crypt_keeper_providers 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. data/.travis.yml +1 -0
  2. data/crypt_keeper_providers.gemspec +2 -0
  3. data/gemfiles/activerecord_3_0.gemfile.lock +3 -1
  4. data/gemfiles/activerecord_3_1.gemfile.lock +3 -1
  5. data/gemfiles/activerecord_3_2.gemfile.lock +3 -1
  6. data/lib/crypt_keeper_providers/mysql_aes/log_subscriber.rb +27 -0
  7. data/lib/crypt_keeper_providers/mysql_aes.rb +38 -0
  8. data/lib/crypt_keeper_providers/postgres_pgp/log_subscriber.rb +3 -3
  9. data/lib/crypt_keeper_providers/version.rb +1 -1
  10. data/lib/crypt_keeper_providers.rb +1 -0
  11. data/spec/default.database.yml +10 -1
  12. data/spec/mysql_aes/log_subscriber_spec.rb +25 -0
  13. data/spec/mysql_aes_spec.rb +39 -0
  14. data/spec/{postgres_sql_log_subscriber_spec.rb → postgres_pgp/log_subscriber_spec.rb} +1 -1
  15. data/spec/{postgres_sql_spec.rb → postgres_pgp_spec.rb} +0 -0
  16. data/spec/support/active_record.rb +9 -1
  17. metadata +36 -54
data/.travis.yml CHANGED
@@ -7,6 +7,7 @@ before_script:
7
7
  - cp spec/default.database.yml spec/database.yml
8
8
  - psql -c 'CREATE DATABASE crypt_keeper_providers;' -U postgres
9
9
  - psql crypt_keeper_providers -c 'CREATE EXTENSION IF NOT EXISTS pgcrypto;' -U postgres
10
+ - mysql -e 'CREATE DATABASE crypt_keeper_providers'
10
11
  notifications:
11
12
  email:
12
13
  recipients:
data/crypt_keeper_providers.gemspec CHANGED
@@ -25,7 +25,9 @@ Gem::Specification.new do |gem|
25
25
  if RUBY_PLATFORM == 'java'
26
26
  gem.add_development_dependency 'jruby-openssl', '~> 0.7.7'
27
27
  gem.add_development_dependency 'activerecord-jdbcpostgresql-adapter'
28
+ gem.add_development_dependency 'activerecord-jdbcmysql-adapter'
28
29
  else
29
30
  gem.add_development_dependency 'pg', '~> 0.14.0'
31
+ gem.add_development_dependency 'mysql2', '~> 0.3.11'
30
32
  end
31
33
  end
data/gemfiles/activerecord_3_0.gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: /home/justin/work/ruby/crypt_keeper_providers
3
3
  specs:
4
- crypt_keeper_providers (0.1.0)
4
+ crypt_keeper_providers (0.2.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
@@ -35,6 +35,7 @@ GEM
35
35
  rb-fsevent (~> 0.9.1)
36
36
  rb-inotify (~> 0.8.8)
37
37
  multi_json (1.3.6)
38
+ mysql2 (0.3.11)
38
39
  pg (0.14.0)
39
40
  rake (0.9.2.2)
40
41
  rb-fchange (0.0.5)
@@ -63,6 +64,7 @@ DEPENDENCIES
63
64
  crypt_keeper_providers!
64
65
  guard (~> 1.2.0)
65
66
  guard-rspec (~> 1.1.0)
67
+ mysql2 (~> 0.3.11)
66
68
  pg (~> 0.14.0)
67
69
  rake (~> 0.9.2.2)
68
70
  rspec (~> 2.10.0)
data/gemfiles/activerecord_3_1.gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: /home/justin/work/ruby/crypt_keeper_providers
3
3
  specs:
4
- crypt_keeper_providers (0.1.0)
4
+ crypt_keeper_providers (0.2.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
@@ -35,6 +35,7 @@ GEM
35
35
  rb-fsevent (~> 0.9.1)
36
36
  rb-inotify (~> 0.8.8)
37
37
  multi_json (1.3.6)
38
+ mysql2 (0.3.11)
38
39
  pg (0.14.0)
39
40
  rake (0.9.2.2)
40
41
  rb-fchange (0.0.5)
@@ -63,6 +64,7 @@ DEPENDENCIES
63
64
  crypt_keeper_providers!
64
65
  guard (~> 1.2.0)
65
66
  guard-rspec (~> 1.1.0)
67
+ mysql2 (~> 0.3.11)
66
68
  pg (~> 0.14.0)
67
69
  rake (~> 0.9.2.2)
68
70
  rspec (~> 2.10.0)
data/gemfiles/activerecord_3_2.gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: /home/justin/work/ruby/crypt_keeper_providers
3
3
  specs:
4
- crypt_keeper_providers (0.1.0)
4
+ crypt_keeper_providers (0.2.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
@@ -35,6 +35,7 @@ GEM
35
35
  rb-fsevent (~> 0.9.1)
36
36
  rb-inotify (~> 0.8.8)
37
37
  multi_json (1.3.6)
38
+ mysql2 (0.3.11)
38
39
  pg (0.14.0)
39
40
  rake (0.9.2.2)
40
41
  rb-fchange (0.0.5)
@@ -63,6 +64,7 @@ DEPENDENCIES
63
64
  crypt_keeper_providers!
64
65
  guard (~> 1.2.0)
65
66
  guard-rspec (~> 1.1.0)
67
+ mysql2 (~> 0.3.11)
66
68
  pg (~> 0.14.0)
67
69
  rake (~> 0.9.2.2)
68
70
  rspec (~> 2.10.0)
data/lib/crypt_keeper_providers/mysql_aes/log_subscriber.rb ADDED
@@ -0,0 +1,27 @@
1
+ require 'active_support/concern'
2
+ require 'active_support/lazy_load_hooks'
3
+
4
+ module CryptKeeperProviders
5
+ module MysqlAesLogSubscriber
6
+ extend ActiveSupport::Concern
7
+
8
+ included do
9
+ alias_method_chain :sql, :mysql_aes
10
+ end
11
+
12
+ # Public: Prevents sensitive data from being logged
13
+ def sql_with_mysql_aes(event)
14
+ filter = /(aes_(encrypt|decrypt))\(((.|\n)*?)\)/i
15
+
16
+ event.payload[:sql] = event.payload[:sql].gsub(filter) do |_|
17
+ "#{$1}([FILTERED])"
18
+ end
19
+
20
+ sql_without_mysql_aes(event)
21
+ end
22
+ end
23
+ end
24
+
25
+ ActiveSupport.on_load :active_record do
26
+ ActiveRecord::LogSubscriber.send :include, CryptKeeperProviders::MysqlAesLogSubscriber
27
+ end
data/lib/crypt_keeper_providers/mysql_aes.rb ADDED
@@ -0,0 +1,38 @@
1
+ require 'crypt_keeper_providers/mysql_aes/log_subscriber'
2
+
3
+ module CryptKeeperProviders
4
+ class MysqlAes
5
+ attr_accessor :key
6
+
7
+ # Public: Initializes the encryptor
8
+ #
9
+ # options - A hash, :key is required
10
+ def initialize(options = {})
11
+ @key = options.fetch(:key) do
12
+ raise ArgumentError, "Missing :key"
13
+ end
14
+ end
15
+
16
+ # Public: Encrypts a string
17
+ #
18
+ # Returns an encrypted string
19
+ def encrypt(value)
20
+ escape_and_execute_sql(["SELECT AES_ENCRYPT(?, ?)", value, key]).first
21
+ end
22
+
23
+ # Public: Decrypts a string
24
+ #
25
+ # Returns a plaintext string
26
+ def decrypt(value)
27
+ escape_and_execute_sql(["SELECT AES_DECRYPT(?, ?)", value, key]).first
28
+ end
29
+
30
+ private
31
+
32
+ # Private: Sanitize an sql query and then execute it
33
+ def escape_and_execute_sql(query)
34
+ query = ::ActiveRecord::Base.send :sanitize_sql_array, query
35
+ ::ActiveRecord::Base.connection.execute(query).first
36
+ end
37
+ end
38
+ end
data/lib/crypt_keeper_providers/postgres_pgp/log_subscriber.rb CHANGED
@@ -6,18 +6,18 @@ module CryptKeeperProviders
6
6
  extend ActiveSupport::Concern
7
7
 
8
8
  included do
9
- alias_method_chain :sql, :filter
9
+ alias_method_chain :sql, :postgres_pgp
10
10
  end
11
11
 
12
12
  # Public: Prevents sensitive data from being logged
13
- def sql_with_filter(event)
13
+ def sql_with_postgres_pgp(event)
14
14
  filter = /(pgp_sym_(encrypt|decrypt))\(((.|\n)*?)\)/i
15
15
 
16
16
  event.payload[:sql] = event.payload[:sql].gsub(filter) do |_|
17
17
  "#{$1}([FILTERED])"
18
18
  end
19
19
 
20
- sql_without_filter(event)
20
+ sql_without_postgres_pgp(event)
21
21
  end
22
22
  end
23
23
  end
data/lib/crypt_keeper_providers/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module CryptKeeperProviders
2
- VERSION = "0.2.0"
2
+ VERSION = "0.3.0"
3
3
  end
data/lib/crypt_keeper_providers.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'crypt_keeper_providers/version'
2
2
  require 'crypt_keeper_providers/aes'
3
3
  require 'crypt_keeper_providers/postgres_pgp'
4
+ require 'crypt_keeper_providers/mysql_aes'
4
5
 
5
6
  module CryptKeeperProviders
6
7
  end
data/spec/default.database.yml CHANGED
@@ -1,4 +1,4 @@
1
- test:
1
+ postgres:
2
2
  adapter: postgresql
3
3
  encoding: utf8
4
4
  reconnect: false
@@ -6,3 +6,12 @@ test:
6
6
  pool: 5
7
7
  username: postgres
8
8
  password:
9
+ mysql:
10
+ adapter: mysql2
11
+ encoding: utf8
12
+ reconnect: false
13
+ database: crypt_keeper_providers
14
+ pool: 5
15
+ username: root
16
+ password:
17
+
data/spec/mysql_aes/log_subscriber_spec.rb ADDED
@@ -0,0 +1,25 @@
1
+ require 'spec_helper'
2
+
3
+ module CryptKeeperProviders
4
+ describe MysqlAesLogSubscriber do
5
+ use_postgres
6
+
7
+ subject { ::ActiveRecord::LogSubscriber.new }
8
+
9
+ let(:input_query) do
10
+ "SELECT AES_ENCRYPT('encrypt_value', 'encrypt_key'), AES_ENCRYPT('decrypt_value', 'decrypt_key') FROM DUAL;"
11
+ end
12
+
13
+ let(:output_query) do
14
+ "SELECT AES_ENCRYPT([FILTERED]), AES_DECRYPT([FILTERED]) FROM DUAL;"
15
+ end
16
+
17
+ it "filters mysql aes functions" do
18
+ subject.should_receive(:sql_without_mysql_aes).with do |event|
19
+ event.payload[:sql].should == output_query
20
+ end
21
+
22
+ subject.sql(ActiveSupport::Notifications::Event.new(:sql, 1, 1, 1, { sql: output_query }))
23
+ end
24
+ end
25
+ end
data/spec/mysql_aes_spec.rb ADDED
@@ -0,0 +1,39 @@
1
+ require 'spec_helper'
2
+
3
+ module CryptKeeperProviders
4
+ describe MysqlAes do
5
+ use_mysql
6
+
7
+ let(:plain_text) { 'test' }
8
+
9
+ # MySQL stores AES encrypted strings in binary which you can't paste
10
+ # into a spec :). This is a Base64 encoded string of 'test' AES encrypted
11
+ # by AES_ENCRYPT()
12
+ let(:cipher_text) do
13
+ Base64.decode64 "nbKOoWn8kvAw9k/C2Mex6Q==\n"
14
+ end
15
+
16
+ subject { MysqlAes.new key: 'candy' }
17
+
18
+ its(:key) { should == 'candy' }
19
+
20
+ describe "#initialize" do
21
+ it "should raise an exception with a missing key" do
22
+ expect { MysqlAes.new }.to raise_error(ArgumentError, "Missing :key")
23
+ end
24
+ end
25
+
26
+ describe "#encrypt" do
27
+ it "should encrypt the string" do
28
+ subject.encrypt(plain_text).should_not == plain_text
29
+ subject.encrypt(plain_text).should_not be_empty
30
+ end
31
+ end
32
+
33
+ describe "#decrypt" do
34
+ it "should decrypt the string" do
35
+ subject.decrypt(cipher_text).should == plain_text
36
+ end
37
+ end
38
+ end
39
+ end
data/spec/{postgres_sql_log_subscriber_spec.rb → postgres_pgp/log_subscriber_spec.rb} RENAMED
@@ -15,7 +15,7 @@ module CryptKeeperProviders
15
15
  end
16
16
 
17
17
  it "filters pgp functions" do
18
- subject.should_receive(:sql_without_filter).with do |event|
18
+ subject.should_receive(:sql_without_postgres_pgp).with do |event|
19
19
  event.payload[:sql].should == output_query
20
20
  end
21
21
 
data/spec/{postgres_sql_spec.rb → postgres_pgp_spec.rb} RENAMED
File without changes
data/spec/support/active_record.rb CHANGED
@@ -9,7 +9,15 @@ module CryptKeeperProviders
9
9
  def use_postgres
10
10
  before :all do
11
11
  config = YAML.load_file SPEC_ROOT.join('database.yml')
12
- ::ActiveRecord::Base.establish_connection(config['test'])
12
+ ::ActiveRecord::Base.establish_connection(config['postgres'])
13
+ ::ActiveRecord::Base.logger = Logger.new SPEC_ROOT.join('debug.log').to_s
14
+ end
15
+ end
16
+
17
+ def use_mysql
18
+ before :all do
19
+ config = YAML.load_file SPEC_ROOT.join('database.yml')
20
+ ::ActiveRecord::Base.establish_connection(config['mysql'])
13
21
  ::ActiveRecord::Base.logger = Logger.new SPEC_ROOT.join('debug.log').to_s
14
22
  end
15
23
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: crypt_keeper_providers
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,11 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-30 00:00:00.000000000 Z
12
+ date: 2012-08-02 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rspec
16
- requirement: !ruby/object:Gem::Requirement
16
+ requirement: &17150080 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ~>
@@ -21,15 +21,10 @@ dependencies:
21
21
  version: 2.10.0
22
22
  type: :development
23
23
  prerelease: false
24
- version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
- requirements:
27
- - - ~>
28
- - !ruby/object:Gem::Version
29
- version: 2.10.0
24
+ version_requirements: *17150080
30
25
  - !ruby/object:Gem::Dependency
31
26
  name: guard
32
- requirement: !ruby/object:Gem::Requirement
27
+ requirement: &17149320 !ruby/object:Gem::Requirement
33
28
  none: false
34
29
  requirements:
35
30
  - - ~>
@@ -37,15 +32,10 @@ dependencies:
37
32
  version: 1.2.0
38
33
  type: :development
39
34
  prerelease: false
40
- version_requirements: !ruby/object:Gem::Requirement
41
- none: false
42
- requirements:
43
- - - ~>
44
- - !ruby/object:Gem::Version
45
- version: 1.2.0
35
+ version_requirements: *17149320
46
36
  - !ruby/object:Gem::Dependency
47
37
  name: guard-rspec
48
- requirement: !ruby/object:Gem::Requirement
38
+ requirement: &17148400 !ruby/object:Gem::Requirement
49
39
  none: false
50
40
  requirements:
51
41
  - - ~>
@@ -53,15 +43,10 @@ dependencies:
53
43
  version: 1.1.0
54
44
  type: :development
55
45
  prerelease: false
56
- version_requirements: !ruby/object:Gem::Requirement
57
- none: false
58
- requirements:
59
- - - ~>
60
- - !ruby/object:Gem::Version
61
- version: 1.1.0
46
+ version_requirements: *17148400
62
47
  - !ruby/object:Gem::Dependency
63
48
  name: rake
64
- requirement: !ruby/object:Gem::Requirement
49
+ requirement: &17147440 !ruby/object:Gem::Requirement
65
50
  none: false
66
51
  requirements:
67
52
  - - ~>
@@ -69,15 +54,10 @@ dependencies:
69
54
  version: 0.9.2.2
70
55
  type: :development
71
56
  prerelease: false
72
- version_requirements: !ruby/object:Gem::Requirement
73
- none: false
74
- requirements:
75
- - - ~>
76
- - !ruby/object:Gem::Version
77
- version: 0.9.2.2
57
+ version_requirements: *17147440
78
58
  - !ruby/object:Gem::Dependency
79
59
  name: activerecord
80
- requirement: !ruby/object:Gem::Requirement
60
+ requirement: &17145900 !ruby/object:Gem::Requirement
81
61
  none: false
82
62
  requirements:
83
63
  - - ! '>='
@@ -85,15 +65,10 @@ dependencies:
85
65
  version: '3.0'
86
66
  type: :development
87
67
  prerelease: false
88
- version_requirements: !ruby/object:Gem::Requirement
89
- none: false
90
- requirements:
91
- - - ! '>='
92
- - !ruby/object:Gem::Version
93
- version: '3.0'
68
+ version_requirements: *17145900
94
69
  - !ruby/object:Gem::Dependency
95
70
  name: appraisal
96
- requirement: !ruby/object:Gem::Requirement
71
+ requirement: &16998160 !ruby/object:Gem::Requirement
97
72
  none: false
98
73
  requirements:
99
74
  - - ~>
@@ -101,15 +76,10 @@ dependencies:
101
76
  version: 0.4.1
102
77
  type: :development
103
78
  prerelease: false
104
- version_requirements: !ruby/object:Gem::Requirement
105
- none: false
106
- requirements:
107
- - - ~>
108
- - !ruby/object:Gem::Version
109
- version: 0.4.1
79
+ version_requirements: *16998160
110
80
  - !ruby/object:Gem::Dependency
111
81
  name: pg
112
- requirement: !ruby/object:Gem::Requirement
82
+ requirement: &16996600 !ruby/object:Gem::Requirement
113
83
  none: false
114
84
  requirements:
115
85
  - - ~>
@@ -117,12 +87,18 @@ dependencies:
117
87
  version: 0.14.0
118
88
  type: :development
119
89
  prerelease: false
120
- version_requirements: !ruby/object:Gem::Requirement
90
+ version_requirements: *16996600
91
+ - !ruby/object:Gem::Dependency
92
+ name: mysql2
93
+ requirement: &16995360 !ruby/object:Gem::Requirement
121
94
  none: false
122
95
  requirements:
123
96
  - - ~>
124
97
  - !ruby/object:Gem::Version
125
- version: 0.14.0
98
+ version: 0.3.11
99
+ type: :development
100
+ prerelease: false
101
+ version_requirements: *16995360
126
102
  description: Encryption providers for crypt_keeper
127
103
  email:
128
104
  - jmazzi@gmail.com
@@ -148,13 +124,17 @@ files:
148
124
  - gemfiles/activerecord_3_2.gemfile.lock
149
125
  - lib/crypt_keeper_providers.rb
150
126
  - lib/crypt_keeper_providers/aes.rb
127
+ - lib/crypt_keeper_providers/mysql_aes.rb
128
+ - lib/crypt_keeper_providers/mysql_aes/log_subscriber.rb
151
129
  - lib/crypt_keeper_providers/postgres_pgp.rb
152
130
  - lib/crypt_keeper_providers/postgres_pgp/log_subscriber.rb
153
131
  - lib/crypt_keeper_providers/version.rb
154
132
  - spec/aes_spec.rb
155
133
  - spec/default.database.yml
156
- - spec/postgres_sql_log_subscriber_spec.rb
157
- - spec/postgres_sql_spec.rb
134
+ - spec/mysql_aes/log_subscriber_spec.rb
135
+ - spec/mysql_aes_spec.rb
136
+ - spec/postgres_pgp/log_subscriber_spec.rb
137
+ - spec/postgres_pgp_spec.rb
158
138
  - spec/spec_helper.rb
159
139
  - spec/support/active_record.rb
160
140
  homepage: ''
@@ -171,7 +151,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
171
151
  version: '0'
172
152
  segments:
173
153
  - 0
174
- hash: 533015026195049068
154
+ hash: 318045602228831916
175
155
  required_rubygems_version: !ruby/object:Gem::Requirement
176
156
  none: false
177
157
  requirements:
@@ -180,17 +160,19 @@ required_rubygems_version: !ruby/object:Gem::Requirement
180
160
  version: '0'
181
161
  segments:
182
162
  - 0
183
- hash: 533015026195049068
163
+ hash: 318045602228831916
184
164
  requirements: []
185
165
  rubyforge_project:
186
- rubygems_version: 1.8.23
166
+ rubygems_version: 1.8.11
187
167
  signing_key:
188
168
  specification_version: 3
189
169
  summary: Encryption providers for crypt_keeper
190
170
  test_files:
191
171
  - spec/aes_spec.rb
192
172
  - spec/default.database.yml
193
- - spec/postgres_sql_log_subscriber_spec.rb
194
- - spec/postgres_sql_spec.rb
173
+ - spec/mysql_aes/log_subscriber_spec.rb
174
+ - spec/mysql_aes_spec.rb
175
+ - spec/postgres_pgp/log_subscriber_spec.rb
176
+ - spec/postgres_pgp_spec.rb
195
177
  - spec/spec_helper.rb
196
178
  - spec/support/active_record.rb