loyal3-sentry 0.4.2

data/lib/sentry/sha_sentry.rb

@@ -0,0 +1,41 @@
+require 'digest/sha1'
+module Sentry
+  class ShaSentry
+    @@salt = 'salt'
+    attr_accessor :salt
+    
+    # Encrypts data using SHA.
+    def encrypt(data)
+      self.class.encrypt(data + salt.to_s)
+    end
+    
+    # Initialize the class.  
+    # Used by ActiveRecord::Base#generates_crypted to set up as a callback object for a model
+    def initialize(attribute = nil)
+      @attribute = attribute
+    end
+    
+    # Performs encryption on before_validation Active Record callback
+    def before_validation(model)
+      return unless model.send(@attribute)
+      model.send("crypted_#{@attribute}=", encrypt(model.send(@attribute)))
+    end
+        
+    class << self
+      # Gets the class salt value used when encrypting
+      def salt
+        @@salt
+      end
+      
+      # Sets the class salt value used when encrypting
+      def salt=(value)
+        @@salt = value
+      end
+      
+      # Encrypts the data
+      def encrypt(data)
+        Digest::SHA1.hexdigest(data + @@salt)
+      end
+    end
+  end
+end

data/lib/sentry/symmetric_sentry.rb

@@ -0,0 +1,79 @@
+module Sentry
+  class SymmetricSentry
+    @@default_algorithm = 'DES-EDE3-CBC'
+    @@default_key = nil
+    attr_accessor :algorithm
+    def initialize(options = {})
+      @algorithm = options[:algorithm] || @@default_algorithm
+    end
+  
+    def encrypt(data, key = nil)
+      key = check_for_key!(key)
+      des = encryptor
+      des.encrypt(key)
+      data = des.update(data)
+      data << des.final
+    end
+  
+    def encrypt_to_base64(text, key = nil)
+      Base64.encode64(encrypt(text, key))
+    end
+  
+    def decrypt(data, key = nil)
+      key = check_for_key!(key)
+      des = encryptor
+      des.decrypt(key)
+      text = des.update(data)
+      text << des.final
+    end
+  
+    def decrypt_from_base64(text, key = nil)
+      decrypt(Base64.decode64(text), key)
+    end
+
+    class << self
+      def default_algorithm
+        @@default_algorithm
+      end
+    
+      def default_algorithm=(value)
+        @@default_algorithm = value
+      end
+      
+      def default_key
+        @@default_key
+      end
+      
+      def default_key=(value)
+        @@default_key = value
+      end
+
+      def encrypt(data, key = nil)
+        self.new.encrypt(data, key)
+      end
+  
+      def encrypt_to_base64(text, key = nil)
+        self.new.encrypt_to_base64(text, key)
+      end
+  
+      def decrypt(data, key = nil)
+        self.new.decrypt(data, key)
+      end
+  
+      def decrypt_from_base64(text, key = nil)
+        self.new.decrypt_from_base64(text, key)
+      end
+    end
+
+    private
+    def encryptor
+      @encryptor ||= OpenSSL::Cipher::Cipher.new(@algorithm)
+    end
+    
+    def check_for_key!(key)
+      valid_key = key || @@default_key
+      raise Sentry::NoKeyError if valid_key.nil?
+      valid_key
+    end
+  end
+end

data/lib/sentry/symmetric_sentry_callback.rb

@@ -0,0 +1,17 @@
+module Sentry
+  class SymmetricSentryCallback
+    def initialize(attr_name)
+      @attr_name = attr_name
+    end
+
+    ## Performs encryption on before_validation Active Record callback
+    #def before_validation(model)
+    #  return if model.send(@attr_name).blank?
+    #  model.send("crypted_#{@attr_name}=", SymmetricSentry.encrypt_to_base64(model.send(@attr_name)))
+    #end
+    
+    #def after_save(model)
+    #  #model.send("#{@attr_name}=", nil)
+    #end
+  end
+end

data/lib/sentry.rb

@@ -0,0 +1,47 @@
+#Copyright (c) 2005 Rick Olson
+#
+#Permission is hereby granted, free of charge, to any person obtaining
+#a copy of this software and associated documentation files (the
+#"Software"), to deal in the Software without restriction, including
+#without limitation the rights to use, copy, modify, merge, publish,
+#distribute, sublicense, and/or sell copies of the Software, and to
+#permit persons to whom the Software is furnished to do so, subject to
+#the following conditions:
+#
+#The above copyright notice and this permission notice shall be
+#included in all copies or substantial portions of the Software.
+#
+#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+#EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+#MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+#NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+#LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+#OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+#WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'openssl'
+require 'base64'
+require 'sentry/symmetric_sentry'
+require 'sentry/asymmetric_sentry'
+require 'sentry/sha_sentry'
+require 'sentry/symmetric_sentry_callback'
+require 'sentry/asymmetric_sentry_callback'
+
+module Sentry
+  class NoKeyError < StandardError
+  end
+  class NoPublicKeyError < StandardError
+  end
+  class NoPrivateKeyError < StandardError
+  end
+  mattr_accessor :default_key
+end
+
+begin
+  require 'active_record/sentry'
+  ActiveRecord::Base.class_eval do
+    include ActiveRecord::Sentry
+  end
+rescue NameError
+  nil
+end

data/sentry.gemspec

@@ -0,0 +1,75 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{sentry}
+  s.version = "0.4.2"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["John Pelly", "David Stevenson"]
+  s.date = %q{2009-07-30}
+  s.description = %q{Asymmetric encryption of active record fields}
+  s.email = %q{commoncode@pivotallabs.com}
+  s.extra_rdoc_files = [
+    "README"
+  ]
+  s.files = [
+    ".gitignore",
+     "CHANGELOG",
+     "MIT-LICENSE",
+     "README",
+     "RUNNING_UNIT_TESTS",
+     "Rakefile",
+     "VERSION",
+     "init.rb",
+     "lib/active_record/sentry.rb",
+     "lib/sentry.rb",
+     "lib/sentry/asymmetric_sentry.rb",
+     "lib/sentry/asymmetric_sentry_callback.rb",
+     "lib/sentry/sha_sentry.rb",
+     "lib/sentry/symmetric_sentry.rb",
+     "lib/sentry/symmetric_sentry_callback.rb",
+     "sentry.gemspec",
+     "tasks/sentry.rake",
+     "test/abstract_unit.rb",
+     "test/asymmetric_sentry_callback_test.rb",
+     "test/asymmetric_sentry_test.rb",
+     "test/database.yml",
+     "test/fixtures/user.rb",
+     "test/fixtures/users.yml",
+     "test/keys/encrypted_private",
+     "test/keys/encrypted_public",
+     "test/keys/private",
+     "test/keys/public",
+     "test/schema.rb",
+     "test/sha_sentry_test.rb",
+     "test/symmetric_sentry_callback_test.rb",
+     "test/symmetric_sentry_test.rb",
+     "test/tests.rb"
+  ]
+  s.homepage = %q{http://github.com/pivotal/sentry}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.5}
+  s.summary = %q{Asymmetric encryption of active record fields}
+  s.test_files = [
+    "test/abstract_unit.rb",
+     "test/asymmetric_sentry_callback_test.rb",
+     "test/asymmetric_sentry_test.rb",
+     "test/fixtures/user.rb",
+     "test/schema.rb",
+     "test/sha_sentry_test.rb",
+     "test/symmetric_sentry_callback_test.rb",
+     "test/symmetric_sentry_test.rb",
+     "test/tests.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/tasks/sentry.rake

@@ -0,0 +1,9 @@
+require 'sentry'
+
+desc "Creates a private/public key for asymmetric encryption:  rake sentry_key PUB=/path/to/public.key PRIV=/path/to/priv.key [KEY=secret]"
+task :sentry_key do
+  Sentry::AsymmetricSentry.save_random_rsa_key(
+    ENV['PRIV'] || 'private.key', 
+    ENV['PUB']  || 'public.key', 
+    :key => ENV['KEY'])
+end

data/test/abstract_unit.rb

@@ -0,0 +1,44 @@
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+
+require 'rubygems'
+require 'test/unit'
+require 'active_record'
+require 'active_record/fixtures'
+require 'active_support/test_case'
+#require 'active_support/binding_of_caller'
+#require 'active_support/breakpoint'
+require "#{File.dirname(__FILE__)}/../lib/sentry"
+
+config_location = File.dirname(__FILE__) + '/database.yml'
+
+config = YAML::load(IO.read(config_location))
+ActiveRecord::Base.logger = Logger.new(File.dirname(__FILE__) + "/debug.log")
+ActiveRecord::Base.establish_connection(config[ENV['DB'] || 'mysql'])
+ActiveRecord::Base.configurations["test"] = "lolcatz"
+
+load(File.dirname(__FILE__) + "/schema.rb")
+
+class ActiveSupport::TestCase #:nodoc:
+  include ActiveRecord::TestFixtures
+  #def create_fixtures(*table_names)
+  #  if block_given?
+  #    Fixtures.create_fixtures(ActiveSupport::TestCase.fixture_path, table_names) { yield }
+  #  else
+  #    Fixtures.create_fixtures(ActiveSupport::TestCase.fixture_path, table_names)
+  #  end
+  #end
+
+  self.use_instantiated_fixtures  = false
+  self.use_transactional_fixtures = true
+end
+
+def create_fixtures(*table_names, &block)
+  Fixtures.create_fixtures(ActiveSupport::TestCase.fixture_path, table_names, {}, &block)
+end
+
+
+
+ActiveSupport::TestCase.fixture_path = File.dirname(__FILE__) + "/fixtures/"
+ActiveSupport::TestCase.use_instantiated_fixtures = true
+ActiveSupport::TestCase.use_transactional_fixtures = (ENV['AR_TX_FIXTURES'] == "yes")
+$LOAD_PATH.unshift(ActiveSupport::TestCase.fixture_path)

data/test/asymmetric_sentry_callback_test.rb

@@ -0,0 +1,106 @@
+require 'abstract_unit'
+require 'fixtures/user'
+
+class AsymmetricSentryCallbackTest < ActiveSupport::TestCase
+  fixtures :users
+
+  def setup
+    super
+    @str = 'sentry'
+    @key = 'secret'
+    @public_key_file = File.dirname(__FILE__) + '/keys/public'
+    @private_key_file = File.dirname(__FILE__) + '/keys/private'
+    @encrypted_public_key_file = File.dirname(__FILE__) + '/keys/encrypted_public'
+    @encrypted_private_key_file = File.dirname(__FILE__) + '/keys/encrypted_private'
+
+    @orig = 'sentry'
+    Sentry::AsymmetricSentry.default_public_key_file = @public_key_file
+    Sentry::AsymmetricSentry.default_private_key_file = @private_key_file
+    Sentry::SymmetricSentry.default_key = @key
+  end
+
+  def teardown
+    super
+    Sentry.default_key = nil
+  end
+
+  def test_encryption_should_use_default_key_when_present
+    use_encrypted_keys
+
+    assert_nil users(:user_2).creditcard
+    Sentry.default_key = @key
+
+    assert_equal @orig, users(:user_2).creditcard
+  end
+
+  def test_encryption_with_random_padding
+    # system works with unsaved record
+    u = User.new :login => 'jones'
+    u.creditcard = @orig
+    assert_equal @orig, u.creditcard
+    u.save!
+
+    # reload after save and check the decrypt works
+    u = User.find(u.id)
+    assert_equal @orig, u.creditcard
+    original_crypttext = u.crypted_creditcard
+
+    # set to same plaintext
+    u.creditcard = @orig
+    u.save!
+    
+    # expect different crypttext (due to random padding) 
+    assert_not_equal original_crypttext, u.crypted_creditcard
+  end
+
+  def test_should_encrypt_creditcard
+    u = User.create :login => 'jones'
+    u.creditcard = @orig
+    assert u.save
+    assert !u.crypted_creditcard.empty?
+  end
+
+  def test_should_deal_with_before_typecast
+    u = User.create :login => 'jones'
+    u.creditcard = "123123"
+    assert_equal "123123", u.creditcard_before_type_cast
+    assert u.save
+    u.reload
+    assert_equal "123123", u.creditcard_before_type_cast
+  end
+
+  def test_should_decrypt_creditcard
+    assert_equal @orig, users(:user_1).creditcard
+  end
+
+  def test_should_not_decrypt_encrypted_creditcard_with_invalid_key
+    assert_nil users(:user_2).creditcard
+    assert_nil users(:user_2).creditcard(@key)
+    use_encrypted_keys
+    assert_nil users(:user_1).creditcard
+  end
+
+  def test_should_not_decrypt_encrypted_creditcard
+    use_encrypted_keys
+    assert_nil users(:user_2).creditcard
+    assert_nil users(:user_2).creditcard('other secret')
+  end
+
+  def test_should_encrypt_encrypted_creditcard
+    use_encrypted_keys
+    u = User.create :login => 'jones'
+    u.creditcard = @orig
+    assert u.save
+    assert !u.crypted_creditcard.empty?
+  end
+
+  def test_should_decrypt_encrypted_creditcard
+    use_encrypted_keys
+    assert_equal @orig, users(:user_2).creditcard(@key)
+  end
+
+  def use_encrypted_keys
+    Sentry::AsymmetricSentry.default_public_key_file = @encrypted_public_key_file
+    Sentry::AsymmetricSentry.default_private_key_file = @encrypted_private_key_file
+  end
+end

data/test/asymmetric_sentry_test.rb

@@ -0,0 +1,88 @@
+require 'abstract_unit'
+
+class AsymmetricSentryTest < Test::Unit::TestCase
+  def setup
+    @str = 'sentry'
+    @key = 'secret'
+    @public_key_file = File.dirname(__FILE__) + '/keys/public'
+    @private_key_file = File.dirname(__FILE__) + '/keys/private'
+    @encrypted_public_key_file = File.dirname(__FILE__) + '/keys/encrypted_public'
+    @encrypted_private_key_file = File.dirname(__FILE__) + '/keys/encrypted_private'
+    @sentry = Sentry::AsymmetricSentry.new
+    
+    @orig = 'sentry'
+    @data = "vYfMxtVB8ezXmQKSNqTC9sPgi8TbsYRxWd7DVbpprzyuEdZ7gftJ/0IXsbXm\nXCU08bTAl0uEFm7dau+eJMXEJg==\n"
+    @encrypted_data = "q2obYAITmK93ylzVS01mJx1jSlnmylMX15nFpb4uKesVgnqvtzBRHZ/SK+Nm\nEzceIoAcJc3DHosVa4VUE/aK/A==\n"
+    Sentry::AsymmetricSentry.default_public_key_file = nil
+    Sentry::AsymmetricSentry.default_private_key_file = nil
+  end
+  
+  def test_should_decrypt_files
+    set_key_files @public_key_file, @private_key_file
+    assert_equal @orig, @sentry.decrypt_from_base64(@data)
+  end
+  
+  def test_should_decrypt_files_with_encrypted_key
+    set_key_files @encrypted_public_key_file, @encrypted_private_key_file
+    assert_equal @orig, @sentry.decrypt_from_base64(@encrypted_data, @key)
+  end
+
+  def test_should_read_key_files
+    assert !@sentry.public?
+    assert !@sentry.private?
+    set_key_files @public_key_file, @private_key_file
+  end
+  
+  def test_should_read_encrypted_key_files
+    assert !@sentry.public?
+    assert !@sentry.private?
+    set_key_files @encrypted_public_key_file, @encrypted_private_key_file
+  end
+
+  def test_should_decrypt_files_with_default_key
+    set_default_key_files @public_key_file, @private_key_file
+    assert_equal @orig, @sentry.decrypt_from_base64(@data)
+  end
+  
+  def test_should_decrypt_files_with_default_encrypted_key
+    set_default_key_files @encrypted_public_key_file, @encrypted_private_key_file
+    assert_equal @orig, @sentry.decrypt_from_base64(@encrypted_data, @key)
+  end
+
+  def test_should_decrypt_files_with_default_key_using_class_method
+    set_default_key_files @public_key_file, @private_key_file
+    assert_equal @orig, Sentry::AsymmetricSentry.decrypt_from_base64(@data)
+  end
+  
+  def test_should_decrypt_files_with_default_encrypted_key_using_class_method
+    set_default_key_files @encrypted_public_key_file, @encrypted_private_key_file
+    assert_equal @orig, Sentry::AsymmetricSentry.decrypt_from_base64(@encrypted_data, @key)
+  end
+
+  def test_should_read_key_files_with_default_key
+    assert !@sentry.public?
+    assert !@sentry.private?
+    set_default_key_files @public_key_file, @private_key_file
+  end
+  
+  def test_should_read_encrypted_key_files_with_default_key
+    assert !@sentry.public?
+    assert !@sentry.private?
+    set_default_key_files @encrypted_public_key_file, @encrypted_private_key_file
+  end
+
+  private  
+  def set_key_files(public_key, private_key)
+    @sentry.public_key_file = public_key
+    @sentry.private_key_file = private_key
+    assert @sentry.private?
+    assert @sentry.public?
+  end
+  
+  def set_default_key_files(public_key, private_key)
+    Sentry::AsymmetricSentry.default_public_key_file = public_key
+    Sentry::AsymmetricSentry.default_private_key_file = private_key
+    assert @sentry.private?
+    assert @sentry.public?
+  end
+end

data/test/database.yml

@@ -0,0 +1,18 @@
+sqlite:
+  :adapter: sqlite
+  :dbfile: sentry_plugin.sqlite.db
+sqlite3:
+  :adapter: sqlite3
+  :dbfile: sentry_plugin.sqlite3.db
+postgresql:
+  :adapter: postgresql
+  :username: postgres
+  :password: postgres
+  :database: sentry_plugin_test
+  :min_messages: ERROR
+mysql:
+  :adapter: mysql
+  :host: localhost
+  :username: root
+  :password: password
+  :database: sentry_plugin_test

data/test/fixtures/user.rb

@@ -0,0 +1,26 @@
+class User < ActiveRecord::Base
+  #define_read_methods
+  asymmetrically_encrypts :creditcard
+  
+  #def self.validates_password
+  #  validates_presence_of :password
+  #  validates_presence_of :password, :on => :create
+  #  validates_length_of :password, :in => 4..40
+  #end
+end
+
+#class ShaUser < User
+#  validates_password
+#  validates_confirmation_of :password
+#  generates_crypted :password # sha is used by default
+#end
+#
+#class DangerousUser < User # no password confirmation
+## validates_password
+#  generates_crypted :password
+#end
+#
+#class SymmetricUser < User
+#  validates_password
+#  generates_crypted :password, :mode => :symmetric
+#end

data/test/fixtures/users.yml

@@ -0,0 +1,9 @@
+user_1:
+  id: 1
+  login: bob
+  password: "0XlmUuNpE2k=\n"
+  creditcard: "n0DW3do8BTv5caPgR52CVtZJ4IXh8Fmkpt7k2QnHaxIx63I9ILG+GKKzXuIM\nohtHRSnzcw3gk1gkeDpYml9CoQ==\n"  # "sentry" with 8 characters of prepadding
+user_2:
+  id: 2
+  login: fred
+  creditcard: "MiIZuZmc7znWzqZuPWYPVATXeJUrfxCNyVYibefs2hfvpna7Godk6RWILXfi\nqRRU0WehLLo1Mq5EuMTTnPi09A==\n"  # "sentry" with 8 different characters of prepadding

data/test/keys/encrypted_private

@@ -0,0 +1,12 @@
+OBNa1q8kbx8pyZZjIpr/pZV0oulE2czh5JlPW/13XsBvoz+A2zxA9gchhi6c
+3yvfqgcZdojcsep+IiTqeg3gOPB2xNbedpP1lm+9tEfgdb9r1CLzRcURh7Hg
+ufWgyEkS0lloz/YLy4hg9YDKetFNF9fnrk3xVwZPwFVuk4l/Unw1FTXLHsrq
+KG27cR8mvNOow4bk4LVhk/avFSM85m3ITySEnyJsQQDzsI/RrWcQ7Js+8Ynv
+esN51E/T0CYtkMEne2zSaD5qUTJlQ7Qtn4UUeZkpYjn4xQZPxw4OjL6zofg7
+lsqElSv1/qP3QI8aKcQQklVsHRc5AgsxOFX4J6g6lo4kOGOwn0Ex8IRDfOej
+pq4SUDh9IXz+6FBieQrObB/xEsKysVwRSzXre6ObHlPFsigg5ekFPyCv5ZTz
+0iP8+xe/FJRrYdR3r3F5pRkOy0pw9EqlrLjmOx3/fgxhLq8FWmcSBbH3h3SG
+GkJlfHNjF77FTJjnHKzRS+5VpdW4IHbsjL+NlI1z9Ol//czYvSGv85NdJvkq
+PmH3o0+uYdwY5PeSMOPV21nJ3dwiKlm5IMFasL3C5yVJNVTVZTS7vWdcgZ4U
+XfWQ9Y266ibbqXPluv4nxt1+kgjxmPbjPdYrlB5t7a2+unzT3oE3f4VGOG+k
+YqFg0ErHN+fu

data/test/keys/encrypted_public

@@ -0,0 +1,4 @@
+-----BEGIN RSA PUBLIC KEY-----
+MEgCQQCvktJgveIcgTH98hAhMjo0g6/GVMJaYdUh+/zQn4RBWASRmwEfJqggsfKT
+pSNendZQMD8kKS8J1YTBr60ToM25AgMBAAE=
+-----END RSA PUBLIC KEY-----

data/test/keys/private

@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBAL/xeY6aqFx6z1ThNOwgPgxv3tsonTlCj8VkN3Ikumg6SzBuLxlV
+i9gFQZ7K9Pv9o/7+xUTYODqBpVhwgLBeu2cCAwEAAQJAHyjFMfg7Yp/xLndMzxRA
+3mX+yJckRtpeWo31TktWE3syks1r9OrfmxKiStM9kFRubeBHTihZrW92TYkROLxh
+uQIhAPuftVTJZFDNxeYDKIMIMqwR8KZgtuf25cv4pTxYwPqLAiEAw0gNwDJHBkvo
+da4402pZNQmBA6qCSf0svDXqoEoaShUCIGBma340Oe6LJ0pb42Vv+pnZtazIWMq9
+2IQwmn1oM2bJAiEAhgP869mVRIzzi091UCG79tn+4DU0FPLasI+P5VD1mcECIQDb
+3ndvbPcElVvdJgabxyWJJsNtBBNZYPsuc6NrQyShOw==
+-----END RSA PRIVATE KEY-----

data/test/keys/public

@@ -0,0 +1,4 @@
+-----BEGIN RSA PUBLIC KEY-----
+MEgCQQC/8XmOmqhces9U4TTsID4Mb97bKJ05Qo/FZDdyJLpoOkswbi8ZVYvYBUGe
+yvT7/aP+/sVE2Dg6gaVYcICwXrtnAgMBAAE=
+-----END RSA PUBLIC KEY-----

data/test/schema.rb

@@ -0,0 +1,10 @@
+ActiveRecord::Schema.define(:version => 1) do
+
+  create_table "users", :force => true do |t|
+    t.column :password,   :string, :limit => 255
+    t.column :creditcard, :string, :limit => 255
+    t.column :login,              :string, :limit => 50
+    t.column :type,               :string, :limit => 20
+  end
+
+end

data/test/sha_sentry_test.rb

@@ -0,0 +1,35 @@
+require 'abstract_unit'
+require 'fixtures/user'
+
+class ShaSentryTest < Test::Unit::TestCase
+  def test_foo
+    assert true
+  end
+  
+  #def setup
+  #  Sentry::ShaSentry.salt = 'salt'
+  #end
+  #
+  #def test_should_encrypt
+  #  assert_equal 'f438229716cab43569496f3a3630b3727524b81b', Sentry::ShaSentry.encrypt('test')
+  #end
+  #
+  #def test_should_encrypt_with_salt
+  #  Sentry::ShaSentry.salt = 'different salt'
+  #  assert_equal '18e3256d71529db8fa65b2eef24a69ddad7070f3', Sentry::ShaSentry.encrypt('test')
+  #end
+  #
+  #def test_should_encrypt_user_password
+  #  u = ShaUser.new :login => 'bob'
+  #  u.password = u.password_confirmation = 'test'
+  #  assert u.save
+  #  assert u.crypted_password = 'f438229716cab43569496f3a3630b3727524b81b'
+  #end
+  #
+  #def test_should_encrypt_user_password_without_confirmation
+  #  u = DangerousUser.new :login => 'bob'
+  #  u.password = 'test'
+  #  assert u.save
+  #  assert u.crypted_password = 'f438229716cab43569496f3a3630b3727524b81b'
+  #end
+end