attr_encrypted 1.3.4 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,5 +1,5 @@
1
1
  # -*- encoding: utf-8 -*-
2
- require File.expand_path('../test_helper', __FILE__)
2
+ require_relative 'test_helper'
3
3
 
4
4
  class LegacySillyEncryptor
5
5
  def self.silly_encrypt(options)
@@ -12,7 +12,11 @@ class LegacySillyEncryptor
12
12
  end
13
13
 
14
14
  class LegacyUser
15
+ extend AttrEncrypted
15
16
  self.attr_encrypted_options[:key] = Proc.new { |user| user.class.to_s } # default key
17
+ self.attr_encrypted_options[:insecure_mode] = true
18
+ self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
19
+ self.attr_encrypted_options[:mode] = :single_iv_and_salt
16
20
 
17
21
  attr_encrypted :email, :without_encoding, :key => 'secret key'
18
22
  attr_encrypted :password, :prefix => 'crypted_', :suffix => '_test'
@@ -43,6 +47,7 @@ class LegacyAdmin < LegacyUser
43
47
  end
44
48
 
45
49
  class LegacySomeOtherClass
50
+ extend AttrEncrypted
46
51
  def self.call(object)
47
52
  object.class
48
53
  end
@@ -174,7 +179,7 @@ class LegacyAttrEncryptedTest < Minitest::Test
174
179
  assert_nil @user.ssn_encrypted
175
180
  @user.ssn = 'testing'
176
181
  refute_nil @user.ssn_encrypted
177
- assert_equal Encryptor.encrypt(:value => 'testing', :key => @user.salt), @user.ssn_encrypted
182
+ assert_equal Encryptor.encrypt(:value => 'testing', :key => @user.salt, insecure_mode: true, algorithm: 'aes-256-cbc'), @user.ssn_encrypted
178
183
  end
179
184
 
180
185
  def test_should_evaluate_a_key_passed_as_a_proc
@@ -182,7 +187,7 @@ class LegacyAttrEncryptedTest < Minitest::Test
182
187
  assert_nil @user.crypted_password_test
183
188
  @user.password = 'testing'
184
189
  refute_nil @user.crypted_password_test
185
- assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser'), @user.crypted_password_test
190
+ assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.crypted_password_test
186
191
  end
187
192
 
188
193
  def test_should_use_options_found_in_the_attr_encrypted_options_attribute
@@ -190,7 +195,7 @@ class LegacyAttrEncryptedTest < Minitest::Test
190
195
  assert_nil @user.crypted_password_test
191
196
  @user.password = 'testing'
192
197
  refute_nil @user.crypted_password_test
193
- assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser'), @user.crypted_password_test
198
+ assert_equal Encryptor.encrypt(:value => 'testing', :key => 'LegacyUser', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.crypted_password_test
194
199
  end
195
200
 
196
201
  def test_should_inherit_encrypted_attributes
@@ -208,23 +213,24 @@ class LegacyAttrEncryptedTest < Minitest::Test
208
213
  end
209
214
 
210
215
  def test_should_evaluate_a_symbol_option
211
- assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, :class)
216
+ assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, :class)
212
217
  end
213
218
 
214
219
  def test_should_evaluate_a_proc_option
215
- assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, proc { |object| object.class })
220
+ assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, proc { |object| object.class })
216
221
  end
217
222
 
218
223
  def test_should_evaluate_a_lambda_option
219
- assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, lambda { |object| object.class })
224
+ assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, lambda { |object| object.class })
220
225
  end
221
226
 
222
227
  def test_should_evaluate_a_method_option
223
- assert_equal Object, Object.new.send(:evaluate_attr_encrypted_option, LegacySomeOtherClass.method(:call))
228
+ assert_equal LegacySomeOtherClass, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, LegacySomeOtherClass.method(:call))
224
229
  end
225
230
 
226
231
  def test_should_return_a_string_option
227
- assert_equal 'Object', Object.new.send(:evaluate_attr_encrypted_option, 'Object')
232
+ class_string = 'LegacySomeOtherClass'
233
+ assert_equal class_string, LegacySomeOtherClass.new.send(:evaluate_attr_encrypted_option, class_string)
228
234
  end
229
235
 
230
236
  def test_should_encrypt_with_true_if
@@ -232,7 +238,7 @@ class LegacyAttrEncryptedTest < Minitest::Test
232
238
  assert_nil @user.encrypted_with_true_if
233
239
  @user.with_true_if = 'testing'
234
240
  refute_nil @user.encrypted_with_true_if
235
- assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_true_if
241
+ assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.encrypted_with_true_if
236
242
  end
237
243
 
238
244
  def test_should_not_encrypt_with_false_if
@@ -248,7 +254,7 @@ class LegacyAttrEncryptedTest < Minitest::Test
248
254
  assert_nil @user.encrypted_with_false_unless
249
255
  @user.with_false_unless = 'testing'
250
256
  refute_nil @user.encrypted_with_false_unless
251
- assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key'), @user.encrypted_with_false_unless
257
+ assert_equal Encryptor.encrypt(:value => 'testing', :key => 'secret key', insecure_mode: true, algorithm: 'aes-256-cbc'), @user.encrypted_with_false_unless
252
258
  end
253
259
 
254
260
  def test_should_not_encrypt_with_true_unless
@@ -266,11 +272,6 @@ class LegacyAttrEncryptedTest < Minitest::Test
266
272
  def test_should_always_reset_options
267
273
  @user = LegacyUser.new
268
274
  @user.with_if_changed = "encrypt_stuff"
269
- @user.stubs(:instance_variable_get).returns(nil)
270
- @user.stubs(:instance_variable_set).raises("BadStuff")
271
- assert_raises RuntimeError do
272
- @user.with_if_changed
273
- end
274
275
 
275
276
  @user = LegacyUser.new
276
277
  @user.should_encrypt = false
@@ -1,5 +1,5 @@
1
1
  # -*- encoding: utf-8 -*-
2
- require File.expand_path('../test_helper', __FILE__)
2
+ require_relative 'test_helper'
3
3
 
4
4
  # Test to ensure that existing representations in database do not break on
5
5
  # migrating to new versions of this gem. This ensures that future versions of
@@ -12,10 +12,14 @@ class LegacyCompatibilityTest < Minitest::Test
12
12
  PET_BIRTHDATE_SALT = Digest::SHA256.hexdigest('my-really-really-secret-pet-birthdate-salt')
13
13
  PET_BIRTHDATE_KEY = 'my-really-really-secret-pet-birthdate-key'
14
14
 
15
+ self.attr_encrypted_options[:insecure_mode] = true
16
+ self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
17
+ self.attr_encrypted_options[:mode] = :single_iv_and_salt
18
+
15
19
  attr_encrypted :nickname,
16
- :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY) }
20
+ :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') }
17
21
  attr_encrypted :birthdate,
18
- :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY) }
22
+ :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') }
19
23
  end
20
24
 
21
25
  class LegacyMarshallingPet < ActiveRecord::Base
@@ -24,12 +28,16 @@ class LegacyCompatibilityTest < Minitest::Test
24
28
  PET_BIRTHDATE_SALT = Digest::SHA256.hexdigest('my-really-really-secret-pet-birthdate-salt')
25
29
  PET_BIRTHDATE_KEY = 'my-really-really-secret-pet-birthdate-key'
26
30
 
31
+ self.attr_encrypted_options[:insecure_mode] = true
32
+ self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
33
+ self.attr_encrypted_options[:mode] = :single_iv_and_salt
34
+
27
35
  attr_encrypted :nickname,
28
- :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY) },
29
- :marshal => true
36
+ :key => proc { Encryptor.encrypt(:value => PET_NICKNAME_SALT, :key => PET_NICKNAME_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') },
37
+ :marshal => true
30
38
  attr_encrypted :birthdate,
31
- :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY) },
32
- :marshal => true
39
+ :key => proc { Encryptor.encrypt(:value => PET_BIRTHDATE_SALT, :key => PET_BIRTHDATE_KEY, insecure_mode: true, algorithm: 'aes-256-cbc') },
40
+ :marshal => true
33
41
  end
34
42
 
35
43
  def setup
@@ -50,32 +58,16 @@ class LegacyCompatibilityTest < Minitest::Test
50
58
  end
51
59
 
52
60
  def test_marshalling_backwards_compatibility
53
- # Marshalling formats changed significantly from Ruby 1.8.7 to 1.9.3.
54
- # Also, Date class did not correctly support marshalling pre-1.9.3, so here
55
- # we just marshal it as a string in the Ruby 1.8.7 case.
56
- if RUBY_VERSION < '1.9.3'
57
- pet = LegacyMarshallingPet.create!(
58
- :name => 'Fido',
59
- :encrypted_nickname => 'xhayxWxfkfbNyOS2w1qBMPV49Gfvs6dcZFBopMK2zQA=',
60
- :encrypted_birthdate => 'f4ufXun4GXzahH4MQ1eTBQ=='
61
- )
62
- else
63
- pet = LegacyMarshallingPet.create!(
64
- :name => 'Fido',
65
- :encrypted_nickname => '7RwoT64in4H+fGVBPYtRcN0K4RtriIy1EP4nDojUa8g=',
66
- :encrypted_birthdate => 'bSp9sJhXQSp2QlNZHiujtcK4lRVBE8HQhn1y7moQ63bGJR20hvRSZ73ePAmm+wc5'
67
- )
68
- end
61
+ pet = LegacyMarshallingPet.create!(
62
+ :name => 'Fido',
63
+ :encrypted_nickname => '7RwoT64in4H+fGVBPYtRcN0K4RtriIy1EP4nDojUa8g=',
64
+ :encrypted_birthdate => 'bSp9sJhXQSp2QlNZHiujtcK4lRVBE8HQhn1y7moQ63bGJR20hvRSZ73ePAmm+wc5'
65
+ )
69
66
 
70
67
  assert_equal 'Fido', pet.name
71
68
  assert_equal 'Mummy\'s little helper', pet.nickname
72
69
 
73
- # See earlier comment.
74
- if RUBY_VERSION < '1.9.3'
75
- assert_equal '2011-07-09', pet.birthdate
76
- else
77
- assert_equal Date.new(2011, 7, 9), pet.birthdate
78
- end
70
+ assert_equal Date.new(2011, 7, 9), pet.birthdate
79
71
  end
80
72
 
81
73
  private
@@ -101,4 +93,3 @@ class LegacyCompatibilityTest < Minitest::Test
101
93
  end
102
94
 
103
95
  ActiveRecord::Base.establish_connection :adapter => 'sqlite3', :database => ':memory:'
104
-
@@ -1,17 +1,20 @@
1
- require File.expand_path('../test_helper', __FILE__)
1
+ require_relative 'test_helper'
2
2
 
3
3
  DataMapper.setup(:default, 'sqlite3::memory:')
4
4
 
5
5
  class LegacyClient
6
6
  include DataMapper::Resource
7
+ self.attr_encrypted_options[:insecure_mode] = true
8
+ self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
9
+ self.attr_encrypted_options[:mode] = :single_iv_and_salt
7
10
 
8
11
  property :id, Serial
9
12
  property :encrypted_email, String
10
13
  property :encrypted_credentials, Text
11
14
  property :salt, String
12
15
 
13
- attr_encrypted :email, :key => 'a secret key'
14
- attr_encrypted :credentials, :key => Proc.new { |client| Encryptor.encrypt(:value => client.salt, :key => 'some private key') }, :marshal => true
16
+ attr_encrypted :email, :key => 'a secret key', mode: :single_iv_and_salt
17
+ attr_encrypted :credentials, :key => Proc.new { |client| Encryptor.encrypt(:value => client.salt, :key => 'some private key', insecure_mode: true, algorithm: 'aes-256-cbc') }, :marshal => true, mode: :single_iv_and_salt
15
18
 
16
19
  def initialize(attrs = {})
17
20
  super attrs
@@ -1,4 +1,4 @@
1
- require File.expand_path('../test_helper', __FILE__)
1
+ require_relative 'test_helper'
2
2
 
3
3
  DB.create_table :legacy_humans do
4
4
  primary_key :id
@@ -8,9 +8,13 @@ DB.create_table :legacy_humans do
8
8
  column :salt, :string
9
9
  end
10
10
 
11
- class LegacyHuman < Sequel::Model(:legacy_humans)
12
- attr_encrypted :email, :key => 'a secret key'
13
- attr_encrypted :credentials, :key => Proc.new { |human| Encryptor.encrypt(:value => human.salt, :key => 'some private key') }, :marshal => true
11
+ class LegacyHuman < Sequel::Model(:legacy_humans)
12
+ self.attr_encrypted_options[:insecure_mode] = true
13
+ self.attr_encrypted_options[:algorithm] = 'aes-256-cbc'
14
+ self.attr_encrypted_options[:mode] = :single_iv_and_salt
15
+
16
+ attr_encrypted :email, :key => 'a secret key', mode: :single_iv_and_salt
17
+ attr_encrypted :credentials, :key => Proc.new { |human| Encryptor.encrypt(:value => human.salt, :key => 'some private key', insecure_mode: true, algorithm: 'aes-256-cbc') }, :marshal => true, mode: :single_iv_and_salt
14
18
 
15
19
  def after_initialize(attrs = {})
16
20
  self.salt ||= Digest::SHA1.hexdigest((Time.now.to_i * rand(5)).to_s)
data/test/run.sh CHANGED
@@ -1,52 +1,12 @@
1
- #!/bin/sh
2
-
3
- set -e
4
-
5
- export RBENV_VERSION=ree-1.8.7-2012.02
6
- rbenv version
7
-
8
- export ACTIVERECORD=2.3.8
9
- bundle
10
- bundle exec rake
11
- export ACTIVERECORD=3.0.0
12
- bundle
13
- bundle exec rake
14
- export ACTIVERECORD=3.1.0
15
- bundle
16
- bundle exec rake
17
- export ACTIVERECORD=3.2.0
18
- bundle
19
- bundle exec rake
20
-
21
- export RBENV_VERSION=1.9.3-p484
22
- rbenv version
23
-
24
- export ACTIVERECORD=3.0.0
25
- bundle
26
- bundle exec rake
27
- export ACTIVERECORD=3.1.0
28
- bundle
29
- bundle exec rake
30
- export ACTIVERECORD=3.2.0
31
- bundle
32
- bundle exec rake
33
- export ACTIVERECORD=4.0.0
34
- bundle
35
- bundle exec rake
36
-
37
- export RBENV_VERSION=2.0.0-p353
38
- rbenv version
39
-
40
- export ACTIVERECORD=3.2.0
41
- bundle
42
- bundle exec rake
43
- export ACTIVERECORD=4.0.0
44
- bundle
45
- bundle exec rake
46
-
47
- export RBENV_VERSION=2.1.0
48
- rbenv version
49
-
50
- export ACTIVERECORD=4.0.0
51
- bundle
52
- bundle exec rake
1
+ #!/usr/bin/env sh -e
2
+
3
+ for RUBY in 1.9.3 2.0.0 2.1 2.2
4
+ do
5
+ for RAILS in 2.3.8 3.0.0 3.1.0 3.2.0 4.0.0 4.1.0 4.2.0
6
+ do
7
+ if [[ $RUBY -gt 1.9.3 && $RAILS -lt 4.0.0 ]]; then
8
+ continue
9
+ fi
10
+ RBENV_VERSION=$RUBY ACTIVERECORD=$RAILS bundle && bundle exec rake
11
+ done
12
+ done
data/test/sequel_test.rb CHANGED
@@ -1,4 +1,4 @@
1
- require File.expand_path('../test_helper', __FILE__)
1
+ require_relative 'test_helper'
2
2
 
3
3
  DB.create_table :humans do
4
4
  primary_key :id
data/test/test_helper.rb CHANGED
@@ -1,37 +1,42 @@
1
- if RUBY_VERSION >= '1.9.3'
2
- require 'simplecov'
3
- require 'simplecov-rcov'
1
+ require 'simplecov'
2
+ require 'simplecov-rcov'
3
+ require "codeclimate-test-reporter"
4
4
 
5
- SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
5
+ SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter.new(
6
+ [
6
7
  SimpleCov::Formatter::HTMLFormatter,
7
8
  SimpleCov::Formatter::RcovFormatter,
9
+ CodeClimate::TestReporter::Formatter
8
10
  ]
11
+ )
9
12
 
10
- SimpleCov.start do
11
- add_filter 'test'
12
- end
13
+ SimpleCov.start do
14
+ add_filter 'test'
13
15
  end
14
16
 
15
- require 'minitest'
16
- require "codeclimate-test-reporter"
17
17
  CodeClimate::TestReporter.start
18
18
 
19
19
  require 'minitest/autorun'
20
- require 'digest/sha2'
21
- require 'rubygems'
22
- gem 'activerecord', ENV['ACTIVE_RECORD_VERSION'] if ENV['ACTIVE_RECORD_VERSION']
20
+
21
+ # Rails 4.0.x pins to an old minitest
22
+ unless defined?(MiniTest::Test)
23
+ MiniTest::Test = MiniTest::Unit::TestCase
24
+ end
25
+
23
26
  require 'active_record'
24
27
  require 'data_mapper'
28
+ require 'digest/sha2'
25
29
  require 'sequel'
26
- require 'mocha/test_unit'
27
30
 
28
31
  $:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
29
32
  $:.unshift(File.dirname(__FILE__))
30
33
  require 'attr_encrypted'
31
34
 
32
- puts "\nTesting with ActiveRecord #{ActiveRecord::VERSION::STRING rescue ENV['ACTIVE_RECORD_VERSION']}"
33
-
34
- DB = Sequel.sqlite
35
+ DB = if defined?(RUBY_ENGINE) && RUBY_ENGINE.to_sym == :jruby
36
+ Sequel.jdbc('jdbc:sqlite::memory:')
37
+ else
38
+ Sequel.sqlite
39
+ end
35
40
 
36
41
  # The :after_initialize hook was removed in Sequel 4.0
37
42
  # and had been deprecated for a while before that:
@@ -39,5 +44,8 @@ DB = Sequel.sqlite
39
44
  # This plugin re-enables it.
40
45
  Sequel::Model.plugin :after_initialize
41
46
 
42
- SECRET_KEY = 4.times.map { Digest::SHA256.hexdigest((Time.now.to_i * rand(5)).to_s) }.join
47
+ SECRET_KEY = SecureRandom.random_bytes(32)
43
48
 
49
+ def base64_encoding_regex
50
+ /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=|[A-Za-z0-9+\/]{4})$/
51
+ end
data.tar.gz.sig ADDED
Binary file