crypt_keeper 0.22.0 → 1.0.0.beta1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3297d5e1a03266d6b1d74f5e9fee1fbba49dd295
-  data.tar.gz: f7621fbc63a9e94341105919bc839d8917d3f37b
+  metadata.gz: e2c1586ce0dee73fb7513ac7c243426996af7947
+  data.tar.gz: 8bc44c1580209d54e3614c8ecfcf9c30108f97f7
 SHA512:
-  metadata.gz: 2de5ef53aaa8f9d2e255f3c9b68c2996dae3eb2f49919ecceeb335fefbaaaa4ca98b1b0aa0ffb71aaf672ad2f7e0b6ed4edcbc721201f411cf6e8ba368984ab2
-  data.tar.gz: 82a701bd3b4c2a56394fdb205ecc0e24bb856028d0ccdbc61867ae0184b76967de02de7ddd07927fd00e16a6ad0d670f2d5442fc37ad408152ccc5eac900b574
+  metadata.gz: 24ab4328521f6915fc2a516de9f84e1d25409e626c4299330093b112710a100a4c1978df64992e44a50b951f7f9f8eb7b30df6343c197449603f6f8e9df0507d
+  data.tar.gz: 298e14e3bc7c4136bb6638c0f64c1a7a02d4163a443cafa6d7fffd778fa24f29659c98933f6b5e798e6881175f5ef592946194967af3c36c9796d3f6dcf3c778

data/.gitignore

@@ -3,7 +3,7 @@
 .bundle
 .config
 .yardoc
-Gemfile.lock
+*emfile.lock
 InstalledFiles
 _yardoc
 coverage

data/.travis.yml

@@ -6,9 +6,13 @@ rvm:
   - 2.3.1
 
 gemfile:
-  - gemfiles/activerecord_4_1.gemfile
   - gemfiles/activerecord_4_2.gemfile
+  - gemfiles/activerecord_5_0.gemfile
 
+matrix:
+  exclude:
+    - gemfile: gemfiles/activerecord_5_0.gemfile
+      rvm: 2.1.10
 
 addons:
   postgresql: 9.3

data/Appraisals

@@ -1,9 +1,9 @@
-appraise "activerecord_4_1" do
-  gem 'activerecord',  '~> 4.1.0'
-  gem 'activesupport', '~> 4.1.0'
+appraise "activerecord_4_2" do
+  gem "activerecord",  "~> 4.2.0"
+  gem "activesupport", "~> 4.2.0"
 end
 
-appraise "activerecord_4_2" do
-  gem 'activerecord',  '~> 4.2.0'
-  gem 'activesupport', '~> 4.2.0'
+appraise "activerecord_5_0" do
+  gem "activerecord",  "~> 5.0.0"
+  gem "activesupport", "~> 5.0.0"
 end

data/README.md

@@ -15,7 +15,7 @@ is a simple class that does 3 things.
 Note: Any options defined using `crypt_keeper` will be passed to `new` as a
 hash.
 
-You can see an AES example [here](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/aes.rb).
+You can see an AES example [here](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/aes_new.rb).
 
 ## Why?
 
@@ -108,19 +108,6 @@ There are four supported encryptors: `aes_new`, `mysql_aes_new`, `postgres_pgp`,
   * Accepts a public and private_key. The private key is optional. If the private key is not present the ciphertext value is returned instead of the plaintext. This allows you to keep the private key off certain servers. Encryption is possible with only a public key. Any server that needs access to the plaintext will need the private key.
   * Passphrases are hashed by PostgresSQL itself using a [String2Key (S2K)](http://www.postgresql.org/docs/9.2/static/pgcrypto.html) algorithm. This is rather similar to crypt() algorithms — purposefully slow and with random salt — but it produces a full-length binary key.
 
-## Deprecated Encryptors
-These encryptors are now deprecated and should be migrated from as soon as possible using the included `bin/crypt_keeper` script.
-
-* [AES Legacy](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/aes.rb) *DEPRECATED*
-  * Encryption is peformed using AES-256 via OpenSSL.
-  * [How to migrate to AES New](https://github.com/jmazzi/crypt_keeper/wiki/AES-Legacy-Migration-Instructions)
-
-* [MySQL AES Legacy](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/provider/mysql_aes.rb) *DEPRECATED*
-  * Encryption is peformed MySQL's native AES functions.
-  * ActiveRecord logs are [automatically](https://github.com/jmazzi/crypt_keeper/blob/master/lib/crypt_keeper/log_subscriber/mysql_aes.rb)
-    filtered for you to protect senitive data from being logged.
-  * [How to migrate to MySQL AES New](https://github.com/jmazzi/crypt_keeper/wiki/MysqlAes-Legacy-Migration-Instructions)
-
 ## Searching
 Searching ciphertext is a complex problem that varies depending on the encryption algorithm you choose. All of the bundled providers include search support, but they have some caveats.
 
@@ -144,12 +131,13 @@ Model.where(something: 'blah').search_by_plaintext(:field, 'searchstring')
 ## Creating your own encryptor
 
 Creating your own encryptor is easy. All you have to do is create a class
-under the `CryptKeeper::Provider` namespace, like this:
+under the `CryptKeeper::Provider` namespace, and inherit from the `Base` encryptor,
+like this:
 
 ```ruby
 module CryptKeeper
   module Provider
-    class MyEncryptor
+    class MyEncryptor < Base
       def initialize(options = {})
       end
 
@@ -175,11 +163,11 @@ end
 
 ## Requirements
 
-CryptKeeper has been tested against ActiveRecord 3.1, 3.2, 4.0, 4.1, 4.2 using ruby
-1.9.3, 2.0.0 and 2.1.1
+CryptKeeper has been tested against ActiveRecord 4.2 and 5.0 using Ruby
+2.1.10, 2.2.5 and 2.3.1.
 
-ActiveRecord 4.0 is supported starting with v0.11.0.
-ActiveRecord 4.1 is supported starting with v0.16.0.
+ActiveRecord 4.2 is supported starting with v0.19.0.
+ActiveRecord 5.0 is supported starting with v0.23.0.
 
 ## Installation
 

data/Rakefile

@@ -1,9 +1,13 @@
 #!/usr/bin/env rake
 require "bundler/gem_tasks"
-require 'rspec/core/rake_task'
-require 'appraisal'
+require "rspec/core/rake_task"
+require "appraisal"
 
 RSpec::Core::RakeTask.new :spec
 Bundler::GemHelper.install_tasks
 
-task :default => [:spec]
+if !ENV["APPRAISAL_INITIALIZED"] && !ENV["TRAVIS"]
+  task default: :appraisal
+else
+  task default: :spec
+end

data/crypt_keeper.gemspec

@@ -16,18 +16,18 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = CryptKeeper::VERSION
 
-  gem.add_runtime_dependency 'activerecord',  '>= 3.1', '< 4.3'
-  gem.add_runtime_dependency 'activesupport', '>= 3.1', '< 4.3'
+  gem.add_runtime_dependency 'activerecord',  '>= 4.2', '< 5.1'
+  gem.add_runtime_dependency 'activesupport', '>= 4.2', '< 5.1'
   gem.add_runtime_dependency 'aes',           '~> 0.5.0'
   gem.add_runtime_dependency 'armor',         '~> 0.0.2'
 
-  gem.add_development_dependency 'rspec',       '~> 2.14.0'
+  gem.add_development_dependency 'rspec',       '~> 3.5.0'
   gem.add_development_dependency 'guard',       '~> 2.6.1'
   gem.add_development_dependency 'guard-rspec', '~> 4.2.9'
   gem.add_development_dependency 'rake',        '~> 10.3.1'
   gem.add_development_dependency 'rb-fsevent',  '~> 0.9.1'
   gem.add_development_dependency 'coveralls'
-  gem.add_development_dependency 'appraisal',   '~> 1.0.0'
+  gem.add_development_dependency 'appraisal',   '~> 2.1.0'
 
   if RUBY_PLATFORM == 'java'
     gem.add_development_dependency 'jruby-openssl', '~> 0.7.7'
@@ -36,7 +36,7 @@ Gem::Specification.new do |gem|
     gem.add_development_dependency 'activerecord-jdbcmysql-adapter'
   else
     gem.add_development_dependency 'sqlite3'
-    gem.add_development_dependency 'pg', '~> 0.17.1'
+    gem.add_development_dependency 'pg', '~> 0.18.0'
     gem.add_development_dependency 'mysql2', '~> 0.3.11'
   end
 end

data/gemfiles/{activerecord_4_1.gemfile → activerecord_5_0.gemfile}

@@ -2,7 +2,7 @@
 
 source "https://rubygems.org"
 
-gem "activerecord", "~> 4.1.0"
-gem "activesupport", "~> 4.1.0"
+gem "activerecord", "~> 5.0.0"
+gem "activesupport", "~> 5.0.0"
 
 gemspec :path => "../"

data/lib/crypt_keeper.rb

@@ -3,9 +3,8 @@ require 'active_record'
 require 'crypt_keeper/version'
 require 'crypt_keeper/model'
 require 'crypt_keeper/helper'
-require 'crypt_keeper/provider/aes'
+require 'crypt_keeper/provider/base'
 require 'crypt_keeper/provider/aes_new'
-require 'crypt_keeper/provider/mysql_aes'
 require 'crypt_keeper/provider/mysql_aes_new'
 require 'crypt_keeper/provider/postgres_pgp'
 require 'crypt_keeper/provider/postgres_pgp_public_key'

data/lib/crypt_keeper/helper.rb

@@ -17,23 +17,5 @@ module CryptKeeper
         ::Armor.digest(key, salt)
       end
     end
-
-    module Serializer
-      def dump(value)
-        if value.blank? || CryptKeeper.stub_encryption?
-          value
-        else
-          encrypt(value.to_s)
-        end
-      end
-
-      def load(value)
-        if value.blank? || CryptKeeper.stub_encryption?
-          value
-        else
-          decrypt(value)
-        end
-      end
-    end
   end
 end

data/lib/crypt_keeper/log_subscriber/mysql_aes.rb

@@ -4,14 +4,12 @@ require 'active_support/lazy_load_hooks'
 module CryptKeeper
   module LogSubscriber
     module MysqlAes
-      extend ActiveSupport::Concern
-
-      included do
-        alias_method_chain :sql, :mysql_aes
-      end
-
       # Public: Prevents sensitive data from being logged
-      def sql_with_mysql_aes(event)
+      #
+      # event - An ActiveSupport::Notifications::Event
+      #
+      # Returns a boolean.
+      def sql(event)
         filter  = /(aes_(encrypt|decrypt))\(.*\)/i
         payload = event.payload[:sql]
           .encode('UTF-8', 'binary', invalid: :replace, undef: :replace, replace: '')
@@ -22,12 +20,12 @@ module CryptKeeper
           "#{$1}([FILTERED])"
         end
 
-        sql_without_mysql_aes(event)
+        super(event)
       end
     end
   end
 end
 
 ActiveSupport.on_load :crypt_keeper_mysql_aes_log do
-  ActiveRecord::LogSubscriber.send :include, CryptKeeper::LogSubscriber::MysqlAes
+  ActiveRecord::LogSubscriber.prepend CryptKeeper::LogSubscriber::MysqlAes
 end

data/lib/crypt_keeper/log_subscriber/postgres_pgp.rb

@@ -4,14 +4,12 @@ require 'active_support/lazy_load_hooks'
 module CryptKeeper
   module LogSubscriber
     module PostgresPgp
-      extend ActiveSupport::Concern
-
-      included do
-        alias_method_chain :sql, :postgres_pgp
-      end
-
       # Public: Prevents sensitive data from being logged
-      def sql_with_postgres_pgp(event)
+      #
+      # event - An ActiveSupport::Notifications::Event
+      #
+      # Returns a boolean.
+      def sql(event)
         filter  = /(\(*)pgp_(sym|pub)_(?<operation>decrypt|encrypt)(\(+.*\)+)/im
         payload = event.payload[:sql]
           .encode('UTF-8', 'binary', invalid: :replace, undef: :replace, replace: '')
@@ -22,12 +20,12 @@ module CryptKeeper
           "#{$~[:operation]}([FILTERED])"
         end
 
-        sql_without_postgres_pgp(event)
+        super(event)
       end
     end
   end
 end
 
 ActiveSupport.on_load :crypt_keeper_postgres_pgp_log do
-  ActiveRecord::LogSubscriber.send :include, CryptKeeper::LogSubscriber::PostgresPgp
+  ActiveRecord::LogSubscriber.prepend CryptKeeper::LogSubscriber::PostgresPgp
 end

data/lib/crypt_keeper/model.rb

@@ -68,24 +68,20 @@ module CryptKeeper
         end
 
         crypt_keeper_fields.each do |field|
-          serialize field, encryptor_klass.new(crypt_keeper_options).
-            extend(::CryptKeeper::Helper::Serializer)
+          serialize field, encryptor
         end
       end
 
       def search_by_plaintext(field, criteria)
         if crypt_keeper_fields.include?(field.to_sym)
-          encryptor = encryptor_klass.new(crypt_keeper_options)
-          encryptor.search(scoping_strategy, field.to_s, criteria)
+          encryptor.search(all, field.to_s, criteria)
         else
-          raise "#{field} is not a crypt_keeper field"
+          raise ArgumentError, "#{field} is not a crypt_keeper field"
         end
       end
 
       # Public: Encrypt a table for the first time.
       def encrypt_table!
-        enc       = encryptor_klass.new(crypt_keeper_options)
-
         tmp_table = Class.new(ActiveRecord::Base).tap do |c|
           c.table_name = self.table_name
           c.inheritance_column = :type_disabled
@@ -94,7 +90,7 @@ module CryptKeeper
         transaction do
           tmp_table.find_each do |r|
             crypt_keeper_fields.each do |field|
-              r.send("#{field}=", enc.encrypt(r[field])) if r[field].present?
+              r.send("#{field}=", encryptor.encrypt(r[field])) if r[field].present?
             end
 
             r.save!
@@ -104,13 +100,12 @@ module CryptKeeper
 
       # Public: Decrypt a table (reverse of encrypt_table!)
       def decrypt_table!
-        enc       = encryptor_klass.new(crypt_keeper_options)
         tmp_table = Class.new(ActiveRecord::Base).tap { |c| c.table_name = self.table_name }
 
         transaction do
           tmp_table.find_each do |r|
             crypt_keeper_fields.each do |field|
-              r.send("#{field}=", enc.decrypt(r[field])) if r[field].present?
+              r.send("#{field}=", encryptor.decrypt(r[field])) if r[field].present?
             end
 
             r.save!
@@ -125,18 +120,17 @@ module CryptKeeper
         @encryptor_klass ||= "CryptKeeper::Provider::#{crypt_keeper_encryptor.to_s.camelize}".constantize
       end
 
-      # Private: Ensure that the encryptor responds to new
-      def ensure_valid_encryptor!
-        unless defined?(encryptor_klass) && encryptor_klass.respond_to?(:new)
-          raise "You must specify a valid encryptor `crypt_keeper :encryptor => :aes`"
-        end
+      # Private: The encryptor instance.
+      def encryptor
+        @encryptor ||= encryptor_klass.new(crypt_keeper_options)
       end
 
-      def scoping_strategy
-        if ::ActiveRecord.respond_to?(:version) && ::ActiveRecord.version.segments[0] == 4
-          all
-        else
-          scoped
+      # Private: Ensure we have a valid encryptor.
+      def ensure_valid_encryptor!
+        unless defined?(encryptor_klass) && encryptor_klass.respond_to?(:new) &&
+          %i(load dump).all? { |m| encryptor.respond_to?(m) }
+          raise ArgumentError, "You must specify a valid encryptor that implements " \
+            "the `load` and `dump` methods (you can inherit from CryptKeeper::Provider::Base). Example: `crypt_keeper :encryptor => :aes`"
         end
       end
     end

data/lib/crypt_keeper/provider/aes_new.rb

@@ -3,7 +3,7 @@ require 'armor'
 
 module CryptKeeper
   module Provider
-    class AesNew
+    class AesNew < Base
       include CryptKeeper::Helper::DigestPassphrase
 
       # Public: The encryption key

data/lib/crypt_keeper/provider/base.rb

@@ -0,0 +1,21 @@
+module CryptKeeper
+  module Provider
+    class Base
+      def dump(value)
+        if value.blank? || CryptKeeper.stub_encryption?
+          value
+        else
+          encrypt(value.to_s)
+        end
+      end
+
+      def load(value)
+        if value.blank? || CryptKeeper.stub_encryption?
+          value
+        else
+          decrypt(value)
+        end
+      end
+    end
+  end
+end

data/lib/crypt_keeper/provider/mysql_aes_new.rb

@@ -2,7 +2,7 @@ require 'crypt_keeper/log_subscriber/mysql_aes'
 
 module CryptKeeper
   module Provider
-    class MysqlAesNew
+    class MysqlAesNew < Base
       include CryptKeeper::Helper::SQL
       include CryptKeeper::Helper::DigestPassphrase
 

data/lib/crypt_keeper/provider/postgres_pgp.rb

@@ -2,7 +2,7 @@ require 'crypt_keeper/log_subscriber/postgres_pgp'
 
 module CryptKeeper
   module Provider
-    class PostgresPgp
+    class PostgresPgp < Base
       include CryptKeeper::Helper::SQL
 
       attr_accessor :key
@@ -36,7 +36,7 @@ module CryptKeeper
       end
 
       def search(records, field, criteria)
-        records.where("(pgp_sym_decrypt(cast(#{field} AS bytea), ?) = ?)", key, criteria)
+        records.where("(pgp_sym_decrypt(cast(\"#{field}\" AS bytea), ?) = ?)", key, criteria)
       end
     end
   end

data/lib/crypt_keeper/provider/postgres_pgp_public_key.rb

@@ -2,7 +2,7 @@ require 'crypt_keeper/log_subscriber/postgres_pgp'
 
 module CryptKeeper
   module Provider
-    class PostgresPgpPublicKey
+    class PostgresPgpPublicKey < Base
       include CryptKeeper::Helper::SQL
 
       attr_accessor :key

data/lib/crypt_keeper/version.rb

@@ -1,3 +1,3 @@
 module CryptKeeper
-  VERSION = "0.22.0"
+  VERSION = "1.0.0.beta1"
 end

data/spec/crypt_keeper/log_subscriber/mysql_aes_spec.rb

@@ -0,0 +1,56 @@
+require 'spec_helper'
+
+describe CryptKeeper::LogSubscriber::MysqlAes do
+  before do
+    CryptKeeper.silence_logs = false
+  end
+
+  use_mysql
+
+  context "AES encryption" do
+    # Fire the ActiveSupport.on_load
+    before do
+      CryptKeeper::Provider::MysqlAesNew.new key: 'secret', salt: 'salt'
+    end
+
+    let(:input_query) do
+      "SELECT aes_encrypt('encrypt_value', 'encrypt_key'), aes_decrypt('decrypt_value', 'decrypt_key') FROM DUAL;"
+    end
+
+    let(:output_query) do
+      "SELECT aes_encrypt([FILTERED]) FROM DUAL;"
+    end
+
+    let(:input_search_query) do
+      "SELECT \"sensitive_data\".* FROM \"sensitive_data\" WHERE ((aes_decrypt('f'), 'tool') = 'blah')) AND secret = 'testing'"
+    end
+
+    let(:output_search_query) do
+      "SELECT \"sensitive_data\".* FROM \"sensitive_data\" WHERE ((aes_decrypt([FILTERED]) AND secret = 'testing'"
+    end
+
+    it "filters aes functions" do
+      should_log_scrubbed_query(input: input_query, output: output_query)
+    end
+
+    it "filters aes functions in lowercase" do
+      should_log_scrubbed_query(input: input_query.downcase, output: output_query.downcase.gsub(/filtered/, 'FILTERED'))
+    end
+
+    it "filters aes functions when searching" do
+      should_log_scrubbed_query(input: input_search_query, output: output_search_query)
+    end
+
+    it "forces string encodings" do
+      input_query = "SELECT aes_encrypt('hi \255', 'test') FROM DUAL;"
+
+      should_log_scrubbed_query(input: input_query, output: output_query)
+    end
+
+    it "skips logging if CryptKeeper.silence_logs is set" do
+      CryptKeeper.silence_logs = true
+
+      should_not_log_query(input_query)
+    end
+  end
+end