attribute], LegacyUser.encrypted_attributes[:without_encoding][:attribute]
   end
   def test_attr_encrypted_should_return_false_for_salt
@@ -91,15 +96,15 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
   end
   def test_should_encrypt_email
-    assert_not_nil LegacyUser.encrypt_email('test@example.com')
-    assert_not_equal 'test@example.com', LegacyUser.encrypt_email('test@example.com')
+    refute_nil LegacyUser.encrypt_email('test@example.com')
+    refute_equal 'test@example.com', LegacyUser.encrypt_email('test@example.com')
   end
   def test_should_encrypt_email_when_modifying_the_attr_writer
     @user = LegacyUser.new
     assert_nil @user.encrypted_email
     @user.email = 'test@example.com'
-    assert_not_nil @user.encrypted_email
+    refute_nil @user.encrypted_email
     assert_equal LegacyUser.encrypt_email('test@example.com'), @user.encrypted_email
   end
@@ -113,7 +118,7 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
   def test_should_decrypt_email
     encrypted_email = LegacyUser.encrypt_email('test@example.com')
-    assert_not_equal 'test@test.com', encrypted_email
+    refute_equal 'test@test.com', encrypted_email
     assert_equal 'test@example.com', LegacyUser.decrypt_email(encrypted_email)
   end
@@ -153,7 +158,7 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
   def test_should_encrypt_with_marshaling
     @user = LegacyUser.new
     @user.with_marshaling = [1, 2, 3]
-    assert_not_nil @user.encrypted_with_marshaling
+    refute_nil @user.encrypted_with_marshaling
     assert_equal LegacyUser.encrypt_with_marshaling([1, 2, 3]), @user.encrypted_with_marshaling
   end
@@ -173,24 +178,24 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
     @user = LegacyUser.new
     assert_nil @user.ssn_encrypted
     @user.ssn = 'testing'
-    assert_not_nil @user.ssn_encrypted
-    assert_equal Encryptor.encrypt(:value => 'testing', :key => @user.salt), @user.ssn_encrypted
+    refute_nil @user.ssn_encrypted
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => @user.salt, insecure_mode: true, algorithm: 'aes-256-cbc'), @user.ssn_encrypted
   end
   def test_should_evaluate_a_key_passed_as_a_proc
     @user = LegacyUser.new
     assert_nil @user.crypted_password_test
     @user.password = 'testing'
-    assert_not_nil @user.crypted_password_test
-    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser'), @user.crypted_password_test
+    refute_nil @user.crypted_password_test
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.crypted_password_test
   end
   def test_should_use_options_found_in_the_attr_encrypted_options_attribute
     @user = LegacyUser.new
     assert_nil @user.crypted_password_test
     @user.password = 'testing'
-    assert_not_nil @user.crypted_password_test
-    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser'), @user.crypted_password_test
+    refute_nil @user.crypted_password_test
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.crypted_password_test
   end
   def test_should_inherit_encrypted_attributes
@@ -208,38 +213,39 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
   end
   def test_should_evaluate_a_symbol_option
-    assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, :class)
+    assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, :class)
   end
   def test_should_evaluate_a_proc_option
-    assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, proc { |object| object.class })
+    assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, proc { |object| object.class })
   end
   def test_should_evaluate_a_lambda_option
-    assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, lambda { |object| object.class })
+    assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, lambda { |object| object.class })
   end
   def test_should_evaluate_a_method_option
-    assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, LegacySomeOtherClass.method(:call))
+    assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, LegacySomeOtherClass.method(:call))
   end
   def test_should_return_a_string_option
-    assert_equal 'Object', Object.new.send(:evaluate_attr_encrypted_option, 'Object')
+    class_string = 'LegacySomeOtherClass'
+    assert_equal class_string, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, class_string)
   end
   def test_should_encrypt_with_true_if
     @user = LegacyUser.new
     assert_nil @user.encrypted_with_true_if
     @user.with_true_if = 'testing'
-    assert_not_nil @user.encrypted_with_true_if
-    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_true_if
+    refute_nil @user.encrypted_with_true_if
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.encrypted_with_true_if
   end
   def test_should_not_encrypt_with_false_if
     @user = LegacyUser.new
     assert_nil @user.encrypted_with_false_if
     @user.with_false_if = 'testing'
-    assert_not_nil @user.encrypted_with_false_if
+    refute_nil @user.encrypted_with_false_if
     assert_equal 'testing', @user.encrypted_with_false_if
   end
@@ -247,15 +253,15 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
     @user = LegacyUser.new
     assert_nil @user.encrypted_with_false_unless
     @user.with_false_unless = 'testing'
-    assert_not_nil @user.encrypted_with_false_unless
-    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_false_unless
+    refute_nil @user.encrypted_with_false_unless
+    assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.encrypted_with_false_unless
   end
   def test_should_not_encrypt_with_true_unless
     @user = LegacyUser.new
     assert_nil @user.encrypted_with_true_unless
     @user.with_true_unless = 'testing'
-    assert_not_nil @user.encrypted_with_true_unless
+    refute_nil @user.encrypted_with_true_unless
     assert_equal 'testing', @user.encrypted_with_true_unless
   end
@@ -266,11 +272,6 @@ class LegacyAttrEncryptedTest < Test::Unit::TestCase
   def test_should_always_reset_options
     @user = LegacyUser.new
     @user.with_if_changed = "encrypt_stuff"
-    @user.stubs(:instance_variable_get).returns(nil)
-    @user.stubs(:instance_variable_set).raises("BadStuff")
-    assert_raise RuntimeError do
-      @user.with_if_changed
-    end
     @user = LegacyUser.new
     @user.should_encrypt = false

data/test/legacy_compatibility_test.rb CHANGED Viewed

@@ -1,21 +1,25 @@
 # -*- encoding: utf-8 -*-
-require File.expand_path('../test_helper', __FILE__)
+require_relative 'test_helper'
 # Test to ensure that existing representations in database do not break on
 # migrating to new versions of this gem. This ensures that future versions of
 # this gem will retain backwards compatibility with data generated by earlier
 # versions.
-class LegacyCompatibilityTest < Test::Unit::TestCase
+class LegacyCompatibilityTest < Minitest::Test
   class LegacyNonmarshallingPet < ActiveRecord::Base
     PET_NICKNAME_SALT = Digest::SHA256.hexdigest('my-really-really-secret-pet-nickname-salt')
     PET_NICKNAME_KEY = 'my-really-really-secret-pet-nickname-key'
     PET_BIRTHDATE_SALT = Digest::SHA256.hexdigest('my-really-really-secret-pet-birthdate-salt')
     PET_BIRTHDATE_KEY = 'my-really-really-secret-pet-birthdate-key'
+    self.attr_encrypted_options[:insecure_mode] = true
+    self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
+    self.attr_encrypted_options[:mode] = :single_iv_and_salt
     attr_encrypted :nickname,
-      :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY) }
+      :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') }
     attr_encrypted :birthdate,
-      :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY) }
+      :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') }
   end
   class LegacyMarshallingPet < ActiveRecord::Base
@@ -24,12 +28,16 @@ class LegacyCompatibilityTest < Test::Unit::TestCase
     PET_BIRTHDATE_SALT = Digest::SHA256.hexdigest('my-really-really-secret-pet-birthdate-salt')
     PET_BIRTHDATE_KEY = 'my-really-really-secret-pet-birthdate-key'
+    self.attr_encrypted_options[:insecure_mode] = true
+    self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
+    self.attr_encrypted_options[:mode] = :single_iv_and_salt
     attr_encrypted :nickname,
-      :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY) },
-      :marshal => true
+                   :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') },
+                   :marshal => true
     attr_encrypted :birthdate,
-      :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY) },
-      :marshal => true
+                   :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') },
+                   :marshal => true
   end
   def setup
@@ -50,32 +58,16 @@ class LegacyCompatibilityTest < Test::Unit::TestCase
   end
   def test_marshalling_backwards_compatibility
-    # Marshalling formats changed significantly from Ruby 1.8.7 to 1.9.3.
-    # Also, Date class did not correctly support marshalling pre-1.9.3, so here
-    # we just marshal it as a string in the Ruby 1.8.7 case.
-    if RUBY_VERSION < '1.9.3'
-      pet = LegacyMarshallingPet.create!(
-        :name => 'Fido',
-        :encrypted_nickname => 'xhayxWxfkfbNyOS2w1qBMPV49Gfvs6dcZFBopMK2zQA=',
-        :encrypted_birthdate => 'f4ufXun4GXzahH4MQ1eTBQ=='
-      )
-    else
-      pet = LegacyMarshallingPet.create!(
-        :name => 'Fido',
-        :encrypted_nickname => '7RwoT64in4H+fGVBPYtRcN0K4RtriIy1EP4nDojUa8g=',
-        :encrypted_birthdate => 'bSp9sJhXQSp2QlNZHiujtcK4lRVBE8HQhn1y7moQ63bGJR20hvRSZ73ePAmm+wc5'
-      )
-    end
+    pet = LegacyMarshallingPet.create!(
+      :name => 'Fido',
+      :encrypted_nickname => '7RwoT64in4H+fGVBPYtRcN0K4RtriIy1EP4nDojUa8g=',
+      :encrypted_birthdate => 'bSp9sJhXQSp2QlNZHiujtcK4lRVBE8HQhn1y7moQ63bGJR20hvRSZ73ePAmm+wc5'
+    )
     assert_equal 'Fido', pet.name
     assert_equal 'Mummy\'s little helper', pet.nickname
-    # See earlier comment.
-    if RUBY_VERSION < '1.9.3'
-      assert_equal '2011-07-09', pet.birthdate
-    else
-      assert_equal Date.new(2011, 7, 9), pet.birthdate
-    end
+    assert_equal Date.new(2011, 7, 9), pet.birthdate
   end
   private
@@ -101,4 +93,3 @@ class LegacyCompatibilityTest < Test::Unit::TestCase
 end
 ActiveRecord::Base.establish_connection :adapter => 'sqlite3', :database => ':memory:'

data/test/legacy_data_mapper_test.rb CHANGED Viewed

@@ -1,17 +1,20 @@
-require File.expand_path('../test_helper', __FILE__)
+require_relative 'test_helper'
 DataMapper.setup(:default, 'sqlite3::memory:')
 class LegacyClient
   include DataMapper::Resource
+  self.attr_encrypted_options[:insecure_mode] = true
+  self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
+  self.attr_encrypted_options[:mode] = :single_iv_and_salt
   property :id, Serial
   property :encrypted_email, String
   property :encrypted_credentials, Text
   property :salt, String
-  attr_encrypted :email, :key => 'a secret key'
-  attr_encrypted :credentials, :key => Proc.new { |client| Encryptor.encrypt(:value => client.salt, :key => 'some private key') }, :marshal => true
+  attr_encrypted :email, :key => 'a secret key', mode: :single_iv_and_salt
+  attr_encrypted :credentials, :key => Proc.new { |client| Encryptor.encrypt(:value => client.salt, :key => 'some private key', insecure_mode: true, algorithm: 'aes-256-cbc') }, :marshal => true, mode: :single_iv_and_salt
   def initialize(attrs = {})
     super attrs
@@ -22,7 +25,7 @@ end
 DataMapper.auto_migrate!
-class LegacyDataMapperTest < Test::Unit::TestCase
+class LegacyDataMapperTest < Minitest::Test
   def setup
     LegacyClient.all.each(&:destroy)
@@ -31,16 +34,16 @@ class LegacyDataMapperTest < Test::Unit::TestCase
   def test_should_encrypt_email
     @client = LegacyClient.new :email => 'test@example.com'
     assert @client.save
-    assert_not_nil @client.encrypted_email
-    assert_not_equal @client.email, @client.encrypted_email
+    refute_nil @client.encrypted_email
+    refute_equal @client.email, @client.encrypted_email
     assert_equal @client.email, LegacyClient.first.email
   end
   def test_should_marshal_and_encrypt_credentials
     @client = LegacyClient.new
     assert @client.save
-    assert_not_nil @client.encrypted_credentials
-    assert_not_equal @client.credentials, @client.encrypted_credentials
+    refute_nil @client.encrypted_credentials
+    refute_equal @client.credentials, @client.encrypted_credentials
     assert_equal @client.credentials, LegacyClient.first.credentials
     assert LegacyClient.first.credentials.is_a?(Hash)
   end

data/test/legacy_sequel_test.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require File.expand_path('../test_helper', __FILE__)
+require_relative 'test_helper'
 DB.create_table :legacy_humans do
   primary_key :id
@@ -8,9 +8,13 @@ DB.create_table :legacy_humans do
   column :salt, :string
 end
-class LegacyHuman < Sequel::Model(:legacy_humans)
-  attr_encrypted :email, :key => 'a secret key'
-  attr_encrypted :credentials, :key => Proc.new { |human| Encryptor.encrypt(:value => human.salt, :key => 'some private key') }, :marshal => true
+class LegacyHuman < Sequel::Model(:legacy_humans)
+  self.attr_encrypted_options[:insecure_mode] = true
+  self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
+  self.attr_encrypted_options[:mode] = :single_iv_and_salt
+  attr_encrypted :email, :key => 'a secret key', mode: :single_iv_and_salt
+  attr_encrypted :credentials, :key => Proc.new { |human| Encryptor.encrypt(:value => human.salt, :key => 'some private key', insecure_mode: true, algorithm: 'aes-256-cbc') }, :marshal => true, mode: :single_iv_and_salt
   def after_initialize(attrs = {})
     self.salt ||= Digest::SHA1.hexdigest((Time.now.to_i * rand(5)).to_s)
@@ -18,7 +22,7 @@ class LegacyHuman < Sequel::Model(:legacy_humans)
   end
 end
-class LegacySequelTest < Test::Unit::TestCase
+class LegacySequelTest < Minitest::Test
   def setup
     LegacyHuman.all.each(&:destroy)
@@ -27,16 +31,16 @@ class LegacySequelTest < Test::Unit::TestCase
   def test_should_encrypt_email
     @human = LegacyHuman.new :email => 'test@example.com'
     assert @human.save
-    assert_not_nil @human.encrypted_email
-    assert_not_equal @human.email, @human.encrypted_email
+    refute_nil @human.encrypted_email
+    refute_equal @human.email, @human.encrypted_email
     assert_equal @human.email, LegacyHuman.first.email
   end
   def test_should_marshal_and_encrypt_credentials
     @human = LegacyHuman.new
     assert @human.save
-    assert_not_nil @human.encrypted_credentials
-    assert_not_equal @human.credentials, @human.encrypted_credentials
+    refute_nil @human.encrypted_credentials
+    refute_equal @human.credentials, @human.encrypted_credentials
     assert_equal @human.credentials, LegacyHuman.first.credentials
     assert LegacyHuman.first.credentials.is_a?(Hash)
   end