insecure_random 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ NDAxYzI4OWVkOTliMjgwMzM3ZGQwMzA4YTMyMDRmNjMyNTFiMTVmMQ==
5
+ data.tar.gz: !binary |-
6
+ MjQxOGZhZmJkZGUzMTVkZDI1ZDczYzg1MDY2MGFjNWYzOWM5NTNiYg==
7
+ !binary "U0hBNTEy":
8
+ metadata.gz: !binary |-
9
+ MjU4N2I2NGEzNjExZDNkMDg4MDExZDA3YTU0MDAxNzUzNGVkNDdjYzY3NzNm
10
+ ODQwYzk3ZmU5MmIzMDk4N2EwNjRlZWVkYTdiYmEwYzg4NmE1NmMyYzZmNDA2
11
+ MjhiODIzY2RhY2I5YmNlYTI0YzlkMmMwZmIxMjVhMWU1YTI2YmY=
12
+ data.tar.gz: !binary |-
13
+ YzQzNjhlZmIwYTY3MjIwNjgyZTY2Zjg5YjRkNmI3ZWU3NDdlYjE3ODIzMTA4
14
+ MTE1OWUwNGE1MDgxZjAwMTQxOWRjOTRkYWU2YTA3NGIwOTllYmYwNGQ0YTAy
15
+ NTczZDc4OGY1M2U4YTU0NDcwOTU0ZTNmODhkMjZmZjRkZmM0YzE=
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
@@ -0,0 +1,5 @@
1
+ language: ruby
2
+ rvm:
3
+ - 1.8.7
4
+ - 1.9.3
5
+ - 2.0.0
data/Gemfile ADDED
@@ -0,0 +1,7 @@
1
+ source "https://rubygems.org"
2
+
3
+ gemspec
4
+
5
+ gem "coveralls", "~> 0.6", :require => false
6
+ gem "rake", "~> 10.0"
7
+ gem "rspec", "~> 2.13"
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Steve Richert
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,83 @@
1
+ # InsecureRandom
2
+
3
+ [![Gem Version](https://badge.fury.io/rb/insecure_random.png)](http://badge.fury.io/rb/insecure_random)
4
+ [![Build Status](https://travis-ci.org/laserlemon/insecure_random.png?branch=master)](https://travis-ci.org/laserlemon/insecure_random)
5
+ [![Code Climate](https://codeclimate.com/github/laserlemon/insecure_random.png)](https://codeclimate.com/github/laserlemon/insecure_random)
6
+ [![Coverage Status](https://coveralls.io/repos/laserlemon/insecure_random/badge.png?branch=master)](https://coveralls.io/r/laserlemon/insecure_random)
7
+ [![Dependency Status](https://gemnasium.com/laserlemon/insecure_random.png)](https://gemnasium.com/laserlemon/insecure_random)
8
+
9
+ InsecureRandom overwrites SecureRandom to enable predictability via seeding.
10
+
11
+ ## Why?
12
+
13
+ ### RSpec
14
+
15
+ RSpec has a fantastic feature that allows you to run your tests in random order.
16
+
17
+ ```bash
18
+ rspec --order=random
19
+ ```
20
+
21
+ Running tests in random order helps you find potential ordering dependencies in
22
+ your test suite. For example, Test A and Test B both pass when run in that
23
+ order, but Test A fails if Test B runs first.
24
+
25
+ **Your test suite should not depend on the order in which the tests are run.**
26
+
27
+ If an ordering dependency causes a test failure, you can rerun the tests in the
28
+ same order using the seed from the previous run.
29
+
30
+ ```bash
31
+ rspec --seed=93487
32
+ ```
33
+
34
+ RSpec does this by seeding and using `Kernel.rand` to order your specs. This has
35
+ the handy side effect of making other random test data reproducible as well. For
36
+ example, your Factory Girl factories might use random data via Faker.
37
+
38
+ ```ruby
39
+ FactoryGirl.define do
40
+ factory :user do
41
+ name { Faker::Name.name }
42
+ age { rand(100) }
43
+ end
44
+ end
45
+ ```
46
+
47
+ Since Faker uses `Kernel.rand` under the hood, your test data will be consistent
48
+ across seeded RSpec runs.
49
+
50
+ ### SecureRandom
51
+
52
+ But what happens when generating random data isn't confined to your test suite?
53
+
54
+ Sometimes, it's necessary to generate random values for UUIDs, API keys, URL
55
+ slugs, etc. The `SecureRandom` module is perfect for those situations.
56
+ SecureRandom uses secure pseudorandom generators from tried and tested libraries
57
+ such as OpenSSL.
58
+
59
+ ### The Problem
60
+
61
+ The problem with testing code that involves SecureRandom is that SecureRandom
62
+ isn't seedable, which means that RSpec isn't able to rerun your tests in a
63
+ predictable way.
64
+
65
+ ### The Solution
66
+
67
+ Fortunately, SecureRandom only defines a handful of methods so it's easy to
68
+ override them to be backed by `Kernel.rand`.
69
+
70
+ And it gets even better. All of SecureRandom's methods are derived from
71
+ `SecureRandom.random_bytes` so overriding just that one method does the trick!
72
+
73
+ ## Installation
74
+
75
+ Add InsecureRandom to your Gemfile's test group:
76
+
77
+ ```ruby
78
+ group :development, :test do
79
+ gem "insecure_random"
80
+ end
81
+ ```
82
+
83
+ **Make sure that InsecureRandom is not loaded in production!**
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
@@ -0,0 +1,19 @@
1
+ # encoding: utf-8
2
+
3
+ Gem::Specification.new do |spec|
4
+ spec.name = "insecure_random"
5
+ spec.version = "1.0.0"
6
+
7
+ spec.author = "Steve Richert"
8
+ spec.email = "steve.richert@gmail.com"
9
+ spec.summary = "Like SecureRandom, but less… secure"
10
+ spec.description = "InsecureRandom overwrites SecureRandom to enable predictability via seeding."
11
+ spec.homepage = "https://github.com/laserlemon/insecure_random"
12
+ spec.license = "MIT"
13
+
14
+ spec.files = `git ls-files`.split($/)
15
+ spec.test_files = spec.files.grep(/^spec/)
16
+ spec.require_paths = ["lib"]
17
+
18
+ spec.add_development_dependency "bundler", "~> 1.3"
19
+ end
@@ -0,0 +1,8 @@
1
+ require "securerandom"
2
+
3
+ module SecureRandom
4
+ def self.random_bytes(n = nil)
5
+ n = n ? n.to_int : 16
6
+ Array.new(n) { Kernel.rand(256) }.pack("C*")
7
+ end
8
+ end
@@ -0,0 +1,84 @@
1
+ require "spec_helper"
2
+
3
+ describe SecureRandom do
4
+ let(:seed) { Kernel.srand }
5
+
6
+ describe ".random_bytes" do
7
+ it "is a 16 byte string" do
8
+ value = SecureRandom.random_bytes
9
+
10
+ expect(value).to be_a(String)
11
+ expect(value.size).to eq(16)
12
+ end
13
+
14
+ it "accepts an integer length argument" do
15
+ value = SecureRandom.random_bytes(32)
16
+
17
+ expect(value.size).to eq(32)
18
+ end
19
+
20
+ it "accepts a decimal length argument" do
21
+ value = SecureRandom.random_bytes(32.9)
22
+
23
+ expect(value.size).to eq(32)
24
+ end
25
+
26
+ it "accepts a nil length argument" do
27
+ value = SecureRandom.random_bytes(nil)
28
+
29
+ expect(value.size).to eq(16)
30
+ end
31
+
32
+ it "is random-ish" do
33
+ sample = []
34
+ 1000.times do
35
+ SecureRandom.random_bytes.bytes.each do |byte|
36
+ sample << byte
37
+ end
38
+ end
39
+
40
+ # MATH!
41
+ mean = sample.inject(:+).to_f / sample.size
42
+ variance = sample.inject(0) { |memo, value|
43
+ memo + (value - mean) ** 2
44
+ }.to_f / (sample.size - 1)
45
+ actual_standard_deviation = Math.sqrt(variance)
46
+ expected_standard_deviation = Math.sqrt(((256 ** 2) - 1).to_f / 12)
47
+
48
+ expect(actual_standard_deviation).to be_within(1).
49
+ of(expected_standard_deviation)
50
+ end
51
+
52
+ it "is reproducible" do
53
+ Kernel.srand(seed)
54
+ value1 = SecureRandom.random_bytes
55
+
56
+ Kernel.srand(seed)
57
+ value2 = SecureRandom.random_bytes
58
+
59
+ expect(value2).to eq(value1)
60
+ end
61
+ end
62
+
63
+ %w(
64
+ hex
65
+ base64
66
+ urlsafe_base64
67
+ random_number
68
+ uuid
69
+ ).each do |method|
70
+ if SecureRandom.respond_to?(method)
71
+ describe ".#{method}" do
72
+ it "is reproducible" do
73
+ Kernel.srand(seed)
74
+ value1 = SecureRandom.send(method)
75
+
76
+ Kernel.srand(seed)
77
+ value2 = SecureRandom.send(method)
78
+
79
+ expect(value2).to eq(value1)
80
+ end
81
+ end
82
+ end
83
+ end
84
+ end
@@ -0,0 +1,6 @@
1
+ require "coveralls"
2
+ Coveralls.wear!
3
+
4
+ require "insecure_random"
5
+
6
+ Dir[File.expand_path("../support/*.rb", __FILE__)].each { |f| require f }
@@ -0,0 +1,3 @@
1
+ RSpec.configure do |config|
2
+ config.order = "random"
3
+ end
metadata ADDED
@@ -0,0 +1,71 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: insecure_random
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Steve Richert
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-05-04 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ~>
18
+ - !ruby/object:Gem::Version
19
+ version: '1.3'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: '1.3'
27
+ description: InsecureRandom overwrites SecureRandom to enable predictability via seeding.
28
+ email: steve.richert@gmail.com
29
+ executables: []
30
+ extensions: []
31
+ extra_rdoc_files: []
32
+ files:
33
+ - .gitignore
34
+ - .travis.yml
35
+ - Gemfile
36
+ - LICENSE.txt
37
+ - README.md
38
+ - Rakefile
39
+ - insecure_random.gemspec
40
+ - lib/insecure_random.rb
41
+ - spec/insecure_random_spec.rb
42
+ - spec/spec_helper.rb
43
+ - spec/support/random.rb
44
+ homepage: https://github.com/laserlemon/insecure_random
45
+ licenses:
46
+ - MIT
47
+ metadata: {}
48
+ post_install_message:
49
+ rdoc_options: []
50
+ require_paths:
51
+ - lib
52
+ required_ruby_version: !ruby/object:Gem::Requirement
53
+ requirements:
54
+ - - ! '>='
55
+ - !ruby/object:Gem::Version
56
+ version: '0'
57
+ required_rubygems_version: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ requirements: []
63
+ rubyforge_project:
64
+ rubygems_version: 2.0.3
65
+ signing_key:
66
+ specification_version: 4
67
+ summary: Like SecureRandom, but less… secure
68
+ test_files:
69
+ - spec/insecure_random_spec.rb
70
+ - spec/spec_helper.rb
71
+ - spec/support/random.rb