crypt_keeper 0.22.0 → 1.0.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -1
  3. data/.travis.yml +5 -1
  4. data/Appraisals +6 -6
  5. data/README.md +8 -20
  6. data/Rakefile +7 -3
  7. data/crypt_keeper.gemspec +5 -5
  8. data/gemfiles/{activerecord_4_1.gemfile → activerecord_5_0.gemfile} +2 -2
  9. data/lib/crypt_keeper.rb +1 -2
  10. data/lib/crypt_keeper/helper.rb +0 -18
  11. data/lib/crypt_keeper/log_subscriber/mysql_aes.rb +7 -9
  12. data/lib/crypt_keeper/log_subscriber/postgres_pgp.rb +7 -9
  13. data/lib/crypt_keeper/model.rb +14 -20
  14. data/lib/crypt_keeper/provider/aes_new.rb +1 -1
  15. data/lib/crypt_keeper/provider/base.rb +21 -0
  16. data/lib/crypt_keeper/provider/mysql_aes_new.rb +1 -1
  17. data/lib/crypt_keeper/provider/postgres_pgp.rb +2 -2
  18. data/lib/crypt_keeper/provider/postgres_pgp_public_key.rb +1 -1
  19. data/lib/crypt_keeper/version.rb +1 -1
  20. data/spec/crypt_keeper/log_subscriber/mysql_aes_spec.rb +56 -0
  21. data/spec/crypt_keeper/log_subscriber/postgres_pgp_spec.rb +94 -0
  22. data/spec/crypt_keeper/model_spec.rb +172 -0
  23. data/spec/crypt_keeper/provider/aes_new_spec.rb +41 -0
  24. data/spec/crypt_keeper/provider/mysql_aes_new_spec.rb +50 -0
  25. data/spec/crypt_keeper/provider/postgres_pgp_public_key_spec.rb +66 -0
  26. data/spec/crypt_keeper/provider/postgres_pgp_spec.rb +66 -0
  27. data/spec/spec_helper.rb +0 -1
  28. data/spec/support/encryptors.rb +9 -3
  29. data/spec/support/logging.rb +92 -0
  30. metadata +37 -44
  31. data/gemfiles/activerecord_4_1.gemfile.lock +0 -120
  32. data/gemfiles/activerecord_4_2.gemfile.lock +0 -120
  33. data/lib/crypt_keeper/provider/aes.rb +0 -66
  34. data/lib/crypt_keeper/provider/mysql_aes.rb +0 -47
  35. data/spec/log_subscriber/mysql_aes_spec.rb +0 -73
  36. data/spec/log_subscriber/postgres_pgp_spec.rb +0 -123
  37. data/spec/model_spec.rb +0 -169
  38. data/spec/provider/aes_new_spec.rb +0 -45
  39. data/spec/provider/aes_spec.rb +0 -67
  40. data/spec/provider/mysql_aes_new_spec.rb +0 -54
  41. data/spec/provider/mysql_aes_spec.rb +0 -35
  42. data/spec/provider/postgres_pgp_public_key_spec.rb +0 -70
  43. data/spec/provider/postgres_pgp_spec.rb +0 -70
@@ -11,7 +11,6 @@ ENCRYPTION_PASSWORD = "supermadsecretstring"
11
11
  Dir[SPEC_ROOT.join('support/*.rb')].each{|f| require f }
12
12
 
13
13
  RSpec.configure do |config|
14
- config.treat_symbols_as_metadata_keys_with_true_values = true
15
14
  config.run_all_when_everything_filtered = true
16
15
  config.filter_run :focus
17
16
 
@@ -1,7 +1,13 @@
1
1
  module CryptKeeper
2
2
  module Provider
3
3
  # A fake class that does no encryption
4
- class FakeEncryptor
4
+ class InvalidEncryptor
5
+ def initialize(*args)
6
+ end
7
+ end
8
+
9
+ # A fake class that does no encryption
10
+ class FakeEncryptor < Base
5
11
  def initialize(*args)
6
12
  end
7
13
 
@@ -14,7 +20,7 @@ module CryptKeeper
14
20
  end
15
21
  end
16
22
 
17
- class SearchEncryptor
23
+ class SearchEncryptor < Base
18
24
  def initialize(*args)
19
25
  end
20
26
 
@@ -34,7 +40,7 @@ module CryptKeeper
34
40
 
35
41
  # This class embeds the passphrase in the beginning of the string
36
42
  # and then reverses the 'plaintext'
37
- class Encryptor
43
+ class Encryptor < Base
38
44
  def initialize(options = {})
39
45
  @passphrase = options[:passphrase]
40
46
  end
@@ -0,0 +1,92 @@
1
+ # This module is used to verify CryptKeeper log subscribers work as expected.
2
+ #
3
+ # Examples
4
+ #
5
+ # The following test will verify that the `input` query is scrubbed so it
6
+ # matches the `output` query.
7
+ #
8
+ # specify do
9
+ # should_log_scrubbed_query \
10
+ # input: "SELECT pgp_sym_encrypt('val', 'key')"
11
+ # output: "SELECT encrypt([FILTERED])"
12
+ # end
13
+ #
14
+ # The following test will verify that the `input` query was not logged at all
15
+ # (eg: CryptKeeper.silence_logs is enabled).
16
+ #
17
+ # specify do
18
+ # CryptKeeper.silence_logs = true
19
+ #
20
+ # should_not_log_query input: "SELECT pgp_sym_encrypt('val', 'key')"
21
+ # end
22
+ require "active_record/log_subscriber"
23
+
24
+ module CryptKeeper
25
+ module Testing
26
+ module Logging
27
+ class TestDebugLogSubscriber < ActiveRecord::LogSubscriber
28
+ attr_reader :debugs
29
+
30
+ def initialize
31
+ @debugs = []
32
+ super
33
+ end
34
+
35
+ def debug(message)
36
+ @debugs << message
37
+ end
38
+ end
39
+
40
+ # Public: Verifies that the given input query was scrubbed and the
41
+ # output query was logged.
42
+ #
43
+ # input - Input SQL query to be scrubbed
44
+ # output - Expected output SQL query after scrubbing
45
+ #
46
+ # Returns nothing.
47
+ def should_log_scrubbed_query(input:, output:)
48
+ queries = sql(input)
49
+
50
+ valid_input = queries.none? { |line| line.include? input }
51
+ expect(valid_input).to eq(true), "found unscrubbed SQL query logged!"
52
+
53
+ valid_output = queries.any? { |line| line.include? output }
54
+ expect(valid_output).to eq(true), "output query was not logged!"
55
+ end
56
+
57
+ # Public: Verifies that the given input query was not logged.
58
+ #
59
+ # input - SQL query
60
+ #
61
+ # Returns nothing.
62
+ def should_not_log_query(input)
63
+ queries = sql(input)
64
+
65
+ expect(queries).to be_empty
66
+
67
+ valid_output = sql("SELECT 1").any? { |line| line.include? "SELECT 1" }
68
+
69
+ expect(valid_output).to eq(true)
70
+ end
71
+
72
+ private
73
+
74
+ # Private: Triggers ActiveRecord::LogSubscriber#sql for the given query.
75
+ #
76
+ # query - SQL query
77
+ #
78
+ # Returns an Array.
79
+ def sql(query)
80
+ event = ActiveSupport::Notifications::Event.new(:sql, 1, 1, 1, { sql: query })
81
+
82
+ subscriber = TestDebugLogSubscriber.new
83
+ subscriber.sql event
84
+ subscriber.debugs
85
+ end
86
+ end
87
+ end
88
+ end
89
+
90
+ RSpec.configure do |c|
91
+ c.include CryptKeeper::Testing::Logging
92
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: crypt_keeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.22.0
4
+ version: 1.0.0.beta1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Justin Mazzi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-01 00:00:00.000000000 Z
11
+ date: 2017-04-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activerecord
@@ -16,40 +16,40 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '3.1'
19
+ version: '4.2'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '4.3'
22
+ version: '5.1'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: '3.1'
29
+ version: '4.2'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '4.3'
32
+ version: '5.1'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: activesupport
35
35
  requirement: !ruby/object:Gem::Requirement
36
36
  requirements:
37
37
  - - ">="
38
38
  - !ruby/object:Gem::Version
39
- version: '3.1'
39
+ version: '4.2'
40
40
  - - "<"
41
41
  - !ruby/object:Gem::Version
42
- version: '4.3'
42
+ version: '5.1'
43
43
  type: :runtime
44
44
  prerelease: false
45
45
  version_requirements: !ruby/object:Gem::Requirement
46
46
  requirements:
47
47
  - - ">="
48
48
  - !ruby/object:Gem::Version
49
- version: '3.1'
49
+ version: '4.2'
50
50
  - - "<"
51
51
  - !ruby/object:Gem::Version
52
- version: '4.3'
52
+ version: '5.1'
53
53
  - !ruby/object:Gem::Dependency
54
54
  name: aes
55
55
  requirement: !ruby/object:Gem::Requirement
@@ -84,14 +84,14 @@ dependencies:
84
84
  requirements:
85
85
  - - "~>"
86
86
  - !ruby/object:Gem::Version
87
- version: 2.14.0
87
+ version: 3.5.0
88
88
  type: :development
89
89
  prerelease: false
90
90
  version_requirements: !ruby/object:Gem::Requirement
91
91
  requirements:
92
92
  - - "~>"
93
93
  - !ruby/object:Gem::Version
94
- version: 2.14.0
94
+ version: 3.5.0
95
95
  - !ruby/object:Gem::Dependency
96
96
  name: guard
97
97
  requirement: !ruby/object:Gem::Requirement
@@ -168,14 +168,14 @@ dependencies:
168
168
  requirements:
169
169
  - - "~>"
170
170
  - !ruby/object:Gem::Version
171
- version: 1.0.0
171
+ version: 2.1.0
172
172
  type: :development
173
173
  prerelease: false
174
174
  version_requirements: !ruby/object:Gem::Requirement
175
175
  requirements:
176
176
  - - "~>"
177
177
  - !ruby/object:Gem::Version
178
- version: 1.0.0
178
+ version: 2.1.0
179
179
  - !ruby/object:Gem::Dependency
180
180
  name: sqlite3
181
181
  requirement: !ruby/object:Gem::Requirement
@@ -196,14 +196,14 @@ dependencies:
196
196
  requirements:
197
197
  - - "~>"
198
198
  - !ruby/object:Gem::Version
199
- version: 0.17.1
199
+ version: 0.18.0
200
200
  type: :development
201
201
  prerelease: false
202
202
  version_requirements: !ruby/object:Gem::Requirement
203
203
  requirements:
204
204
  - - "~>"
205
205
  - !ruby/object:Gem::Version
206
- version: 0.17.1
206
+ version: 0.18.0
207
207
  - !ruby/object:Gem::Dependency
208
208
  name: mysql2
209
209
  requirement: !ruby/object:Gem::Requirement
@@ -221,8 +221,7 @@ dependencies:
221
221
  description: Transparent ActiveRecord encryption
222
222
  email:
223
223
  - jmazzi@gmail.com
224
- executables:
225
- - crypt_keeper
224
+ executables: []
226
225
  extensions: []
227
226
  extra_rdoc_files: []
228
227
  files:
@@ -235,39 +234,34 @@ files:
235
234
  - LICENSE
236
235
  - README.md
237
236
  - Rakefile
238
- - bin/crypt_keeper
239
237
  - crypt_keeper.gemspec
240
- - gemfiles/activerecord_4_1.gemfile
241
- - gemfiles/activerecord_4_1.gemfile.lock
242
238
  - gemfiles/activerecord_4_2.gemfile
243
- - gemfiles/activerecord_4_2.gemfile.lock
239
+ - gemfiles/activerecord_5_0.gemfile
244
240
  - lib/crypt_keeper.rb
245
241
  - lib/crypt_keeper/helper.rb
246
242
  - lib/crypt_keeper/log_subscriber/mysql_aes.rb
247
243
  - lib/crypt_keeper/log_subscriber/postgres_pgp.rb
248
244
  - lib/crypt_keeper/model.rb
249
- - lib/crypt_keeper/provider/aes.rb
250
245
  - lib/crypt_keeper/provider/aes_new.rb
251
- - lib/crypt_keeper/provider/mysql_aes.rb
246
+ - lib/crypt_keeper/provider/base.rb
252
247
  - lib/crypt_keeper/provider/mysql_aes_new.rb
253
248
  - lib/crypt_keeper/provider/postgres_pgp.rb
254
249
  - lib/crypt_keeper/provider/postgres_pgp_public_key.rb
255
250
  - lib/crypt_keeper/version.rb
251
+ - spec/crypt_keeper/log_subscriber/mysql_aes_spec.rb
252
+ - spec/crypt_keeper/log_subscriber/postgres_pgp_spec.rb
253
+ - spec/crypt_keeper/model_spec.rb
254
+ - spec/crypt_keeper/provider/aes_new_spec.rb
255
+ - spec/crypt_keeper/provider/mysql_aes_new_spec.rb
256
+ - spec/crypt_keeper/provider/postgres_pgp_public_key_spec.rb
257
+ - spec/crypt_keeper/provider/postgres_pgp_spec.rb
256
258
  - spec/default.database.yml
257
259
  - spec/fixtures/private.asc
258
260
  - spec/fixtures/public.asc
259
- - spec/log_subscriber/mysql_aes_spec.rb
260
- - spec/log_subscriber/postgres_pgp_spec.rb
261
- - spec/model_spec.rb
262
- - spec/provider/aes_new_spec.rb
263
- - spec/provider/aes_spec.rb
264
- - spec/provider/mysql_aes_new_spec.rb
265
- - spec/provider/mysql_aes_spec.rb
266
- - spec/provider/postgres_pgp_public_key_spec.rb
267
- - spec/provider/postgres_pgp_spec.rb
268
261
  - spec/spec_helper.rb
269
262
  - spec/support/active_record.rb
270
263
  - spec/support/encryptors.rb
264
+ - spec/support/logging.rb
271
265
  homepage: http://jmazzi.github.com/crypt_keeper/
272
266
  licenses:
273
267
  - MIT
@@ -283,9 +277,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
283
277
  version: '0'
284
278
  required_rubygems_version: !ruby/object:Gem::Requirement
285
279
  requirements:
286
- - - ">="
280
+ - - ">"
287
281
  - !ruby/object:Gem::Version
288
- version: '0'
282
+ version: 1.3.1
289
283
  requirements: []
290
284
  rubyforge_project:
291
285
  rubygems_version: 2.5.1
@@ -293,18 +287,17 @@ signing_key:
293
287
  specification_version: 4
294
288
  summary: Transparent ActiveRecord encryption
295
289
  test_files:
290
+ - spec/crypt_keeper/log_subscriber/mysql_aes_spec.rb
291
+ - spec/crypt_keeper/log_subscriber/postgres_pgp_spec.rb
292
+ - spec/crypt_keeper/model_spec.rb
293
+ - spec/crypt_keeper/provider/aes_new_spec.rb
294
+ - spec/crypt_keeper/provider/mysql_aes_new_spec.rb
295
+ - spec/crypt_keeper/provider/postgres_pgp_public_key_spec.rb
296
+ - spec/crypt_keeper/provider/postgres_pgp_spec.rb
296
297
  - spec/default.database.yml
297
298
  - spec/fixtures/private.asc
298
299
  - spec/fixtures/public.asc
299
- - spec/log_subscriber/mysql_aes_spec.rb
300
- - spec/log_subscriber/postgres_pgp_spec.rb
301
- - spec/model_spec.rb
302
- - spec/provider/aes_new_spec.rb
303
- - spec/provider/aes_spec.rb
304
- - spec/provider/mysql_aes_new_spec.rb
305
- - spec/provider/mysql_aes_spec.rb
306
- - spec/provider/postgres_pgp_public_key_spec.rb
307
- - spec/provider/postgres_pgp_spec.rb
308
300
  - spec/spec_helper.rb
309
301
  - spec/support/active_record.rb
310
302
  - spec/support/encryptors.rb
303
+ - spec/support/logging.rb
@@ -1,120 +0,0 @@
1
- PATH
2
- remote: ../
3
- specs:
4
- crypt_keeper (0.21.0)
5
- activerecord (>= 3.1, < 4.3)
6
- activesupport (>= 3.1, < 4.3)
7
- aes (~> 0.5.0)
8
- armor (~> 0.0.2)
9
-
10
- GEM
11
- remote: https://rubygems.org/
12
- specs:
13
- activemodel (4.1.14.2)
14
- activesupport (= 4.1.14.2)
15
- builder (~> 3.1)
16
- activerecord (4.1.14.2)
17
- activemodel (= 4.1.14.2)
18
- activesupport (= 4.1.14.2)
19
- arel (~> 5.0.0)
20
- activesupport (4.1.14.2)
21
- i18n (~> 0.6, >= 0.6.9)
22
- json (~> 1.7, >= 1.7.7)
23
- minitest (~> 5.1)
24
- thread_safe (~> 0.1)
25
- tzinfo (~> 1.1)
26
- aes (0.5.0)
27
- appraisal (1.0.3)
28
- bundler
29
- rake
30
- thor (>= 0.14.0)
31
- arel (5.0.1.20140414130214)
32
- armor (0.0.3)
33
- builder (3.2.2)
34
- celluloid (0.16.0)
35
- timers (~> 4.0.0)
36
- coderay (1.1.1)
37
- coveralls (0.8.13)
38
- json (~> 1.8)
39
- simplecov (~> 0.11.0)
40
- term-ansicolor (~> 1.3)
41
- thor (~> 0.19.1)
42
- tins (~> 1.6.0)
43
- diff-lcs (1.2.5)
44
- docile (1.1.5)
45
- ffi (1.9.10)
46
- formatador (0.2.5)
47
- guard (2.6.1)
48
- formatador (>= 0.2.4)
49
- listen (~> 2.7)
50
- lumberjack (~> 1.0)
51
- pry (>= 0.9.12)
52
- thor (>= 0.18.1)
53
- guard-rspec (4.2.10)
54
- guard (~> 2.1)
55
- rspec (>= 2.14, < 4.0)
56
- hitimes (1.2.4)
57
- i18n (0.7.0)
58
- json (1.8.3)
59
- listen (2.10.1)
60
- celluloid (~> 0.16.0)
61
- rb-fsevent (>= 0.9.3)
62
- rb-inotify (>= 0.9)
63
- lumberjack (1.0.10)
64
- method_source (0.8.2)
65
- minitest (5.9.0)
66
- mysql2 (0.3.21)
67
- pg (0.17.1)
68
- pry (0.10.3)
69
- coderay (~> 1.1.0)
70
- method_source (~> 0.8.1)
71
- slop (~> 3.4)
72
- rake (10.3.2)
73
- rb-fsevent (0.9.7)
74
- rb-inotify (0.9.7)
75
- ffi (>= 0.5.0)
76
- rspec (2.14.1)
77
- rspec-core (~> 2.14.0)
78
- rspec-expectations (~> 2.14.0)
79
- rspec-mocks (~> 2.14.0)
80
- rspec-core (2.14.8)
81
- rspec-expectations (2.14.5)
82
- diff-lcs (>= 1.1.3, < 2.0)
83
- rspec-mocks (2.14.6)
84
- simplecov (0.11.2)
85
- docile (~> 1.1.0)
86
- json (~> 1.8)
87
- simplecov-html (~> 0.10.0)
88
- simplecov-html (0.10.0)
89
- slop (3.6.0)
90
- sqlite3 (1.3.11)
91
- term-ansicolor (1.3.2)
92
- tins (~> 1.0)
93
- thor (0.19.1)
94
- thread_safe (0.3.5)
95
- timers (4.0.4)
96
- hitimes
97
- tins (1.6.0)
98
- tzinfo (1.2.2)
99
- thread_safe (~> 0.1)
100
-
101
- PLATFORMS
102
- ruby
103
-
104
- DEPENDENCIES
105
- activerecord (~> 4.1.0)
106
- activesupport (~> 4.1.0)
107
- appraisal (~> 1.0.0)
108
- coveralls
109
- crypt_keeper!
110
- guard (~> 2.6.1)
111
- guard-rspec (~> 4.2.9)
112
- mysql2 (~> 0.3.11)
113
- pg (~> 0.17.1)
114
- rake (~> 10.3.1)
115
- rb-fsevent (~> 0.9.1)
116
- rspec (~> 2.14.0)
117
- sqlite3
118
-
119
- BUNDLED WITH
120
- 1.12.5