crypt_keeper 1.1.1 → 2.0.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 78d7a7f1ea679f9a1542a65b537a446065c9cd27
-  data.tar.gz: 518d78e7d4a80e07faa80b9eac9c3b268e2db2c8
+  metadata.gz: 177d3771b01336174fdcc4db5f237335f8f206cd
+  data.tar.gz: 5f0f53fd0e3fcae45bae65fa63276067e651682c
 SHA512:
-  metadata.gz: 30b9ccbea99c9ac89ee4bf4c9df73fc0b95e2ae3f65aca3e9936a95bd406d271e672e73cefa2c717a2f0c057c638ca876a238c7058da2c3ad6e3f2d2d12720cb
-  data.tar.gz: 07f33f2caca79c5be2c45f2365601e8939b5c64200fba53c00de3e70a9d6b221a68efe47aad00fc7b42003bce2c964ce68701656966149afe4b65dfc45a4e0a7
+  metadata.gz: cbce4c1e8e9665441bc3660542eb83c34efb66894ed0be3888ab03860831067a6d275bef837df62636278056524c4aae2522ef26479502815f3a5313c42fa9d1
+  data.tar.gz: 81429db29edfea6bdcfd6934926dec0c3f84e79268017d056c9351fcbeeaf00f2f29a5506f3100cd428321e438fda081c72d5ced47b88229d84a8ff860102999

data/.travis.yml

@@ -1,19 +1,15 @@
 language: ruby
 
 rvm:
-  - 2.1.10
-  - 2.2.5
-  - 2.3.1
+  - 2.2.7
+  - 2.3.4
+  - 2.4.1
 
 gemfile:
   - gemfiles/activerecord_4_2.gemfile
+  - gemfiles/activerecord_5_0.gemfile
   - gemfiles/activerecord_5_1.gemfile
 
-matrix:
-  exclude:
-    - gemfile: gemfiles/activerecord_5_1.gemfile
-      rvm: 2.1.10
-
 addons:
   postgresql: 9.3
 

data/Appraisals

@@ -7,3 +7,8 @@ appraise "activerecord_5_0" do
   gem "activerecord",  "~> 5.0.0"
   gem "activesupport", "~> 5.0.0"
 end
+
+appraise "activerecord_5_1" do
+  gem "activerecord",  "~> 5.1.0"
+  gem "activesupport", "~> 5.1.0"
+end

data/README.md

@@ -15,7 +15,7 @@ is a simple class that does 3 things.
 Note: Any options defined using `crypt_keeper` will be passed to `new` as a
 hash.
 
-You can see an AES example [here](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/aes_new.rb).
+You can see an example [here](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/active_support.rb).
 
 ## Why?
 
@@ -27,7 +27,7 @@ simple that *just works*.
 
 ```ruby
 class MyModel < ActiveRecord::Base
-  crypt_keeper :field, :other_field, :encryptor => :aes_new, :key => 'super_good_password', salt: 'salt'
+  crypt_keeper :field, :other_field, encryptor: :active_support, key: 'super_good_password', salt: 'salt'
 end
 
 model = MyModel.new(field: 'sometext')
@@ -53,7 +53,7 @@ You can force an encoding on the plaintext before encryption and after decryptio
 
 ```ruby
 class MyModel < ActiveRecord::Base
-  crypt_keeper :field, :other_field, :encryptor => :aes_new, :key => 'super_good_password', salt: 'salt', :encoding => 'UTF-8'
+  crypt_keeper :field, :other_field, encryptor: :active_support, key: 'super_good_password', salt: 'salt', encoding: 'UTF-8'
 end
 
 model = MyModel.new(field: 'Tromsø')
@@ -68,7 +68,7 @@ If you are working with an existing table you would like to encrypt, you must us
 
 ```ruby
 class MyExistingModel < ActiveRecord::Base
-  crypt_keeper :field, :other_field, :encryptor => :aes_new, :key => 'super_good_password', salt: 'salt'
+  crypt_keeper :field, :other_field, encryptor: :active_support, key: 'super_good_password', salt: 'salt'
 end
 
 MyExistingModel.encrypt_table!
@@ -78,10 +78,10 @@ Running `encrypt_table!` will encrypt all rows in the database using the encrypt
 
 ## Supported Available Encryptors
 
-There are four supported encryptors: `aes_new`, `mysql_aes_new`, `postgres_pgp`, `postgres_pgp_public_key`.
+There are four supported encryptors: `active_support`, `mysql_aes_new`, `postgres_pgp`, `postgres_pgp_public_key`.
 
-* [AES New](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/aes_new.rb)
-  * Encryption is peformed using AES-256 via OpenSSL.
+* [ActiveSupport](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/active_support.rb)
+  * Encryption is performed using [ActiveSupport::MessageEncryptor](http://api.rubyonrails.org/classes/ActiveSupport/MessageEncryptor.html)
   * Passphrases are derived using [PBKDF2](http://en.wikipedia.org/wiki/PBKDF2)
 
 * [MySQL AES New](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/mysql_aes_new.rb)
@@ -111,8 +111,8 @@ There are four supported encryptors: `aes_new`, `mysql_aes_new`, `postgres_pgp`,
 ## Searching
 Searching ciphertext is a complex problem that varies depending on the encryption algorithm you choose. All of the bundled providers include search support, but they have some caveats.
 
-* AES
-  * The Ruby implementation of AES uses a random initialization vector. The same plaintext encrypted multiple times will have different output each time for the ciphertext. Since this is the case, it is not possible to search leveraging the database. Database rows will need to be filtered in memory. It is suggested that you use a scope or ActiveRecord batches to narrow the results before seaching them.
+* ActiveSupport::MessageEncryptor
+  * ActiveSupport's MessageEncryptor uses a random initialization vector when generating keys. The same plaintext encrypted multiple times will have different output each time for the ciphertext. Since this is the case, it is not possible to search leveraging the database. Database rows will need to be filtered in memory. It is suggested that you use a scope or ActiveRecord batches to narrow the results before seaching them.
 
 * Mysql AES
  * Surprisingly, MySQL's implementation of AES does not use a random initialization vector. The column containing the ciphertext can be indexed and searched quickly.
@@ -157,10 +157,35 @@ as a string or an underscored symbol
 
 ```ruby
 class MyModel < ActiveRecord::Base
-  crypt_keeper :field, :other_field, :encryptor => :my_encryptor, :key => 'super_good_password'
+  crypt_keeper :field, :other_field, encryptor: :my_encryptor, key: 'super_good_password'
 end
 ```
 
+## Migrating from CryptKeeper 1.x to 2.0
+
+CryptKeeper 2.0 removes the AES encryptor due to security issues in the
+underlying AES gem. If you were previously using the `aes_new` encryptor, you
+will need to follow these instructions to reencrypt your data.
+
+The general migration path is as follows:
+
+1. Enable maintenance mode in any live apps
+2. Backup database
+3. Decrypt tables: TableName.decrypt_table!
+4. Update to 2.0.0.rc1 in your app. Update the encryptor to use :active_support
+5. Encrypt tables: `TableName.encrypt_table!`
+6. Verify data can be decrypted: `TableName.first`
+7. Disable maintenance mode if necessary
+
+In case you experience problems, the rollback procedure is as follows:
+
+1. Enable maintenance mode
+2. Backup database again
+3. Restore first database dump, from before CryptKeeper 2.0.0.rc1
+4. Verify data can be decrypted
+5. Disable maintenance mode
+6. Let us know what happened :(
+
 ## Requirements
 
 CryptKeeper has been tested against ActiveRecord 4.2 and 5.0 using Ruby

data/crypt_keeper.gemspec

@@ -16,9 +16,10 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = CryptKeeper::VERSION
 
+  gem.post_install_message = "WARNING: CryptKeeper 2.0 contains breaking changes and may require you to reencrypt your data! Please view the README at https://github.com/jmazzi/crypt_keeper for more information."
+
   gem.add_runtime_dependency 'activerecord',  '>= 4.2', '< 5.2'
   gem.add_runtime_dependency 'activesupport', '>= 4.2', '< 5.2'
-  gem.add_runtime_dependency 'aes',           '~> 0.5.0'
   gem.add_runtime_dependency 'armor',         '~> 0.0.2'
 
   gem.add_development_dependency 'rspec',       '~> 3.5.0'

data/gemfiles/activerecord_5_0.gemfile

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activerecord", "~> 5.0.0"
+gem "activesupport", "~> 5.0.0"
+
+gemspec :path => "../"

data/gemfiles/activerecord_5_1.gemfile

@@ -2,7 +2,7 @@
 
 source "https://rubygems.org"
 
-gem "activerecord", "~> 5.1"
-gem "activesupport", "~> 5.1"
+gem "activerecord", "~> 5.1.0"
+gem "activesupport", "~> 5.1.0"
 
 gemspec :path => "../"

data/lib/crypt_keeper.rb

@@ -4,7 +4,7 @@ require 'crypt_keeper/version'
 require 'crypt_keeper/model'
 require 'crypt_keeper/helper'
 require 'crypt_keeper/provider/base'
-require 'crypt_keeper/provider/aes_new'
+require 'crypt_keeper/provider/active_support'
 require 'crypt_keeper/provider/mysql_aes_new'
 require 'crypt_keeper/provider/postgres_base'
 require 'crypt_keeper/provider/postgres_pgp'

data/lib/crypt_keeper/helper.rb

@@ -40,6 +40,7 @@ module CryptKeeper
 
     module DigestPassphrase
       def digest_passphrase(key, salt)
+        require "armor"
         raise ArgumentError.new("Missing :key") if key.blank?
         raise ArgumentError.new("Missing :salt") if salt.blank?
         ::Armor.digest(key, salt)

data/lib/crypt_keeper/model.rb

@@ -3,7 +3,7 @@ require 'active_support/core_ext/array/extract_options'
 
 module CryptKeeper
   module Model
-    extend ActiveSupport::Concern
+    extend ::ActiveSupport::Concern
 
     # Public: Ensures that each field exist and is of type text. This prevents
     # encrypted data from being truncated.

data/lib/crypt_keeper/provider/active_support.rb

@@ -0,0 +1,51 @@
+require "active_support/message_encryptor"
+
+module CryptKeeper
+  module Provider
+    class ActiveSupport < Base
+      attr_reader :encryptor
+
+      # Public: Initializes the encryptor
+      #
+      # options - A hash, :key and :salt are required
+      #
+      # Returns nothing.
+      def initialize(options = {})
+        key  = options.fetch(:key)
+        salt = options.fetch(:salt)
+
+        @encryptor = ::ActiveSupport::MessageEncryptor.new \
+          ::ActiveSupport::KeyGenerator.new(key).generate_key(salt, 32)
+      end
+
+      # Public: Encrypts a string
+      #
+      # value - Plaintext value
+      #
+      # Returns an encrypted string
+      def encrypt(value)
+        encryptor.encrypt_and_sign(value)
+      end
+
+      # Public: Decrypts a string
+      #
+      # value - Cipher text
+      #
+      # Returns a plaintext string
+      def decrypt(value)
+        encryptor.decrypt_and_verify(value)
+      end
+
+      # Public: Searches the table
+      #
+      # records  - ActiveRecord::Relation
+      # field    - Field name to match
+      # criteria - Value to match
+      #
+      # Returns an Enumerable
+      def search(records, field, criteria)
+        records.select { |record| record[field] == criteria }
+      end
+    end
+  end
+end

data/lib/crypt_keeper/provider/mysql_aes_new.rb

@@ -12,7 +12,7 @@ module CryptKeeper
       #
       #  options - A hash, :key and :salt are required
       def initialize(options = {})
-        ActiveSupport.run_load_hooks(:crypt_keeper_mysql_aes_log, self)
+        ::ActiveSupport.run_load_hooks(:crypt_keeper_mysql_aes_log, self)
         @key = digest_passphrase(options[:key], options[:salt])
       end
 

data/lib/crypt_keeper/provider/postgres_pgp.rb

@@ -8,7 +8,7 @@ module CryptKeeper
       #
       #  options - A hash, :key is required
       def initialize(options = {})
-        ActiveSupport.run_load_hooks(:crypt_keeper_postgres_pgp_log, self)
+        ::ActiveSupport.run_load_hooks(:crypt_keeper_postgres_pgp_log, self)
 
         @key = options.fetch(:key) do
           raise ArgumentError, "Missing :key"

data/lib/crypt_keeper/provider/postgres_pgp_public_key.rb

@@ -4,7 +4,7 @@ module CryptKeeper
       attr_accessor :key
 
       def initialize(options = {})
-        ActiveSupport.run_load_hooks(:crypt_keeper_postgres_pgp_log, self)
+        ::ActiveSupport.run_load_hooks(:crypt_keeper_postgres_pgp_log, self)
 
         @key = options.fetch(:key) do
           raise ArgumentError, "Missing :key"

data/lib/crypt_keeper/version.rb

@@ -1,3 +1,3 @@
 module CryptKeeper
-  VERSION = "1.1.1"
+  VERSION = "2.0.0.rc1"
 end

data/spec/crypt_keeper/model_spec.rb

@@ -120,7 +120,7 @@ describe CryptKeeper::Model do
   end
 
   context "Encodings" do
-    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :aes_new, encoding: 'utf-8' }
+    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :active_support, encoding: 'utf-8' }
 
     it "forces the encoding on decrypt" do
       record = subject.create!(storage: 'Tromsø')
@@ -137,7 +137,7 @@ describe CryptKeeper::Model do
   end
 
   context "Initial Table Encryption" do
-    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :aes_new }
+    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :active_support }
 
     before do
       subject.delete_all
@@ -146,14 +146,14 @@ describe CryptKeeper::Model do
     end
 
     it "encrypts the table" do
-      expect { subject.first(5).map(&:storage) }.to raise_error(OpenSSL::Cipher::CipherError)
+      expect { subject.first(5).map(&:storage) }.to raise_error(ActiveSupport::MessageVerifier::InvalidSignature)
       subject.encrypt_table!
       expect { subject.first(5).map(&:storage) }.not_to raise_error
     end
   end
 
   context "Table Decryption (Reverse of Initial Table Encryption)" do
-    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :aes_new }
+    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :active_support }
     let!(:storage_entries) { 5.times.map { |i| "testing#{i}" } }
 
     before do
@@ -168,7 +168,7 @@ describe CryptKeeper::Model do
   end
 
   context "Missing Attributes" do
-    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :aes_new, encoding: 'utf-8' }
+    subject { create_encrypted_model :storage, key: 'tool', salt: 'salt', encryptor: :active_support, encoding: 'utf-8' }
 
     it "doesn't attempt decryption of missing attributes" do
       subject.create!(storage: 'blah')

data/spec/crypt_keeper/provider/active_support_spec.rb

@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+describe CryptKeeper::Provider::ActiveSupport do
+  subject { described_class.new(key: 'cake', salt: 'salt') }
+
+  let :plaintext do
+    "string"
+  end
+
+  let :encrypted do
+    subject.encrypt plaintext
+  end
+
+  let :decrypted do
+    subject.decrypt encrypted
+  end
+
+  describe "#encrypt" do
+    specify { expect(encrypted).to_not eq(plaintext) }
+    specify { expect(encrypted).to_not be_blank }
+  end
+
+  describe "#decrypt" do
+    specify { expect(decrypted).to eq(plaintext) }
+    specify { expect(decrypted).to_not be_blank }
+  end
+
+  describe "#search" do
+    let :records do
+      [{ name: 'Bob' }, { name: 'Tim' }]
+    end
+
+    it "finds the matching record" do
+      expect(subject.search(records, :name, 'Bob')).to eql([records.first])
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: crypt_keeper
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 2.0.0.rc1
 platform: ruby
 authors:
 - Justin Mazzi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-06-22 00:00:00.000000000 Z
+date: 2017-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -50,20 +50,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '5.2'
-- !ruby/object:Gem::Dependency
-  name: aes
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.5.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.5.0
 - !ruby/object:Gem::Dependency
   name: armor
   requirement: !ruby/object:Gem::Requirement
@@ -236,13 +222,14 @@ files:
 - Rakefile
 - crypt_keeper.gemspec
 - gemfiles/activerecord_4_2.gemfile
+- gemfiles/activerecord_5_0.gemfile
 - gemfiles/activerecord_5_1.gemfile
 - lib/crypt_keeper.rb
 - lib/crypt_keeper/helper.rb
 - lib/crypt_keeper/log_subscriber/mysql_aes.rb
 - lib/crypt_keeper/log_subscriber/postgres_pgp.rb
 - lib/crypt_keeper/model.rb
-- lib/crypt_keeper/provider/aes_new.rb
+- lib/crypt_keeper/provider/active_support.rb
 - lib/crypt_keeper/provider/base.rb
 - lib/crypt_keeper/provider/mysql_aes_new.rb
 - lib/crypt_keeper/provider/postgres_base.rb
@@ -252,7 +239,7 @@ files:
 - spec/crypt_keeper/log_subscriber/mysql_aes_spec.rb
 - spec/crypt_keeper/log_subscriber/postgres_pgp_spec.rb
 - spec/crypt_keeper/model_spec.rb
-- spec/crypt_keeper/provider/aes_new_spec.rb
+- spec/crypt_keeper/provider/active_support_spec.rb
 - spec/crypt_keeper/provider/mysql_aes_new_spec.rb
 - spec/crypt_keeper/provider/postgres_pgp_public_key_spec.rb
 - spec/crypt_keeper/provider/postgres_pgp_spec.rb
@@ -267,7 +254,9 @@ homepage: http://jmazzi.github.com/crypt_keeper/
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message: 'WARNING: CryptKeeper 2.0 contains breaking changes and may
+  require you to reencrypt your data! Please view the README at https://github.com/jmazzi/crypt_keeper
+  for more information.'
 rdoc_options: []
 require_paths:
 - lib
@@ -278,9 +267,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.6.11
@@ -291,7 +280,7 @@ test_files:
 - spec/crypt_keeper/log_subscriber/mysql_aes_spec.rb
 - spec/crypt_keeper/log_subscriber/postgres_pgp_spec.rb
 - spec/crypt_keeper/model_spec.rb
-- spec/crypt_keeper/provider/aes_new_spec.rb
+- spec/crypt_keeper/provider/active_support_spec.rb
 - spec/crypt_keeper/provider/mysql_aes_new_spec.rb
 - spec/crypt_keeper/provider/postgres_pgp_public_key_spec.rb
 - spec/crypt_keeper/provider/postgres_pgp_spec.rb

data/lib/crypt_keeper/provider/aes_new.rb

@@ -1,53 +0,0 @@
-require 'aes'
-require 'armor'
-
-module CryptKeeper
-  module Provider
-    class AesNew < Base
-      include CryptKeeper::Helper::DigestPassphrase
-
-      # Public: The encryption key
-      attr_accessor :key
-
-      # Public: Initializes the class
-      #
-      #   options - A hash of options. :key and :salt are required
-      def initialize(options = {})
-        @key = digest_passphrase(options[:key], options[:salt])
-      end
-
-      # Public: Encrypt a string
-      #
-      # Note: nil and empty strings are not encryptable with AES.
-      # When they are encountered, the orignal value is returned.
-      # Otherwise, returns the encrypted string
-      #
-      # Returns a String
-      def encrypt(value)
-        AES.encrypt(value, key)
-      end
-
-      # Public: Decrypt a string
-      #
-      # Note: nil and empty strings are not encryptable with AES (and thus cannot be decrypted).
-      # When they are encountered, the orignal value is returned.
-      # Otherwise, returns the decrypted string
-      #
-      # Returns a String
-      def decrypt(value)
-        AES.decrypt(value, key)
-      end
-
-      # Public: Search for a record
-      #
-      # record   - An ActiveRecord collection
-      # field    - The field to search
-      # criteria - A string to search with
-      #
-      # Returns an Enumerable
-      def search(records, field, criteria)
-        records.select { |record| record[field] == criteria }
-      end
-    end
-  end
-end

data/spec/crypt_keeper/provider/aes_new_spec.rb

@@ -1,41 +0,0 @@
-require 'spec_helper'
-
-describe CryptKeeper::Provider::AesNew do
-  subject { described_class.new(key: 'cake', salt: 'salt') }
-
-  describe "#initialize" do
-    let(:digested_key) do
-      ::Armor.digest('cake', 'salt')
-    end
-
-    specify { expect(subject.key).to eq(digested_key) }
-    specify { expect { described_class.new }.to raise_error(ArgumentError, "Missing :key") }
-  end
-
-  describe "#encrypt" do
-    let(:encrypted) do
-      subject.encrypt 'string'
-    end
-
-    specify { expect(encrypted).to_not eq('string') }
-    specify { expect(encrypted).to_not be_blank }
-  end
-
-  describe "#decrypt" do
-    let(:decrypted) do
-      subject.decrypt "V02ebRU2wLk25AizasROVg==$kE+IpRaUNdBfYqR+WjMqvA=="
-    end
-
-    specify { expect(decrypted).to eq('string') }
-  end
-
-  describe "#search" do
-    let(:records) do
-      [{ name: 'Bob' }, { name: 'Tim' }]
-    end
-
-    it "finds the matching record" do
-      expect(subject.search(records, :name, 'Bob')).to eql([records.first])
-    end
-  end
-end