ezcrypto2 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG +85 -0
- data/MIT-LICENSE +21 -0
- data/README.rdoc +152 -0
- data/README_ACTIVE_CRYPTO +122 -0
- data/README_DIGITAL_SIGNATURES +55 -0
- data/init.rb +1 -0
- data/lib/active_crypto.rb +325 -0
- data/lib/ezcrypto2.rb +610 -0
- data/lib/ezsig.rb +535 -0
- data/lib/trusted.pem +2363 -0
- data/rakefile +200 -0
- data/test/active_crypto_test.rb +211 -0
- data/test/agree2.com.cert +31 -0
- data/test/association_key_holder_test.rb +38 -0
- data/test/database.yml +18 -0
- data/test/digest_test.rb +51 -0
- data/test/dsakey.pem +12 -0
- data/test/dsapubkey.pem +12 -0
- data/test/dsig_test.rb +288 -0
- data/test/encrypt_test.rb +41 -0
- data/test/ezcrypto_test.rb +212 -0
- data/test/key_holder_test.rb +44 -0
- data/test/protectedsigner.pem +12 -0
- data/test/sf_intermediate.crt +29 -0
- data/test/test_helper.rb +35 -0
- data/test/testchild.pem +15 -0
- data/test/testchild.req +12 -0
- data/test/testpub.pem +4 -0
- data/test/testsigner.cert +20 -0
- data/test/testsigner.pem +9 -0
- data/test/valicert_class2_root.crt +18 -0
- metadata +99 -0
data/test/database.yml
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
sqlite:
|
2
|
+
:adapter: sqlite
|
3
|
+
:dbfile: crypto_test.sqlite.db
|
4
|
+
sqlite3:
|
5
|
+
:adapter: sqlite3
|
6
|
+
:dbfile: crypto_test.sqlite3.db
|
7
|
+
postgresql:
|
8
|
+
:adapter: postgresql
|
9
|
+
:username: postgres
|
10
|
+
:password: postgres
|
11
|
+
:database: crypto_test
|
12
|
+
:min_messages: ERROR
|
13
|
+
mysql:
|
14
|
+
:adapter: mysql
|
15
|
+
:host: localhost
|
16
|
+
:username: rails
|
17
|
+
:password:
|
18
|
+
:database: crypto_test
|
data/test/digest_test.rb
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
$:.unshift(File.dirname(__FILE__) + "/../lib/")
|
2
|
+
|
3
|
+
require 'test/unit'
|
4
|
+
require 'ezcrypto'
|
5
|
+
require 'base64'
|
6
|
+
require 'digest/sha1'
|
7
|
+
|
8
|
+
class DigestTest < Test::Unit::TestCase
|
9
|
+
|
10
|
+
def setup
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_digest
|
14
|
+
["hello","","test"].each do |data|
|
15
|
+
assert_equal Digest::SHA1.digest(data)[0..15],EzCrypto::Digester.digest(data)
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_digest64
|
20
|
+
["hello","","test"].each do |data|
|
21
|
+
assert_equal Base64.encode64(Digest::SHA1.digest(data)[0..15]),EzCrypto::Digester.digest64(data)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def test_hexdigest
|
26
|
+
["hello","","test"].each do |data|
|
27
|
+
assert_equal Digest::SHA1.hexdigest(data)[0..40],EzCrypto::Digester.hexdigest(data)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
def test_generate_key
|
32
|
+
key=EzCrypto::Digester.generate_key
|
33
|
+
assert 16,key.size
|
34
|
+
end
|
35
|
+
|
36
|
+
def test_generate_key64
|
37
|
+
key=EzCrypto::Digester.generate_key64
|
38
|
+
assert 24,key.size
|
39
|
+
|
40
|
+
end
|
41
|
+
|
42
|
+
def test_generate_hexkey
|
43
|
+
key=EzCrypto::Digester.generate_hexkey
|
44
|
+
assert 40,key.size
|
45
|
+
|
46
|
+
end
|
47
|
+
|
48
|
+
def test_get_key
|
49
|
+
|
50
|
+
end
|
51
|
+
end
|
data/test/dsakey.pem
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
-----BEGIN DSA PRIVATE KEY-----
|
2
|
+
MIIBugIBAAKBgQCGwFYmCsY6XeXmC2vB2VwGy7N4jV0vjwTh22VAXLlMtKrjJJ0k
|
3
|
+
WW/QI7wYWqttUIDQ1//ETRlW5+uV9E9WF1EtMo/Dv48LU/c1YCDjA5EAp2Wu/CnU
|
4
|
+
Qgd6ibLNTvkzSDdiZhryuq3nv0s1hLR6cysMOWg/l6usiwU5jgWDXrMK2wIVAJS8
|
5
|
+
gadASb6W8ZL6Ua4EqIFdYCdbAoGAWzwV5WF157O/oZeOmNv6IuV8MLD0m3JkJNkZ
|
6
|
+
DrY0G0M7YIVryCkmvCOuu8PLu7M+GGp9hEKV/wrpWJgiOlWAz0C0yxwxMyz3GFbx
|
7
|
+
ipqEL0CqKkl4QVMpKAhL1h2iIL+yI7p/8whcfeMnQXb0iIMD7AVvF++AJ/LAzulb
|
8
|
+
zZXdfP8CgYApedgToseniE9KWVrV3CMXrkwf3Er5CgcVF2JJWAfBbm8/PI2wX5GU
|
9
|
+
zT5++k+2sPISPQV3RFZiVKwdFNdft41KNNdfFPEC/4KhgHbK4nCJ3ReLiy2+MkHi
|
10
|
+
msgzvxAg8WRc+0aZKNFlNyqsIezE6ufs8e9YvKZJ2d30ggOqCHTBtgIUZ6jIgX60
|
11
|
+
PmOeqfRh32svQkP1p/E=
|
12
|
+
-----END DSA PRIVATE KEY-----
|
data/test/dsapubkey.pem
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
-----BEGIN PUBLIC KEY-----
|
2
|
+
MIIBtjCCASsGByqGSM44BAEwggEeAoGBAIbAViYKxjpd5eYLa8HZXAbLs3iNXS+P
|
3
|
+
BOHbZUBcuUy0quMknSRZb9AjvBhaq21QgNDX/8RNGVbn65X0T1YXUS0yj8O/jwtT
|
4
|
+
9zVgIOMDkQCnZa78KdRCB3qJss1O+TNIN2JmGvK6ree/SzWEtHpzKww5aD+Xq6yL
|
5
|
+
BTmOBYNeswrbAhUAlLyBp0BJvpbxkvpRrgSogV1gJ1sCgYBbPBXlYXXns7+hl46Y
|
6
|
+
2/oi5XwwsPSbcmQk2RkOtjQbQztghWvIKSa8I667w8u7sz4Yan2EQpX/CulYmCI6
|
7
|
+
VYDPQLTLHDEzLPcYVvGKmoQvQKoqSXhBUykoCEvWHaIgv7Ijun/zCFx94ydBdvSI
|
8
|
+
gwPsBW8X74An8sDO6VvNld18/wOBhAACgYApedgToseniE9KWVrV3CMXrkwf3Er5
|
9
|
+
CgcVF2JJWAfBbm8/PI2wX5GUzT5++k+2sPISPQV3RFZiVKwdFNdft41KNNdfFPEC
|
10
|
+
/4KhgHbK4nCJ3ReLiy2+MkHimsgzvxAg8WRc+0aZKNFlNyqsIezE6ufs8e9YvKZJ
|
11
|
+
2d30ggOqCHTBtg==
|
12
|
+
-----END PUBLIC KEY-----
|
data/test/dsig_test.rb
ADDED
@@ -0,0 +1,288 @@
|
|
1
|
+
$:.unshift(File.dirname(__FILE__) + "/../lib/")
|
2
|
+
|
3
|
+
require 'test/unit'
|
4
|
+
require 'fileutils'
|
5
|
+
require 'ezsig'
|
6
|
+
require 'base64'
|
7
|
+
|
8
|
+
class EzCryptoTest < Test::Unit::TestCase
|
9
|
+
|
10
|
+
def setup
|
11
|
+
end
|
12
|
+
|
13
|
+
def _test_generate_key #very slow so not run by default
|
14
|
+
signer=EzCrypto::Signer.generate
|
15
|
+
assert signer.rsa?
|
16
|
+
assert !signer.dsa?
|
17
|
+
|
18
|
+
assert_signer(signer)
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_from_file
|
22
|
+
signer=EzCrypto::Signer.from_file File.dirname(__FILE__) + "/testsigner.pem"
|
23
|
+
assert signer.rsa?
|
24
|
+
assert !signer.dsa?
|
25
|
+
assert_signer(signer)
|
26
|
+
end
|
27
|
+
|
28
|
+
def test_dsa_from_file
|
29
|
+
signer=EzCrypto::Signer.from_file File.dirname(__FILE__) + "/dsakey.pem"
|
30
|
+
assert signer.dsa?
|
31
|
+
assert !signer.rsa?
|
32
|
+
assert_signer(signer)
|
33
|
+
end
|
34
|
+
|
35
|
+
def test_from_password_protected_file
|
36
|
+
signer=EzCrypto::Signer.from_file File.dirname(__FILE__) + "/protectedsigner.pem","secret"
|
37
|
+
assert signer.rsa?
|
38
|
+
assert !signer.dsa?
|
39
|
+
assert_signer(signer)
|
40
|
+
end
|
41
|
+
|
42
|
+
def test_public_key_read
|
43
|
+
signer=EzCrypto::Signer.from_file File.dirname(__FILE__) + "/testsigner.pem"
|
44
|
+
verifier=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/testpub.pem"
|
45
|
+
assert verifier
|
46
|
+
sig=signer.sign "test this rsa"
|
47
|
+
assert sig
|
48
|
+
assert verifier.verify( sig,"test this rsa")
|
49
|
+
|
50
|
+
assert !verifier.cert?
|
51
|
+
assert_equal signer.public_key.to_s, verifier.public_key.to_s
|
52
|
+
end
|
53
|
+
|
54
|
+
def test_dsa_public_key_read
|
55
|
+
signer=EzCrypto::Signer.from_file File.dirname(__FILE__) + "/dsakey.pem"
|
56
|
+
verifier=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/dsapubkey.pem"
|
57
|
+
|
58
|
+
assert verifier
|
59
|
+
sig=signer.sign "test this dsa"
|
60
|
+
assert sig
|
61
|
+
assert verifier.verify( sig,"test this dsa")
|
62
|
+
|
63
|
+
assert !verifier.cert?
|
64
|
+
|
65
|
+
# This fails as it seems like it returns an incorrect public key
|
66
|
+
# assert_equal signer.public_key.to_s, verifier.public_key.to_s
|
67
|
+
end
|
68
|
+
|
69
|
+
def test_certificate_reader
|
70
|
+
signer=EzCrypto::Signer.from_file File.dirname(__FILE__) + "/testsigner.pem"
|
71
|
+
cert=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/testsigner.cert"
|
72
|
+
assert cert
|
73
|
+
assert cert.cert?
|
74
|
+
assert_instance_of EzCrypto::Certificate, cert
|
75
|
+
assert_equal signer.public_key.to_s, cert.public_key.to_s
|
76
|
+
|
77
|
+
sig=signer.sign "hello"
|
78
|
+
assert sig
|
79
|
+
assert cert.verify( sig,"hello")
|
80
|
+
|
81
|
+
assert_equal "/C=DK/ST=Denmark/L=Copenhagen/O=EzCrypto Test Certificate/OU=testing/CN=EzCrypto Testing/emailAddress=pelleb@gmail.com",cert.subject.to_s
|
82
|
+
assert_equal "/C=DK/ST=Denmark/L=Copenhagen/O=EzCrypto Test Certificate/OU=testing/CN=EzCrypto Testing/emailAddress=pelleb@gmail.com",cert.issuer.to_s
|
83
|
+
|
84
|
+
assert_kind_of EzCrypto::Name,cert.issuer
|
85
|
+
assert_kind_of EzCrypto::Name,cert.subject
|
86
|
+
assert cert.serial
|
87
|
+
assert cert.not_after
|
88
|
+
assert cert.not_before
|
89
|
+
assert cert.valid?
|
90
|
+
|
91
|
+
|
92
|
+
assert_equal cert.subject[:emailAddress],"pelleb@gmail.com"
|
93
|
+
assert_equal cert.subject[:C],"DK"
|
94
|
+
assert_equal cert.subject[:ST],"Denmark"
|
95
|
+
assert_equal cert.subject[:L],"Copenhagen"
|
96
|
+
assert_equal cert.subject[:OU],"testing"
|
97
|
+
assert_equal cert.subject[:O],"EzCrypto Test Certificate"
|
98
|
+
assert_equal cert.subject[:CN],"EzCrypto Testing"
|
99
|
+
|
100
|
+
assert_equal cert.subject.emailAddress,"pelleb@gmail.com"
|
101
|
+
assert_equal cert.subject.C,"DK"
|
102
|
+
assert_equal cert.subject.ST,"Denmark"
|
103
|
+
assert_equal cert.subject.L,"Copenhagen"
|
104
|
+
assert_equal cert.subject.OU,"testing"
|
105
|
+
assert_equal cert.subject.O,"EzCrypto Test Certificate"
|
106
|
+
assert_equal cert.subject.CN,"EzCrypto Testing"
|
107
|
+
|
108
|
+
assert_equal cert.subject.email,"pelleb@gmail.com"
|
109
|
+
assert_equal cert.subject.c,"DK"
|
110
|
+
assert_equal cert.subject.st,"Denmark"
|
111
|
+
assert_equal cert.subject.l,"Copenhagen"
|
112
|
+
assert_equal cert.subject.ou,"testing"
|
113
|
+
assert_equal cert.subject.o,"EzCrypto Test Certificate"
|
114
|
+
assert_equal cert.subject.cn,"EzCrypto Testing"
|
115
|
+
|
116
|
+
assert_equal cert.subject.country,"DK"
|
117
|
+
assert_equal cert.subject.state,"Denmark"
|
118
|
+
assert_equal cert.subject.locality,"Copenhagen"
|
119
|
+
assert_equal cert.subject.organisational_unit,"testing"
|
120
|
+
assert_equal cert.subject.organisation,"EzCrypto Test Certificate"
|
121
|
+
assert_equal cert.subject.organizational_unit,"testing"
|
122
|
+
assert_equal cert.subject.organization,"EzCrypto Test Certificate"
|
123
|
+
assert_equal cert.subject.name,"EzCrypto Testing"
|
124
|
+
assert_equal cert.subject.common_name,"EzCrypto Testing"
|
125
|
+
|
126
|
+
assert_equal cert.emailAddress,"pelleb@gmail.com"
|
127
|
+
assert_equal cert.C,"DK"
|
128
|
+
assert_equal cert.ST,"Denmark"
|
129
|
+
assert_equal cert.L,"Copenhagen"
|
130
|
+
assert_equal cert.OU,"testing"
|
131
|
+
assert_equal cert.O,"EzCrypto Test Certificate"
|
132
|
+
assert_equal cert.CN,"EzCrypto Testing"
|
133
|
+
|
134
|
+
assert_equal cert.email,"pelleb@gmail.com"
|
135
|
+
assert_equal cert.c,"DK"
|
136
|
+
assert_equal cert.st,"Denmark"
|
137
|
+
assert_equal cert.l,"Copenhagen"
|
138
|
+
assert_equal cert.ou,"testing"
|
139
|
+
assert_equal cert.o,"EzCrypto Test Certificate"
|
140
|
+
assert_equal cert.cn,"EzCrypto Testing"
|
141
|
+
|
142
|
+
assert_equal cert.country,"DK"
|
143
|
+
assert_equal cert.state,"Denmark"
|
144
|
+
assert_equal cert.locality,"Copenhagen"
|
145
|
+
assert_equal cert.organisational_unit,"testing"
|
146
|
+
assert_equal cert.organisation,"EzCrypto Test Certificate"
|
147
|
+
assert_equal cert.organizational_unit,"testing"
|
148
|
+
assert_equal cert.organization,"EzCrypto Test Certificate"
|
149
|
+
assert_equal cert.name,"EzCrypto Testing"
|
150
|
+
assert_equal cert.common_name,"EzCrypto Testing"
|
151
|
+
|
152
|
+
assert_equal cert.issuer[:emailAddress],"pelleb@gmail.com"
|
153
|
+
assert_equal cert.issuer[:C],"DK"
|
154
|
+
assert_equal cert.issuer[:ST],"Denmark"
|
155
|
+
assert_equal cert.issuer[:L],"Copenhagen"
|
156
|
+
assert_equal cert.issuer[:OU],"testing"
|
157
|
+
assert_equal cert.issuer[:O],"EzCrypto Test Certificate"
|
158
|
+
assert_equal cert.issuer[:CN],"EzCrypto Testing"
|
159
|
+
|
160
|
+
assert_equal cert.issuer.emailAddress,"pelleb@gmail.com"
|
161
|
+
assert_equal cert.issuer.C,"DK"
|
162
|
+
assert_equal cert.issuer.ST,"Denmark"
|
163
|
+
assert_equal cert.issuer.L,"Copenhagen"
|
164
|
+
assert_equal cert.issuer.OU,"testing"
|
165
|
+
assert_equal cert.issuer.O,"EzCrypto Test Certificate"
|
166
|
+
assert_equal cert.issuer.CN,"EzCrypto Testing"
|
167
|
+
|
168
|
+
assert_equal cert.issuer.email,"pelleb@gmail.com"
|
169
|
+
assert_equal cert.issuer.c,"DK"
|
170
|
+
assert_equal cert.issuer.st,"Denmark"
|
171
|
+
assert_equal cert.issuer.l,"Copenhagen"
|
172
|
+
assert_equal cert.issuer.ou,"testing"
|
173
|
+
assert_equal cert.issuer.o,"EzCrypto Test Certificate"
|
174
|
+
assert_equal cert.issuer.cn,"EzCrypto Testing"
|
175
|
+
assert_equal cert.issuer.country,"DK"
|
176
|
+
assert_equal cert.issuer.state,"Denmark"
|
177
|
+
assert_equal cert.issuer.locality,"Copenhagen"
|
178
|
+
assert_equal cert.issuer.organisational_unit,"testing"
|
179
|
+
assert_equal cert.issuer.organisation,"EzCrypto Test Certificate"
|
180
|
+
assert_equal cert.issuer.organizational_unit,"testing"
|
181
|
+
assert_equal cert.issuer.organization,"EzCrypto Test Certificate"
|
182
|
+
assert_equal cert.issuer.name,"EzCrypto Testing"
|
183
|
+
assert_equal cert.issuer.common_name,"EzCrypto Testing"
|
184
|
+
|
185
|
+
## Extensions
|
186
|
+
|
187
|
+
assert cert.extensions
|
188
|
+
|
189
|
+
end
|
190
|
+
|
191
|
+
def test_in_memory_store
|
192
|
+
trust=EzCrypto::TrustStore.new
|
193
|
+
cert=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/testsigner.cert"
|
194
|
+
assert !trust.verify(cert)
|
195
|
+
trust.add cert
|
196
|
+
assert trust.verify(cert)
|
197
|
+
|
198
|
+
sf_root=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/sf-class2-root.crt"
|
199
|
+
assert !trust.verify(sf_root)
|
200
|
+
starfield=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/sf_intermediate.crt"
|
201
|
+
assert !trust.verify(starfield)
|
202
|
+
agree2=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/agree2.com.cert"
|
203
|
+
assert !trust.verify(agree2)
|
204
|
+
|
205
|
+
trust.add sf_root
|
206
|
+
assert trust.verify(sf_root)
|
207
|
+
assert trust.verify(starfield)
|
208
|
+
assert !trust.verify(agree2)
|
209
|
+
|
210
|
+
trust.add starfield
|
211
|
+
assert trust.verify(agree2)
|
212
|
+
end
|
213
|
+
|
214
|
+
def test_disk_store
|
215
|
+
trust=EzCrypto::TrustStore.new File.dirname(__FILE__) + "/store"
|
216
|
+
sf_root=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/sf-class2-root.crt"
|
217
|
+
trust.add(sf_root)
|
218
|
+
assert trust.verify(sf_root)
|
219
|
+
starfield=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/sf_intermediate.crt"
|
220
|
+
assert trust.verify(starfield)
|
221
|
+
trust.add(starfield)
|
222
|
+
agree2=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/agree2.com.cert"
|
223
|
+
assert trust.verify(agree2)
|
224
|
+
|
225
|
+
cert=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/testsigner.cert"
|
226
|
+
assert !trust.verify(cert)
|
227
|
+
trust.add cert
|
228
|
+
assert trust.verify(cert)
|
229
|
+
end
|
230
|
+
|
231
|
+
def test_load_combined
|
232
|
+
certs=EzCrypto::Verifier.load_all_from_file File.dirname(__FILE__) + "/../lib/trusted.pem"
|
233
|
+
assert certs.is_a?( Array)
|
234
|
+
assert certs.size>1
|
235
|
+
certs.each do |cert|
|
236
|
+
assert_instance_of EzCrypto::Certificate, cert
|
237
|
+
end
|
238
|
+
end
|
239
|
+
|
240
|
+
def test_load_trusted_truststore
|
241
|
+
trust=EzCrypto::TrustStore.default_trusted
|
242
|
+
sf_root=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/sf-class2-root.crt"
|
243
|
+
assert trust.verify(sf_root)
|
244
|
+
starfield=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/sf_intermediate.crt"
|
245
|
+
assert trust.verify(starfield)
|
246
|
+
agree2=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/agree2.com.cert"
|
247
|
+
assert trust.verify(agree2)
|
248
|
+
|
249
|
+
cert=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/testsigner.cert"
|
250
|
+
assert !trust.verify(cert)
|
251
|
+
trust.add cert
|
252
|
+
assert trust.verify(cert)
|
253
|
+
end
|
254
|
+
|
255
|
+
# Disabling these until pkyp is back up
|
256
|
+
# def test_public_key_load_from_pkyp
|
257
|
+
# verifier=EzCrypto::Verifier.from_pkyp "e93e18114cbefaaa89fda908b09df63d3662879a"
|
258
|
+
# agree2=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/agree2.com.cert"
|
259
|
+
# assert_equal agree2.cert.to_s,verifier.cert.to_s
|
260
|
+
# assert verifier
|
261
|
+
# end
|
262
|
+
#
|
263
|
+
# def test_register_public_key_at_pkyp
|
264
|
+
# pub=EzCrypto::Verifier.from_file File.dirname(__FILE__) + "/agree2.com.cert"
|
265
|
+
# assert_equal pub.digest,pub.register_with_pkyp
|
266
|
+
# end
|
267
|
+
#
|
268
|
+
# def test_create_register_and_fetch_public_key
|
269
|
+
# signer=EzCrypto::Signer.generate
|
270
|
+
# assert_equal signer.verifier.digest,signer.verifier.register_with_pkyp
|
271
|
+
# verifier=EzCrypto::Verifier.from_pkyp signer.verifier.digest
|
272
|
+
# sig=signer.sign "hello"
|
273
|
+
# assert sig
|
274
|
+
# assert verifier.verify( sig,"hello")
|
275
|
+
# end
|
276
|
+
#
|
277
|
+
|
278
|
+
def assert_signer(signer)
|
279
|
+
assert signer
|
280
|
+
assert signer.public_key
|
281
|
+
|
282
|
+
sig=signer.sign "hello"
|
283
|
+
assert sig
|
284
|
+
assert signer.verifier
|
285
|
+
assert signer.verifier.verify( sig,"hello")
|
286
|
+
end
|
287
|
+
|
288
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'association_key_holder_test'
|
2
|
+
|
3
|
+
class EncUser < ActiveRecord::Base
|
4
|
+
set_table_name "users"
|
5
|
+
encrypt :name, :base64=>true
|
6
|
+
end
|
7
|
+
|
8
|
+
class RawUser < ActiveRecord::Base
|
9
|
+
set_table_name "users"
|
10
|
+
end
|
11
|
+
|
12
|
+
class EncryptTest < AssociationKeyHolderTest
|
13
|
+
def setup
|
14
|
+
@key_holder=EncUser.create
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_should_be_base64
|
18
|
+
assert EncUser.ezcrypto_base64?
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_should_retain_session_key_on_reload
|
22
|
+
key=EzCrypto::Key.generate
|
23
|
+
key_holder.set_session_key key
|
24
|
+
assert_not_nil key_holder.session_key
|
25
|
+
assert_equal key.raw,key_holder.session_key.raw
|
26
|
+
|
27
|
+
key_holder.name="bob"
|
28
|
+
key_holder.save
|
29
|
+
|
30
|
+
assert_equal "bob",key_holder.name
|
31
|
+
|
32
|
+
found=EncUser.find key_holder.id
|
33
|
+
assert_equal key_holder.name,found.name
|
34
|
+
|
35
|
+
raw=RawUser.find key_holder.id
|
36
|
+
assert_not_nil raw.name
|
37
|
+
assert_not_equal key_holder.name,raw.name
|
38
|
+
|
39
|
+
end
|
40
|
+
|
41
|
+
end
|
@@ -0,0 +1,212 @@
|
|
1
|
+
$:.unshift(File.dirname(__FILE__) + "/../lib/")
|
2
|
+
|
3
|
+
require 'test/unit'
|
4
|
+
require 'fileutils'
|
5
|
+
require 'ezcrypto'
|
6
|
+
require 'base64'
|
7
|
+
|
8
|
+
class EzCryptoTest < Test::Unit::TestCase
|
9
|
+
|
10
|
+
def setup
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_generate_alg_key
|
14
|
+
assert_generate_alg_key "aes-128-cbc",16
|
15
|
+
assert_generate_alg_key "aes-192-cbc",24
|
16
|
+
assert_generate_alg_key "aes-256-cbc",32
|
17
|
+
assert_generate_alg_key "rc2-40-cbc",5
|
18
|
+
assert_generate_alg_key "rc2-64-cbc",8
|
19
|
+
assert_generate_alg_key "rc4-64" ,8
|
20
|
+
assert_generate_alg_key "blowfish" ,16
|
21
|
+
assert_generate_alg_key "des" ,8
|
22
|
+
end
|
23
|
+
|
24
|
+
def test_with_password
|
25
|
+
assert_with_password "","secret","aes-128-cbc",16
|
26
|
+
assert_with_password "test","secret","aes-128-cbc",16
|
27
|
+
assert_with_password "password","secret","aes-128-cbc",16
|
28
|
+
assert_with_password "a�sldfad8q5�34j2�l4j24l6j2456","secret","aes-128-cbc",16
|
29
|
+
|
30
|
+
assert_with_password "","secret","aes-192-cbc",24
|
31
|
+
assert_with_password "test","secret","aes-192-cbc",24
|
32
|
+
assert_with_password "password","secret","aes-192-cbc",24
|
33
|
+
assert_with_password "a�sldfad8q5�34j2�l4j24l6j2456","secret","aes-192-cbc",24
|
34
|
+
|
35
|
+
assert_with_password "","secret","aes-256-cbc",32
|
36
|
+
assert_with_password "test","secret","aes-256-cbc",32
|
37
|
+
assert_with_password "password","secret","aes-256-cbc",32
|
38
|
+
assert_with_password "a�sldfad8q5�34j2�l4j24l6j2456","secret","aes-256-cbc",32
|
39
|
+
|
40
|
+
end
|
41
|
+
|
42
|
+
def test_encoded
|
43
|
+
0.upto 32 do |size|
|
44
|
+
assert_encoded_keys size
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
def test_encrypt
|
49
|
+
0.upto(CLEAR_TEXT.size-1) do |size|
|
50
|
+
assert_encrypt CLEAR_TEXT[0..size]
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def test_decrypt
|
55
|
+
0.upto(CLEAR_TEXT.size) do |size|
|
56
|
+
assert_decrypt CLEAR_TEXT[0..size]
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
def test_decrypt64
|
61
|
+
0.upto(CLEAR_TEXT.size) do |size|
|
62
|
+
assert_decrypt64 CLEAR_TEXT[0..size]
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
def test_keyfile_store_load
|
67
|
+
|
68
|
+
algo, size = "aes-256-cbc", 32
|
69
|
+
keyfile = 'ezcrypto-test.key'
|
70
|
+
|
71
|
+
FileUtils.rm [keyfile], :force => true
|
72
|
+
key = EzCrypto::Key.generate :algorithm => algo
|
73
|
+
assert_file_not_exists keyfile
|
74
|
+
key.store keyfile
|
75
|
+
assert_file_exists keyfile
|
76
|
+
assert_file_permissions keyfile, 0100400
|
77
|
+
|
78
|
+
key2 = EzCrypto::Key.load(keyfile)
|
79
|
+
assert_equal key.raw, key2.raw
|
80
|
+
|
81
|
+
FileUtils.rm [keyfile], :force => true
|
82
|
+
end
|
83
|
+
|
84
|
+
def test_filestuff_with_defaults
|
85
|
+
|
86
|
+
clearfile = 'lorem_ipsum.txt'
|
87
|
+
keyfile = 'lorem_ipsum.key'
|
88
|
+
algo, size = "aes-256-cbc", 32
|
89
|
+
|
90
|
+
File.open(clearfile, 'w') { |f| f.write(CLEAR_TEXT) }
|
91
|
+
assert_file_contains clearfile, CLEAR_TEXT
|
92
|
+
|
93
|
+
key = EzCrypto::Key.generate :algorithm => algo
|
94
|
+
|
95
|
+
# default behaviour: remove clearfile, append '.ez' suffix
|
96
|
+
cryptfile = key.encrypt_file(clearfile)
|
97
|
+
assert_equal cryptfile, clearfile + ".ez"
|
98
|
+
assert_file_not_exists clearfile
|
99
|
+
assert_file_exists cryptfile
|
100
|
+
assert_file_contains cryptfile, key.encrypt(CLEAR_TEXT)
|
101
|
+
|
102
|
+
# default behaviour: unlink cryptfile and remove suffix from filename
|
103
|
+
clearfile = key.decrypt_file cryptfile
|
104
|
+
assert_file_exists clearfile
|
105
|
+
assert_file_not_exists cryptfile
|
106
|
+
assert_file_contains clearfile, CLEAR_TEXT
|
107
|
+
FileUtils.rm [keyfile, clearfile, cryptfile], :force => true
|
108
|
+
end
|
109
|
+
|
110
|
+
def test_filestuff_with_options
|
111
|
+
|
112
|
+
clearfile = 'lorem_ipsum.txt'
|
113
|
+
keyfile = 'lorem_ipsum.key'
|
114
|
+
algo, size = "aes-256-cbc", 32
|
115
|
+
|
116
|
+
File.open(clearfile, 'w') { |f| f.write(CLEAR_TEXT) }
|
117
|
+
assert_file_contains clearfile, CLEAR_TEXT
|
118
|
+
|
119
|
+
key = EzCrypto::Key.generate :algorithm => algo
|
120
|
+
|
121
|
+
# with options: keep the original file, auto-create a
|
122
|
+
# new filename with a user-defined suffix
|
123
|
+
cryptfile = key.encrypt_file(clearfile, nil, :autoclean => false, :suffix => '.Encrypted')
|
124
|
+
assert_equal cryptfile, clearfile + ".Encrypted", 'suffix was added'
|
125
|
+
assert_file_exists clearfile
|
126
|
+
assert_file_exists cryptfile
|
127
|
+
assert_file_permissions cryptfile, 0100600
|
128
|
+
|
129
|
+
assert_raises(Errno::EEXIST, "the original file would not be overwritten") {
|
130
|
+
key.decrypt_file(cryptfile, nil, :autoclean => false, :suffix => '.Encrypted')
|
131
|
+
}
|
132
|
+
FileUtils.rm [clearfile], :force => true
|
133
|
+
|
134
|
+
clearfile = key.decrypt_file(cryptfile, nil, :autoclean => false, :suffix => '.Encrypted')
|
135
|
+
assert_equal cryptfile, clearfile + ".Encrypted", 'suffix was removed'
|
136
|
+
assert_file_exists clearfile
|
137
|
+
assert_file_exists cryptfile
|
138
|
+
assert_file_permissions cryptfile, 0100600
|
139
|
+
assert_file_contains clearfile, CLEAR_TEXT
|
140
|
+
|
141
|
+
FileUtils.rm [keyfile, clearfile, cryptfile], :force => true
|
142
|
+
end
|
143
|
+
|
144
|
+
def assert_file_permissions(filename, mode, msg='')
|
145
|
+
fmode = File.stat(filename).mode
|
146
|
+
assert_equal fmode, mode, msg
|
147
|
+
end
|
148
|
+
|
149
|
+
def assert_file_exists(filename)
|
150
|
+
assert File.exists?(filename)
|
151
|
+
end
|
152
|
+
|
153
|
+
def assert_file_not_exists(filename)
|
154
|
+
assert !File.exists?(filename)
|
155
|
+
end
|
156
|
+
|
157
|
+
def assert_file_contains(filename, expected)
|
158
|
+
assert_file_exists(filename)
|
159
|
+
content = File.open(filename,'r').read
|
160
|
+
assert_equal expected, content
|
161
|
+
end
|
162
|
+
|
163
|
+
def assert_key_size(size,key)
|
164
|
+
assert_equal size,key.raw.size
|
165
|
+
end
|
166
|
+
|
167
|
+
def assert_generate_alg_key(algorithm,size)
|
168
|
+
key=EzCrypto::Key.generate :algorithm=>algorithm
|
169
|
+
assert_key_size size,key
|
170
|
+
end
|
171
|
+
|
172
|
+
def assert_with_password(password,salt,algorithm,size)
|
173
|
+
key=EzCrypto::Key.with_password password,salt,:algorithm=>algorithm
|
174
|
+
assert_key_size size,key
|
175
|
+
assert_equal key.raw,EzCrypto::Key.with_password( password,salt,:algorithm=>algorithm).raw
|
176
|
+
end
|
177
|
+
|
178
|
+
def assert_encoded_keys(size)
|
179
|
+
key=EzCrypto::Key.generate size
|
180
|
+
key2=EzCrypto::Key.decode(key.encode)
|
181
|
+
assert_equal key.raw, key2.raw
|
182
|
+
end
|
183
|
+
|
184
|
+
def assert_encrypt(clear)
|
185
|
+
ALGORITHMS.each do |alg|
|
186
|
+
key=EzCrypto::Key.generate :algorithm=>alg
|
187
|
+
encrypted=key.encrypt clear
|
188
|
+
assert_not_nil encrypted
|
189
|
+
end
|
190
|
+
end
|
191
|
+
|
192
|
+
def assert_decrypt(clear)
|
193
|
+
ALGORITHMS.each do |alg|
|
194
|
+
key=EzCrypto::Key.generate :algorithm=>alg
|
195
|
+
encrypted=key.encrypt clear
|
196
|
+
assert_not_nil encrypted
|
197
|
+
assert_equal clear,key.decrypt(encrypted)
|
198
|
+
end
|
199
|
+
end
|
200
|
+
|
201
|
+
def assert_decrypt64(clear)
|
202
|
+
key=EzCrypto::Key.generate
|
203
|
+
encrypted=key.encrypt64 clear
|
204
|
+
assert_not_nil encrypted
|
205
|
+
assert_equal clear,key.decrypt64(encrypted)
|
206
|
+
end
|
207
|
+
|
208
|
+
ALGORITHMS=["aes128","bf","blowfish","des","des3","rc4","rc2"]
|
209
|
+
CLEAR_TEXT="Lorem ipsum dolor sit amet, suspendisse id interdum mus leo id. Sapien tempus consequat nullam, platea vitae sociis sed elementum et fermentum, vel praesent eget. Sed blandit augue, molestie mus sed habitant, semper voluptatibus neque, nullam a augue. Aptent imperdiet curabitur, quam quis laoreet. Dolor magna. Quis vestibulum amet eu arcu fringilla nibh, mi urna sunt dictumst nulla, elit quisque purus eros, sem hendrerit. Vulputate tortor rhoncus ac nonummy tortor nulla. Nunc id nunc luctus ligula."
|
210
|
+
end
|
211
|
+
|
212
|
+
|