encrypted_cookie_store 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE.txt +25 -0
- data/README.markdown +114 -0
- data/Rakefile +114 -0
- data/lib/encrypted_cookie_store.rb +2 -0
- data/lib/encrypted_cookie_store/constants.rb +3 -0
- data/lib/encrypted_cookie_store/encrypted_cookie_store.rb +133 -0
- data/lib/encrypted_cookie_store/railtie.rb +10 -0
- data/lib/tasks/encrypted_cookie_store.rake +7 -0
- data/test/encrypted_cookie_store_test.rb +84 -0
- metadata +77 -0
data/LICENSE.txt
ADDED
@@ -0,0 +1,25 @@
|
|
1
|
+
Copyright (c) 2009 - 2010 Phusion
|
2
|
+
All rights reserved.
|
3
|
+
|
4
|
+
Redistribution and use in source and binary forms, with or without
|
5
|
+
modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
* Redistributions of source code must retain the above copyright notice,
|
8
|
+
this list of conditions and the following disclaimer.
|
9
|
+
* Redistributions in binary form must reproduce the above copyright notice,
|
10
|
+
this list of conditions and the following disclaimer in the documentation
|
11
|
+
and/or other materials provided with the distribution.
|
12
|
+
* Neither the name of the Phusion nor the names of its contributors
|
13
|
+
may be used to endorse or promote products derived from this software
|
14
|
+
without specific prior written permission.
|
15
|
+
|
16
|
+
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
|
20
|
+
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
21
|
+
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
22
|
+
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
23
|
+
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
24
|
+
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
25
|
+
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
data/README.markdown
ADDED
@@ -0,0 +1,114 @@
|
|
1
|
+
EncryptedCookieStore
|
2
|
+
====================
|
3
|
+
EncryptedCookieStore is similar to Ruby on Rails's CookieStore (it saves
|
4
|
+
session data in a cookie), but it uses encryption so that people can't read
|
5
|
+
what's in the session data. This makes it possible to store sensitive data
|
6
|
+
in the session.
|
7
|
+
|
8
|
+
EncryptedCookieStore is written for Rails 2.3. Other versions of Rails have
|
9
|
+
not been tested.
|
10
|
+
|
11
|
+
**Note**: This is _not_ ThinkRelevance's EncryptedCookieStore. In the Rails
|
12
|
+
2.0 days they wrote an EncryptedCookieStore, but it seems their repository
|
13
|
+
had gone defunct and their source code lost. This EncryptedCookieStore is
|
14
|
+
written from scratch by Phusion.
|
15
|
+
|
16
|
+
Installation and usage
|
17
|
+
----------------------
|
18
|
+
|
19
|
+
First, install it:
|
20
|
+
|
21
|
+
./script/plugin install git://github.com/FooBarWidget/encrypted_cookie_store.git
|
22
|
+
|
23
|
+
Then edit `config/initializers/session_store.rb` and set your session store to
|
24
|
+
EncryptedCookieStore:
|
25
|
+
|
26
|
+
ActionController::Base.session_store = EncryptedCookieStore
|
27
|
+
|
28
|
+
You need to set a few session options before EncryptedCookieStore is usable.
|
29
|
+
You must set all options that CookieStore needs, plus an encryption key that
|
30
|
+
EncryptedCookieStore needs. In `session_store.rb`:
|
31
|
+
|
32
|
+
ActionController::Base.session = {
|
33
|
+
# CookieStore options...
|
34
|
+
:key => '_session', # Name of the cookie which contains the session data.
|
35
|
+
:secret => 'b4589cc9...', # A secret string used to generate the checksum for
|
36
|
+
# the session data. Must be longer than 64 characters
|
37
|
+
# and be completely random.
|
38
|
+
|
39
|
+
# EncryptedCookieStore options...
|
40
|
+
:encryption_key => 'c306779f3...', # The encryption key. See below for notes.
|
41
|
+
}
|
42
|
+
|
43
|
+
The encryption key *must* be a hexadecimal string of exactly 32 bytes. It
|
44
|
+
should be entirely random, because otherwise it can make the encryption weak.
|
45
|
+
|
46
|
+
You can generate a new encryption key by running `rake secret:encryption_key`.
|
47
|
+
This command will output a random encryption key that you can then copy and
|
48
|
+
paste into your environment.rb.
|
49
|
+
|
50
|
+
Operational details
|
51
|
+
-------------------
|
52
|
+
Upon generating cookie data, EncryptedCookieStore generates a new, random
|
53
|
+
initialization vector for encrypting the session data. This initialization
|
54
|
+
vector is then encrypted with 128-bit AES in ECB mode. The session data is
|
55
|
+
first protected with an HMAC to prevent tampering. The session data, along
|
56
|
+
with the HMAC, are then encrypted using 256-bit AES in CFB mode with the
|
57
|
+
generated initialization vector. This encrypted session data + HMAC are
|
58
|
+
then stored, along with the encrypted initialization vector, into the cookie.
|
59
|
+
|
60
|
+
Upon unmarshalling the cookie data, EncryptedCookieStore decrypts the
|
61
|
+
encrypted initialization vector and use that to decrypt the encrypted
|
62
|
+
session data + HMAC. The decrypted session data is then verified against
|
63
|
+
the HMAC.
|
64
|
+
|
65
|
+
The reason why HMAC verification occurs after decryption instead of before
|
66
|
+
decryption is because we want to be able to detect changes to the encryption
|
67
|
+
key and changes to the HMAC secret key, as well as migrations from CookieStore.
|
68
|
+
Verifying after decryption allows us to automatically invalidate such old
|
69
|
+
session cookies.
|
70
|
+
|
71
|
+
EncryptedCookieStore is quite fast: it is able to marshal and unmarshal a
|
72
|
+
simple session object 5000 times in 8.7 seconds on a MacBook Pro with a 2.4
|
73
|
+
Ghz Intel Core 2 Duo (in battery mode). This is about 0.174 ms per
|
74
|
+
marshal+unmarshal action. See `rake benchmark` in the EncryptedCookieStore
|
75
|
+
sources for details.
|
76
|
+
|
77
|
+
EncryptedCookieStore vs other session stores
|
78
|
+
--------------------------------------------
|
79
|
+
EncryptedCookieStore inherits all the benefits of CookieStore:
|
80
|
+
|
81
|
+
* It works out of the box without the need to setup a seperate data store (e.g. database table, daemon, etc).
|
82
|
+
* It does not require any maintenance. Old, stale sessions do not need to be manually cleaned up, as is the case with PStore and ActiveRecordStore.
|
83
|
+
* Compared to MemCacheStore, EncryptedCookieStore can "hold" an infinite number of sessions at any time.
|
84
|
+
* It can be scaled across multiple servers without any additional setup.
|
85
|
+
* It is fast.
|
86
|
+
* It is more secure than CookieStore because it allows you to store sensitive data in the session.
|
87
|
+
|
88
|
+
There are of course drawbacks as well:
|
89
|
+
|
90
|
+
* It is prone to session replay attacks. These kind of attacks are explained in the [Ruby on Rails Security Guide](http://guides.rubyonrails.org/security.html#session-storage). Therefore you should never store anything along the lines of `is_admin` in the session.
|
91
|
+
* You can store at most a little less than 4 KB of data in the session because that's the size limit of a cookie. "A little less" because EncryptedCookieStore also stores a small amount of bookkeeping data in the cookie.
|
92
|
+
* Although encryption makes it more secure than CookieStore, there's still a chance that a bug in EncryptedCookieStore renders it insecure. We welcome everyone to audit this code. There's also a chance that weaknesses in AES are found in the near future which render it insecure. If you are storing *really* sensitive information in the session, e.g. social security numbers, or plans for world domination, then you should consider using ActiveRecordStore or some other server-side store.
|
93
|
+
|
94
|
+
JRuby: Illegal Key Size error
|
95
|
+
-----------------------------
|
96
|
+
If you get this error (and your code works with MRI)...
|
97
|
+
|
98
|
+
Illegal key size
|
99
|
+
|
100
|
+
[...]/vendor/plugins/encrypted_cookie_store/lib/encrypted_cookie_store.rb:62:in `marshal'
|
101
|
+
|
102
|
+
...then it probably means you don't have the "unlimited strength" policy files
|
103
|
+
installed for your JVM.
|
104
|
+
[Download and install them.](http://www.ngs.ac.uk/tools/jcepolicyfiles)
|
105
|
+
You probably have the "strong" version if they are already there.
|
106
|
+
|
107
|
+
As a workaround, you can change the cipher type from 256-bit AES to 128-bit by
|
108
|
+
inserting the following in `config/initializer/session_store.rb`:
|
109
|
+
|
110
|
+
EncryptedCookieStore.data_cipher_type = 'aes-128-cfb'.freeze # was 256
|
111
|
+
|
112
|
+
Please note that after changing to 128-bit AES, EncryptedCookieStore still
|
113
|
+
requires a 32 bytes hexadecimal encryption key, although only half of the key
|
114
|
+
is actually used.
|
data/Rakefile
ADDED
@@ -0,0 +1,114 @@
|
|
1
|
+
desc "Run unit tests"
|
2
|
+
task :test do
|
3
|
+
sh "spec -f s -c test/*_test.rb"
|
4
|
+
end
|
5
|
+
|
6
|
+
desc "Run benchmark"
|
7
|
+
task :benchmark do
|
8
|
+
$LOAD_PATH.unshift(File.expand_path("lib"))
|
9
|
+
require 'rubygems'
|
10
|
+
require 'benchmark'
|
11
|
+
require 'action_controller'
|
12
|
+
require 'encrypted_cookie_store'
|
13
|
+
|
14
|
+
secret = "b6a30e998806a238c4bad45cc720ed55e56e50d9f00fff58552e78a20fe8262df61" <<
|
15
|
+
"42fcfdb0676018bb9767ed560d4a624fb7f3603b4e53c77ec189ae3853bd1"
|
16
|
+
encryption_key = "dd458e790c3b995e3606384c58efc53da431db892f585aa3ca2a17eabe6df75b"
|
17
|
+
store = EncryptedCookieStore.new(nil, :secret => secret, :key => 'my_app',
|
18
|
+
:encryption_key => encryption_key)
|
19
|
+
object = { :hello => "world", :user_id => 1234, :is_admin => true,
|
20
|
+
:shopping_cart => ["Tea x 1", "Carrots x 13", "Pocky x 20", "Pen x 4"],
|
21
|
+
:session_id => "b6a30e998806a238c4bad45cc720ed55e56e50d9f00ff" }
|
22
|
+
count = 50_000
|
23
|
+
|
24
|
+
puts "Marshalling and unmarshalling #{count} times..."
|
25
|
+
result = Benchmark.measure do
|
26
|
+
count.times do
|
27
|
+
data = store.send(:marshal, object)
|
28
|
+
store.send(:unmarshal, data)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
puts result
|
32
|
+
printf "%.3f ms per marshal+unmarshal action\n", result.real * 1000 / count
|
33
|
+
end
|
34
|
+
|
35
|
+
require "rubygems"
|
36
|
+
require "rake/gempackagetask"
|
37
|
+
require "rake/rdoctask"
|
38
|
+
|
39
|
+
require "rake/testtask"
|
40
|
+
Rake::TestTask.new do |t|
|
41
|
+
t.libs << "test"
|
42
|
+
t.test_files = FileList["test/**/*_test.rb"]
|
43
|
+
t.verbose = true
|
44
|
+
end
|
45
|
+
|
46
|
+
|
47
|
+
task :default => ["test"]
|
48
|
+
|
49
|
+
# This builds the actual gem. For details of what all these options
|
50
|
+
# mean, and other ones you can add, check the documentation here:
|
51
|
+
#
|
52
|
+
# http://rubygems.org/read/chapter/20
|
53
|
+
#
|
54
|
+
spec = Gem::Specification.new do |s|
|
55
|
+
|
56
|
+
# Change these as appropriate
|
57
|
+
s.name = "encrypted_cookie_store"
|
58
|
+
s.version = "0.2.0"
|
59
|
+
s.summary = "A Rails 3 version of Encrypted Cookie Store by FooBarWidget"
|
60
|
+
s.authors = ["FooBarWidget", "Ben Sales"]
|
61
|
+
s.email = "ben@twoism.co.uk"
|
62
|
+
s.homepage = "https://github.com/FooBarWidget/encrypted_cookie_store"
|
63
|
+
|
64
|
+
s.has_rdoc = true
|
65
|
+
s.extra_rdoc_files = %w(README.markdown)
|
66
|
+
s.rdoc_options = %w(--main README.markdown)
|
67
|
+
|
68
|
+
# Add any extra files to include in the gem
|
69
|
+
s.files = %w(LICENSE.txt Rakefile README.markdown) + Dir.glob("{test,lib}/**/*")
|
70
|
+
s.require_paths = ["lib"]
|
71
|
+
|
72
|
+
# If you want to depend on other gems, add them here, along with any
|
73
|
+
# relevant versions
|
74
|
+
# s.add_dependency("some_other_gem", "~> 0.1.0")
|
75
|
+
|
76
|
+
# If your tests use any gems, include them here
|
77
|
+
# s.add_development_dependency("mocha") # for example
|
78
|
+
end
|
79
|
+
|
80
|
+
# This task actually builds the gem. We also regenerate a static
|
81
|
+
# .gemspec file, which is useful if something (i.e. GitHub) will
|
82
|
+
# be automatically building a gem for this project. If you're not
|
83
|
+
# using GitHub, edit as appropriate.
|
84
|
+
#
|
85
|
+
# To publish your gem online, install the 'gemcutter' gem; Read more
|
86
|
+
# about that here: http://gemcutter.org/pages/gem_docs
|
87
|
+
Rake::GemPackageTask.new(spec) do |pkg|
|
88
|
+
pkg.gem_spec = spec
|
89
|
+
end
|
90
|
+
|
91
|
+
desc "Build the gemspec file #{spec.name}.gemspec"
|
92
|
+
task :gemspec do
|
93
|
+
file = File.dirname(__FILE__) + "/#{spec.name}.gemspec"
|
94
|
+
File.open(file, "w") {|f| f << spec.to_ruby }
|
95
|
+
end
|
96
|
+
|
97
|
+
# If you don't want to generate the .gemspec file, just remove this line. Reasons
|
98
|
+
# why you might want to generate a gemspec:
|
99
|
+
# - using bundler with a git source
|
100
|
+
# - building the gem without rake (i.e. gem build blah.gemspec)
|
101
|
+
# - maybe others?
|
102
|
+
task :package => :gemspec
|
103
|
+
|
104
|
+
# Generate documentation
|
105
|
+
Rake::RDocTask.new do |rd|
|
106
|
+
rd.main = "README.markdown"
|
107
|
+
rd.rdoc_files.include("README.markdown", "lib/**/*.rb")
|
108
|
+
rd.rdoc_dir = "rdoc"
|
109
|
+
end
|
110
|
+
|
111
|
+
desc 'Clear out RDoc and generated packages'
|
112
|
+
task :clean => [:clobber_rdoc, :clobber_package] do
|
113
|
+
rm "#{spec.name}.gemspec"
|
114
|
+
end
|
@@ -0,0 +1,133 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
require 'encrypted_cookie_store/constants'
|
3
|
+
|
4
|
+
module EncryptedCookieStore
|
5
|
+
class EncryptedCookieStore < ActionDispatch::Session::CookieStore
|
6
|
+
OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
|
7
|
+
include EncryptedCookieStoreConstants
|
8
|
+
|
9
|
+
class << self
|
10
|
+
attr_accessor :iv_cipher_type
|
11
|
+
attr_accessor :data_cipher_type
|
12
|
+
end
|
13
|
+
|
14
|
+
self.iv_cipher_type = "aes-128-ecb".freeze
|
15
|
+
self.data_cipher_type = "aes-256-cfb".freeze
|
16
|
+
|
17
|
+
def initialize(app, options = {})
|
18
|
+
ensure_encryption_key_secure(options[:encryption_key])
|
19
|
+
@encryption_key = unhex(options[:encryption_key]).freeze
|
20
|
+
@iv_cipher = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.iv_cipher_type)
|
21
|
+
@data_cipher = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.data_cipher_type)
|
22
|
+
super(app, options)
|
23
|
+
end
|
24
|
+
|
25
|
+
private
|
26
|
+
# Like ActiveSupport::MessageVerifier, but does not base64-encode data.
|
27
|
+
class MessageVerifier
|
28
|
+
def initialize(secret, digest = 'SHA1')
|
29
|
+
@secret = secret
|
30
|
+
@digest = digest
|
31
|
+
end
|
32
|
+
|
33
|
+
def verify(signed_message)
|
34
|
+
digest, data = signed_message.split("--", 2)
|
35
|
+
if digest != generate_digest(data)
|
36
|
+
raise ActiveSupport::MessageVerifier::InvalidSignature
|
37
|
+
else
|
38
|
+
Marshal.load(data)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def generate(value)
|
43
|
+
data = Marshal.dump(value)
|
44
|
+
digest = generate_digest(data)
|
45
|
+
"#{digest}--#{data}"
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
def generate_digest(data)
|
50
|
+
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(@digest), @secret, data)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def marshal(session)
|
55
|
+
# We hmac-then-encrypt instead of encrypt-then-hmac so that we
|
56
|
+
# can properly detect:
|
57
|
+
# - changes to the encryption key or initialization vector
|
58
|
+
# - a migration from the unencrypted CookieStore.
|
59
|
+
#
|
60
|
+
# Being able to detect these allows us to invalidate the old session data.
|
61
|
+
|
62
|
+
@iv_cipher.encrypt
|
63
|
+
@data_cipher.encrypt
|
64
|
+
@iv_cipher.key = @encryption_key
|
65
|
+
@data_cipher.key = @encryption_key
|
66
|
+
|
67
|
+
session_data = super(session)
|
68
|
+
iv = @data_cipher.random_iv
|
69
|
+
@data_cipher.iv = iv
|
70
|
+
encrypted_iv = @iv_cipher.update(iv) << @iv_cipher.final
|
71
|
+
encrypted_session_data = @data_cipher.update(session_data) << @data_cipher.final
|
72
|
+
|
73
|
+
"#{base64(encrypted_iv)}--#{base64(encrypted_session_data)}"
|
74
|
+
end
|
75
|
+
|
76
|
+
def unmarshal(cookie)
|
77
|
+
if cookie
|
78
|
+
b64_encrypted_iv, b64_encrypted_session_data = cookie.split("--", 2)
|
79
|
+
if b64_encrypted_iv && b64_encrypted_session_data
|
80
|
+
encrypted_iv = ActiveSupport::Base64.decode64(b64_encrypted_iv)
|
81
|
+
encrypted_session_data = ActiveSupport::Base64.decode64(b64_encrypted_session_data)
|
82
|
+
|
83
|
+
@iv_cipher.decrypt
|
84
|
+
@iv_cipher.key = @encryption_key
|
85
|
+
iv = @iv_cipher.update(encrypted_iv) << @iv_cipher.final
|
86
|
+
|
87
|
+
@data_cipher.decrypt
|
88
|
+
@data_cipher.key = @encryption_key
|
89
|
+
@data_cipher.iv = iv
|
90
|
+
session_data = @data_cipher.update(encrypted_session_data) << @data_cipher.final
|
91
|
+
super(session_data)
|
92
|
+
end
|
93
|
+
else
|
94
|
+
nil
|
95
|
+
end
|
96
|
+
rescue OpenSSLCipherError
|
97
|
+
nil
|
98
|
+
end
|
99
|
+
|
100
|
+
# To prevent users from using an insecure encryption key like "Password" we make sure that the
|
101
|
+
# encryption key they've provided is at least 30 characters in length.
|
102
|
+
def ensure_encryption_key_secure(encryption_key)
|
103
|
+
if encryption_key.blank?
|
104
|
+
raise ArgumentError, "An encryption key is required for encrypting the " +
|
105
|
+
"cookie session data. Please set config.action_controller.session = { " +
|
106
|
+
"..., :encryption_key => \"some random string of exactly " +
|
107
|
+
"#{ENCRYPTION_KEY_SIZE * 2} bytes\", ... } in config/environment.rb"
|
108
|
+
end
|
109
|
+
|
110
|
+
if encryption_key.size != ENCRYPTION_KEY_SIZE * 2
|
111
|
+
raise ArgumentError, "The EncryptedCookieStore encryption key must be a " +
|
112
|
+
"hexadecimal string of exactly #{ENCRYPTION_KEY_SIZE * 2} bytes. " +
|
113
|
+
"The value that you've provided, \"#{encryption_key}\", is " +
|
114
|
+
"#{encryption_key.size} bytes. You could use the following (randomly " +
|
115
|
+
"generated) string as encryption key: " +
|
116
|
+
ActiveSupport::SecureRandom.hex(ENCRYPTION_KEY_SIZE)
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
def verifier_for(secret, digest)
|
121
|
+
key = secret.respond_to?(:call) ? secret.call : secret
|
122
|
+
MessageVerifier.new(key, digest)
|
123
|
+
end
|
124
|
+
|
125
|
+
def base64(data)
|
126
|
+
ActiveSupport::Base64.encode64s(data)
|
127
|
+
end
|
128
|
+
|
129
|
+
def unhex(hex_data)
|
130
|
+
[hex_data].pack("H*")
|
131
|
+
end
|
132
|
+
end
|
133
|
+
end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
namespace :secret do
|
2
|
+
desc "Generate an encryption key for EncryptedCookieStore that's cryptographically secure."
|
3
|
+
task :encryption_key do
|
4
|
+
require 'encrypted_cookie_store/constants'
|
5
|
+
puts ActiveSupport::SecureRandom.hex(EncryptedCookieStoreConstants::ENCRYPTION_KEY_SIZE)
|
6
|
+
end
|
7
|
+
end
|
@@ -0,0 +1,84 @@
|
|
1
|
+
$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__) + "/../lib"))
|
2
|
+
require 'rubygems'
|
3
|
+
gem 'rails', '>= 3.0.0'
|
4
|
+
require 'encrypted_cookie_store'
|
5
|
+
|
6
|
+
describe EncryptedCookieStore do
|
7
|
+
SECRET = "b6a30e998806a238c4bad45cc720ed55e56e50d9f00fff58552e78a20fe8262df61" <<
|
8
|
+
"42fcfdb0676018bb9767ed560d4a624fb7f3603b4e53c77ec189ae3853bd1"
|
9
|
+
GOOD_ENCRYPTION_KEY = "dd458e790c3b995e3606384c58efc53da431db892f585aa3ca2a17eabe6df75b"
|
10
|
+
ANOTHER_GOOD_ENCRYPTION_KEY = "ce6a45c34607d2048d735b0a31a769de4e1512eb83c7012059a66937158a8975"
|
11
|
+
OBJECT = { :user_id => 123, :admin => true, :message => "hello world!" }
|
12
|
+
|
13
|
+
def create(options = {})
|
14
|
+
EncryptedCookieStore.new(nil, options.reverse_merge(
|
15
|
+
:key => 'key',
|
16
|
+
:secret => SECRET
|
17
|
+
))
|
18
|
+
end
|
19
|
+
|
20
|
+
it "checks whether an encryption key is given" do
|
21
|
+
lambda { create }.should raise_error(ArgumentError, /encryption key is required/)
|
22
|
+
end
|
23
|
+
|
24
|
+
it "checks whether the encryption key has the correct size" do
|
25
|
+
encryption_key = "too small"
|
26
|
+
block = lambda { create(:encryption_key => encryption_key) }
|
27
|
+
block.should raise_error(ArgumentError, /must be a hexadecimal string of exactly \d+ bytes/)
|
28
|
+
end
|
29
|
+
|
30
|
+
specify "marshalling and unmarshalling data works" do
|
31
|
+
data = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:marshal, OBJECT)
|
32
|
+
object = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
|
33
|
+
object[:user_id].should == 123
|
34
|
+
object[:admin].should be_true
|
35
|
+
object[:message].should == "hello world!"
|
36
|
+
end
|
37
|
+
|
38
|
+
it "uses a different initialization vector every time data is marshalled" do
|
39
|
+
store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
|
40
|
+
data1 = store.send(:marshal, OBJECT)
|
41
|
+
data2 = store.send(:marshal, OBJECT)
|
42
|
+
data3 = store.send(:marshal, OBJECT)
|
43
|
+
data4 = store.send(:marshal, OBJECT)
|
44
|
+
data1.should_not == data2
|
45
|
+
data1.should_not == data3
|
46
|
+
data1.should_not == data4
|
47
|
+
end
|
48
|
+
|
49
|
+
it "invalidates the data if the encryption key is changed" do
|
50
|
+
data = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:marshal, OBJECT)
|
51
|
+
object = create(:encryption_key => ANOTHER_GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
|
52
|
+
object.should be_nil
|
53
|
+
end
|
54
|
+
|
55
|
+
it "invalidates the data if the IV cannot be decrypted" do
|
56
|
+
store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
|
57
|
+
data = store.send(:marshal, OBJECT)
|
58
|
+
iv_cipher = store.instance_variable_get(:@iv_cipher)
|
59
|
+
iv_cipher.should_receive(:update).and_raise(EncryptedCookieStore::OpenSSLCipherError)
|
60
|
+
store.send(:unmarshal, data).should be_nil
|
61
|
+
end
|
62
|
+
|
63
|
+
it "invalidates the data if we just migrated from CookieStore" do
|
64
|
+
old_store = ActionController::Session::CookieStore.new(nil, :key => 'key', :secret => SECRET)
|
65
|
+
legacy_data = old_store.send(:marshal, OBJECT)
|
66
|
+
store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
|
67
|
+
store.send(:unmarshal, legacy_data).should be_nil
|
68
|
+
end
|
69
|
+
|
70
|
+
it "invalidates the data if it was tampered with" do
|
71
|
+
store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
|
72
|
+
data = store.send(:marshal, OBJECT)
|
73
|
+
b64_encrypted_iv, b64_encrypted_session_data = data.split("--", 2)
|
74
|
+
b64_encrypted_session_data[0..1] = "AA"
|
75
|
+
data = "#{b64_encrypted_iv}--#{b64_encrypted_session_data}"
|
76
|
+
store.send(:unmarshal, data).should be_nil
|
77
|
+
end
|
78
|
+
|
79
|
+
it "invalidates the data if it looks like garbage" do
|
80
|
+
store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
|
81
|
+
garbage = "\202d\3477 jTf\274\360\200z\355\334N3\001\0036\321qLu\027\320\325*%:%\270D"
|
82
|
+
store.send(:unmarshal, garbage).should be_nil
|
83
|
+
end
|
84
|
+
end
|
metadata
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: encrypted_cookie_store
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 23
|
5
|
+
prerelease: false
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 2
|
9
|
+
- 0
|
10
|
+
version: 0.2.0
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- FooBarWidget
|
14
|
+
- Ben Sales
|
15
|
+
autorequire:
|
16
|
+
bindir: bin
|
17
|
+
cert_chain: []
|
18
|
+
|
19
|
+
date: 2011-01-19 00:00:00 +00:00
|
20
|
+
default_executable:
|
21
|
+
dependencies: []
|
22
|
+
|
23
|
+
description:
|
24
|
+
email: ben@twoism.co.uk
|
25
|
+
executables: []
|
26
|
+
|
27
|
+
extensions: []
|
28
|
+
|
29
|
+
extra_rdoc_files:
|
30
|
+
- README.markdown
|
31
|
+
files:
|
32
|
+
- LICENSE.txt
|
33
|
+
- Rakefile
|
34
|
+
- README.markdown
|
35
|
+
- test/encrypted_cookie_store_test.rb
|
36
|
+
- lib/encrypted_cookie_store/constants.rb
|
37
|
+
- lib/encrypted_cookie_store/encrypted_cookie_store.rb
|
38
|
+
- lib/encrypted_cookie_store/railtie.rb
|
39
|
+
- lib/encrypted_cookie_store.rb
|
40
|
+
- lib/tasks/encrypted_cookie_store.rake
|
41
|
+
has_rdoc: true
|
42
|
+
homepage: https://github.com/FooBarWidget/encrypted_cookie_store
|
43
|
+
licenses: []
|
44
|
+
|
45
|
+
post_install_message:
|
46
|
+
rdoc_options:
|
47
|
+
- --main
|
48
|
+
- README.markdown
|
49
|
+
require_paths:
|
50
|
+
- lib
|
51
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
52
|
+
none: false
|
53
|
+
requirements:
|
54
|
+
- - ">="
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
hash: 3
|
57
|
+
segments:
|
58
|
+
- 0
|
59
|
+
version: "0"
|
60
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
61
|
+
none: false
|
62
|
+
requirements:
|
63
|
+
- - ">="
|
64
|
+
- !ruby/object:Gem::Version
|
65
|
+
hash: 3
|
66
|
+
segments:
|
67
|
+
- 0
|
68
|
+
version: "0"
|
69
|
+
requirements: []
|
70
|
+
|
71
|
+
rubyforge_project:
|
72
|
+
rubygems_version: 1.3.7
|
73
|
+
signing_key:
|
74
|
+
specification_version: 3
|
75
|
+
summary: A Rails 3 version of Encrypted Cookie Store by FooBarWidget
|
76
|
+
test_files: []
|
77
|
+
|