RubyGems - crypt_keeper_providers - Versions diffs - 0.2.0 → 0.3.0 - Mend

crypt_keeper_providers 0.2.0 → 0.3.0

Files changed (17) hide show

data/.travis.yml +1 -0
data/crypt_keeper_providers.gemspec +2 -0
data/gemfiles/activerecord_3_0.gemfile.lock +3 -1
data/gemfiles/activerecord_3_1.gemfile.lock +3 -1
data/gemfiles/activerecord_3_2.gemfile.lock +3 -1
data/lib/crypt_keeper_providers/mysql_aes/log_subscriber.rb +27 -0
data/lib/crypt_keeper_providers/mysql_aes.rb +38 -0
data/lib/crypt_keeper_providers/postgres_pgp/log_subscriber.rb +3 -3
data/lib/crypt_keeper_providers/version.rb +1 -1
data/lib/crypt_keeper_providers.rb +1 -0
data/spec/default.database.yml +10 -1
data/spec/mysql_aes/log_subscriber_spec.rb +25 -0
data/spec/mysql_aes_spec.rb +39 -0
data/spec/{postgres_sql_log_subscriber_spec.rb → postgres_pgp/log_subscriber_spec.rb} +1 -1
data/spec/{postgres_sql_spec.rb → postgres_pgp_spec.rb} +0 -0
data/spec/support/active_record.rb +9 -1
metadata +36 -54

data/.travis.yml CHANGED Viewed

@@ -7,6 +7,7 @@ before_script:
   - cp spec/default.database.yml spec/database.yml
   - psql -c 'CREATE DATABASE crypt_keeper_providers;' -U postgres
   - psql crypt_keeper_providers -c 'CREATE EXTENSION IF NOT EXISTS pgcrypto;' -U postgres
+  - mysql -e 'CREATE DATABASE crypt_keeper_providers'
 notifications:
   email:
     recipients:

data/crypt_keeper_providers.gemspec CHANGED Viewed

@@ -25,7 +25,9 @@ Gem::Specification.new do |gem|
   if RUBY_PLATFORM == 'java'
     gem.add_development_dependency 'jruby-openssl', '~> 0.7.7'
     gem.add_development_dependency 'activerecord-jdbcpostgresql-adapter'
+    gem.add_development_dependency 'activerecord-jdbcmysql-adapter'
   else
     gem.add_development_dependency 'pg', '~> 0.14.0'
+    gem.add_development_dependency 'mysql2', '~> 0.3.11'
   end
 end

data/gemfiles/activerecord_3_0.gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: /home/justin/work/ruby/crypt_keeper_providers
   specs:
-    crypt_keeper_providers (0.1.0)
+    crypt_keeper_providers (0.2.0)
 GEM
   remote: https://rubygems.org/
@@ -35,6 +35,7 @@ GEM
       rb-fsevent (~> 0.9.1)
       rb-inotify (~> 0.8.8)
     multi_json (1.3.6)
+    mysql2 (0.3.11)
     pg (0.14.0)
     rake (0.9.2.2)
     rb-fchange (0.0.5)
@@ -63,6 +64,7 @@ DEPENDENCIES
   crypt_keeper_providers!
   guard (~> 1.2.0)
   guard-rspec (~> 1.1.0)
+  mysql2 (~> 0.3.11)
   pg (~> 0.14.0)
   rake (~> 0.9.2.2)
   rspec (~> 2.10.0)

data/gemfiles/activerecord_3_1.gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: /home/justin/work/ruby/crypt_keeper_providers
   specs:
-    crypt_keeper_providers (0.1.0)
+    crypt_keeper_providers (0.2.0)
 GEM
   remote: https://rubygems.org/
@@ -35,6 +35,7 @@ GEM
       rb-fsevent (~> 0.9.1)
       rb-inotify (~> 0.8.8)
     multi_json (1.3.6)
+    mysql2 (0.3.11)
     pg (0.14.0)
     rake (0.9.2.2)
     rb-fchange (0.0.5)
@@ -63,6 +64,7 @@ DEPENDENCIES
   crypt_keeper_providers!
   guard (~> 1.2.0)
   guard-rspec (~> 1.1.0)
+  mysql2 (~> 0.3.11)
   pg (~> 0.14.0)
   rake (~> 0.9.2.2)
   rspec (~> 2.10.0)

data/gemfiles/activerecord_3_2.gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: /home/justin/work/ruby/crypt_keeper_providers
   specs:
-    crypt_keeper_providers (0.1.0)
+    crypt_keeper_providers (0.2.0)
 GEM
   remote: https://rubygems.org/
@@ -35,6 +35,7 @@ GEM
       rb-fsevent (~> 0.9.1)
       rb-inotify (~> 0.8.8)
     multi_json (1.3.6)
+    mysql2 (0.3.11)
     pg (0.14.0)
     rake (0.9.2.2)
     rb-fchange (0.0.5)
@@ -63,6 +64,7 @@ DEPENDENCIES
   crypt_keeper_providers!
   guard (~> 1.2.0)
   guard-rspec (~> 1.1.0)
+  mysql2 (~> 0.3.11)
   pg (~> 0.14.0)
   rake (~> 0.9.2.2)
   rspec (~> 2.10.0)

data/lib/crypt_keeper_providers/mysql_aes/log_subscriber.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require 'active_support/concern'
+require 'active_support/lazy_load_hooks'
+module CryptKeeperProviders
+  module MysqlAesLogSubscriber
+    extend ActiveSupport::Concern
+    included do
+      alias_method_chain :sql, :mysql_aes
+    end
+    # Public: Prevents sensitive data from being logged
+    def sql_with_mysql_aes(event)
+      filter = /(aes_(encrypt|decrypt))\(((.|\n)*?)\)/i
+      event.payload[:sql] = event.payload[:sql].gsub(filter) do |_|
+        "#{$1}([FILTERED])"
+      end
+      sql_without_mysql_aes(event)
+    end
+  end
+end
+ActiveSupport.on_load :active_record do
+  ActiveRecord::LogSubscriber.send :include, CryptKeeperProviders::MysqlAesLogSubscriber
+end

data/lib/crypt_keeper_providers/mysql_aes.rb ADDED Viewed

@@ -0,0 +1,38 @@
+require 'crypt_keeper_providers/mysql_aes/log_subscriber'
+module CryptKeeperProviders
+  class MysqlAes
+    attr_accessor :key
+    # Public: Initializes the encryptor
+    #
+    #  options - A hash, :key is required
+    def initialize(options = {})
+      @key = options.fetch(:key) do
+        raise ArgumentError, "Missing :key"
+      end
+    end
+    # Public: Encrypts a string
+    #
+    # Returns an encrypted string
+    def encrypt(value)
+      escape_and_execute_sql(["SELECT AES_ENCRYPT(?, ?)", value, key]).first
+    end
+    # Public: Decrypts a string
+    #
+    # Returns a plaintext string
+    def decrypt(value)
+      escape_and_execute_sql(["SELECT AES_DECRYPT(?, ?)", value, key]).first
+    end
+    private
+    # Private: Sanitize an sql query and then execute it
+    def escape_and_execute_sql(query)
+      query = ::ActiveRecord::Base.send :sanitize_sql_array, query
+      ::ActiveRecord::Base.connection.execute(query).first
+    end
+  end
+end

data/lib/crypt_keeper_providers/postgres_pgp/log_subscriber.rb CHANGED Viewed

@@ -6,18 +6,18 @@ module CryptKeeperProviders
     extend ActiveSupport::Concern
     included do
-      alias_method_chain :sql, :filter
+      alias_method_chain :sql, :postgres_pgp
     end
     # Public: Prevents sensitive data from being logged
-    def sql_with_filter(event)
+    def sql_with_postgres_pgp(event)
       filter = /(pgp_sym_(encrypt|decrypt))\(((.|\n)*?)\)/i
       event.payload[:sql] = event.payload[:sql].gsub(filter) do |_|
         "#{$1}([FILTERED])"
       end
-      sql_without_filter(event)
+      sql_without_postgres_pgp(event)
     end
   end
 end

data/lib/crypt_keeper_providers/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module CryptKeeperProviders
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/lib/crypt_keeper_providers.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 require 'crypt_keeper_providers/version'
 require 'crypt_keeper_providers/aes'
 require 'crypt_keeper_providers/postgres_pgp'
+require 'crypt_keeper_providers/mysql_aes'
 module CryptKeeperProviders
 end

data/spec/default.database.yml CHANGED Viewed

@@ -1,4 +1,4 @@
-test:
+postgres:
   adapter: postgresql
   encoding: utf8
   reconnect: false
@@ -6,3 +6,12 @@ test:
   pool: 5
   username: postgres
   password:
+mysql:
+  adapter: mysql2
+  encoding: utf8
+  reconnect: false
+  database: crypt_keeper_providers
+  pool: 5
+  username: root
+  password:

data/spec/mysql_aes/log_subscriber_spec.rb ADDED Viewed

@@ -0,0 +1,25 @@
+require 'spec_helper'
+module CryptKeeperProviders
+  describe MysqlAesLogSubscriber do
+    use_postgres
+    subject { ::ActiveRecord::LogSubscriber.new }
+    let(:input_query) do
+      "SELECT AES_ENCRYPT('encrypt_value', 'encrypt_key'), AES_ENCRYPT('decrypt_value', 'decrypt_key') FROM DUAL;"
+    end
+    let(:output_query) do
+      "SELECT AES_ENCRYPT([FILTERED]), AES_DECRYPT([FILTERED]) FROM DUAL;"
+    end
+    it "filters mysql aes functions" do
+      subject.should_receive(:sql_without_mysql_aes).with do |event|
+        event.payload[:sql].should == output_query
+      end
+      subject.sql(ActiveSupport::Notifications::Event.new(:sql, 1, 1, 1, { sql: output_query }))
+    end
+  end
+end

data/spec/mysql_aes_spec.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'spec_helper'
+module CryptKeeperProviders
+  describe MysqlAes do
+    use_mysql
+    let(:plain_text) { 'test' }
+    # MySQL stores AES encrypted strings in binary which you can't paste
+    # into a spec :). This is a Base64 encoded string of 'test' AES encrypted
+    # by AES_ENCRYPT()
+    let(:cipher_text) do
+      Base64.decode64 "nbKOoWn8kvAw9k/C2Mex6Q==\n"
+    end
+    subject { MysqlAes.new key: 'candy' }
+    its(:key) { should == 'candy' }
+    describe "#initialize" do
+      it "should raise an exception with a missing key" do
+        expect { MysqlAes.new }.to raise_error(ArgumentError, "Missing :key")
+      end
+    end
+    describe "#encrypt" do
+      it "should encrypt the string" do
+        subject.encrypt(plain_text).should_not == plain_text
+        subject.encrypt(plain_text).should_not be_empty
+      end
+    end
+    describe "#decrypt" do
+      it "should decrypt the string" do
+        subject.decrypt(cipher_text).should == plain_text
+      end
+    end
+  end
+end

data/spec/{postgres_sql_log_subscriber_spec.rb → postgres_pgp/log_subscriber_spec.rb} RENAMED Viewed

@@ -15,7 +15,7 @@ module CryptKeeperProviders
     end
     it "filters pgp functions" do
-      subject.should_receive(:sql_without_filter).with do |event|
+      subject.should_receive(:sql_without_postgres_pgp).with do |event|
         event.payload[:sql].should == output_query
       end

data/spec/{postgres_sql_spec.rb → postgres_pgp_spec.rb} RENAMED Viewed

File without changes

data/spec/support/active_record.rb CHANGED Viewed

@@ -9,7 +9,15 @@ module CryptKeeperProviders
     def use_postgres
       before :all do
         config = YAML.load_file SPEC_ROOT.join('database.yml')
-        ::ActiveRecord::Base.establish_connection(config['test'])
+        ::ActiveRecord::Base.establish_connection(config['postgres'])
+        ::ActiveRecord::Base.logger = Logger.new SPEC_ROOT.join('debug.log').to_s
+      end
+    end
+    def use_mysql
+      before :all do
+        config = YAML.load_file SPEC_ROOT.join('database.yml')
+        ::ActiveRecord::Base.establish_connection(config['mysql'])
         ::ActiveRecord::Base.logger = Logger.new SPEC_ROOT.join('debug.log').to_s
       end
     end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: crypt_keeper_providers
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
   prerelease:
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-07-30 00:00:00.000000000 Z
+date: 2012-08-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &17150080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,15 +21,10 @@ dependencies:
         version: 2.10.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 2.10.0
+  version_requirements: *17150080
 - !ruby/object:Gem::Dependency
   name: guard
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &17149320 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -37,15 +32,10 @@ dependencies:
         version: 1.2.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 1.2.0
+  version_requirements: *17149320
 - !ruby/object:Gem::Dependency
   name: guard-rspec
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &17148400 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -53,15 +43,10 @@ dependencies:
         version: 1.1.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 1.1.0
+  version_requirements: *17148400
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &17147440 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -69,15 +54,10 @@ dependencies:
         version: 0.9.2.2
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 0.9.2.2
+  version_requirements: *17147440
 - !ruby/object:Gem::Dependency
   name: activerecord
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &17145900 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -85,15 +65,10 @@ dependencies:
         version: '3.0'
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '3.0'
+  version_requirements: *17145900
 - !ruby/object:Gem::Dependency
   name: appraisal
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &16998160 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -101,15 +76,10 @@ dependencies:
         version: 0.4.1
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 0.4.1
+  version_requirements: *16998160
 - !ruby/object:Gem::Dependency
   name: pg
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &16996600 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -117,12 +87,18 @@ dependencies:
         version: 0.14.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
+  version_requirements: *16996600
+- !ruby/object:Gem::Dependency
+  name: mysql2
+  requirement: &16995360 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.14.0
+        version: 0.3.11
+  type: :development
+  prerelease: false
+  version_requirements: *16995360
 description: Encryption providers for crypt_keeper
 email:
 - jmazzi@gmail.com
@@ -148,13 +124,17 @@ files:
 - gemfiles/activerecord_3_2.gemfile.lock
 - lib/crypt_keeper_providers.rb
 - lib/crypt_keeper_providers/aes.rb
+- lib/crypt_keeper_providers/mysql_aes.rb
+- lib/crypt_keeper_providers/mysql_aes/log_subscriber.rb
 - lib/crypt_keeper_providers/postgres_pgp.rb
 - lib/crypt_keeper_providers/postgres_pgp/log_subscriber.rb
 - lib/crypt_keeper_providers/version.rb
 - spec/aes_spec.rb
 - spec/default.database.yml
-- spec/postgres_sql_log_subscriber_spec.rb
-- spec/postgres_sql_spec.rb
+- spec/mysql_aes/log_subscriber_spec.rb
+- spec/mysql_aes_spec.rb
+- spec/postgres_pgp/log_subscriber_spec.rb
+- spec/postgres_pgp_spec.rb
 - spec/spec_helper.rb
 - spec/support/active_record.rb
 homepage: ''
@@ -171,7 +151,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 533015026195049068
+      hash: 318045602228831916
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -180,17 +160,19 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 533015026195049068
+      hash: 318045602228831916
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.23
+rubygems_version: 1.8.11
 signing_key:
 specification_version: 3
 summary: Encryption providers for crypt_keeper
 test_files:
 - spec/aes_spec.rb
 - spec/default.database.yml
-- spec/postgres_sql_log_subscriber_spec.rb
-- spec/postgres_sql_spec.rb
+- spec/mysql_aes/log_subscriber_spec.rb
+- spec/mysql_aes_spec.rb
+- spec/postgres_pgp/log_subscriber_spec.rb
+- spec/postgres_pgp_spec.rb
 - spec/spec_helper.rb
 - spec/support/active_record.rb