RubyGems - powerhome-attr_encrypted - Versions diffs - 1.0.1 → 1.1.0 - Mend

powerhome-attr_encrypted 1.0.1 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +9 -0
data/README.md +1 -1
data/lib/attr_encrypted/version.rb +2 -2
data/lib/attr_encrypted.rb +36 -2
data/test/key_rotation_test.rb +165 -0
metadata +7 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 225b9354cf7318310fca332845cd11736b9a41916188ceb47b0631c6248894a4
-  data.tar.gz: 7de216dc4eacec3cb6893c9dd11f8bf2f6598caaebadef6b46133d31bd384754
+  metadata.gz: f397f23e70ea3033291a979ecb6d49e5caa6bb98feda217d82c5c6112703b964
+  data.tar.gz: ffcf85615feed2510c191e9a594dac1f0774e7a147f1fda44babc54f452fed3a
 SHA512:
-  metadata.gz: 25ba6cab8717767ce41e28651c571921a5e352ea1b7f1a272facd0d1bff9d502a802ebba0a21fba617b1adfba76f4e2cc7c359988065a0f6c2b76cad37f0f40a
-  data.tar.gz: 334094f5193fdc3a96362a2b8779a6afb331a8c4fa7c15577d74c33b7b57001722a431f12e1d91cd4734f7ff7bde6efcb4f90be783835878a6e2f08e7fce5836
+  metadata.gz: 024ccff97003a17ba51f242f088e5c6ee70b6ebcdcaa0dfef4ce2d2fd5caeea396124b0934d8b8c333e8e87a4c1b7457ecbe648d22b48e95759e25b492dba257
+  data.tar.gz: 5b2289e1c763c18b56bc41399e6da35e3dc85ab5430b442f0ac5a10e633826dfe65dc541fb6e2666927e1c5287c2c30cef450b9f8765ea56426c3ef62342fb86

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,14 @@
 # attr_encrypted #
+## 1.1.0 ##
+* Added: Ability to rotate cipher key and iv (https://github.com/powerhome/attr_encrypted/pull/4)
+## 1.0.1 ##
+* Added: Support for ActiveRecord  5.2
+## 1.0.0 ##
+* Forked from upstream (https://github.com/attr-encrypted/attr_encrypted) and rebraned
 ## 3.1.0 ##
 * Added: Abitilty to encrypt empty values. (@tamird)
 * Added: MIT license

data/README.md CHANGED Viewed

@@ -15,7 +15,7 @@ It works with ANY class, however, you get a few extra features when you're using
 Add attr_encrypted to your gemfile:
 ```ruby
-  gem "attr_encrypted", "~> 3.1.0"
+  gem "attr_encrypted", "~> 1.1.0"
 ```
 Then install the gem:

data/lib/attr_encrypted/version.rb CHANGED Viewed

@@ -4,8 +4,8 @@ module AttrEncrypted
   # Contains information about this gem's version
   module Version
     MAJOR = 1
-    MINOR = 0
-    PATCH = 1
+    MINOR = 1
+    PATCH = 0
     # Returns a version string by joining <tt>MAJOR</tt>, <tt>MINOR</tt>, and <tt>PATCH</tt> with <tt>'.'</tt>
     #

data/lib/attr_encrypted.rb CHANGED Viewed

@@ -236,7 +236,7 @@ module AttrEncrypted
   #
   #   email = User.decrypt(:email, 'SOME_ENCRYPTED_EMAIL_STRING')
   def decrypt(attribute, encrypted_value, options = {})
-    options = encrypted_attributes[attribute.to_sym].merge(options)
+    options = encrypted_attributes[attribute.to_sym].merge(options).compact
     if options[:if] && !options[:unless] && not_empty?(encrypted_value)
       encrypted_value = encrypted_value.unpack(options[:encode]).first if options[:encode]
       value = options[:encryptor].send(options[:decrypt_method], options.merge!(value: encrypted_value))
@@ -328,7 +328,41 @@ module AttrEncrypted
     def decrypt(attribute, encrypted_value)
       encrypted_attributes[attribute.to_sym][:operation] = :decrypting
       encrypted_attributes[attribute.to_sym][:value_present] = self.class.not_empty?(encrypted_value)
-      self.class.decrypt(attribute, encrypted_value, evaluated_attr_encrypted_options_for(attribute))
+      begin
+        self.class.decrypt(attribute, encrypted_value, evaluated_attr_encrypted_options_for(attribute))
+      rescue OpenSSL::Cipher::CipherError => e
+        # When decryption fails with `key:` and the attribute is
+        # configured to attempt a key rotation, let's try to decrypt
+        # with the `old_key:` then rotate the value using the
+        # `rotation_handler:`
+        options = evaluated_attr_encrypted_options_for(attribute)
+        raise e if nil == options[:old_key] || nil == options[:rotation_handler]
+        # but even this may fail if the column's data is encrypted with
+        # neither of these keys, or is corrupted in some way. We need to
+        # catch this scenario and optionally give the host application
+        # the ability to handle unrecoverable data
+        begin
+          value = self.class.decrypt(
+            attribute,
+            encrypted_value,
+            options.merge(
+              key: options[:old_key],
+              iv: options[:old_iv]
+            )
+          )
+          handler = options[:rotation_handler]
+          handler.new(self, attribute, value, encrypted_value, options).call
+          value
+        rescue OpenSSL::Cipher::CipherError => e
+          raise e unless options[:rotation_error_handler].present?
+          error_handler = options[:rotation_error_handler]
+          error_handler.new(self, attribute, e, encrypted_value, options).call
+        end
+      end
     end
     # Encrypts a value for the attribute specified using options evaluated in the current object's scope

data/test/key_rotation_test.rb ADDED Viewed

@@ -0,0 +1,165 @@
+# frozen_string_literal: true
+# encoding: UTF-8
+require_relative 'test_helper'
+class KeyRotationTest < Minitest::Test
+  class FakeRotatable
+    extend AttrEncrypted
+    self.attr_encrypted_options[:mode] = :single_iv_and_salt
+    def initialize(value: nil)
+      self.value = value
+    end
+    attr_accessor(
+      :value,
+    )
+  end
+  def setup
+    @old_config = generate_attr_encrypted_config
+    @new_config = generate_attr_encrypted_config
+    FakeRotatable.class_eval do
+      attr_encrypted(
+        :value,
+        *@old_config,
+      )
+    end
+  end
+  def teardown
+    Object.send(:remove_const, :FakeRotatable) if Object.const_defined?("FakeRotatable")
+  end
+  def test_decrypt_error_while_not_rotataing_keys_raises_cipher_error
+    original = instance_with_attr_encrypted_config(@old_config)
+    original.value = "cleartext-value"
+    with_wrong_key = instance_with_attr_encrypted_config(@new_config)
+    with_wrong_key.encrypted_value = original.encrypted_value
+    assert_raises(OpenSSL::Cipher::CipherError, "expected OpenSSL::Cipher::CipherError was not raised") do
+      with_wrong_key.value
+    end
+  end
+  def test_decrypt_error_when_rotating_keys_retries_with_the_old_key
+    original = instance_with_attr_encrypted_config(@old_config)
+    original.value = "cleartext-value"
+    rotation_handler_instance = Minitest::Mock.new
+    rotation_handler_instance.expect(:call, true)
+    rotating = setup_key_rotation(
+      from_config: @old_config,
+      to_config: @new_config,
+      rotation_handler: mock_rotation_handler_class(instance: rotation_handler_instance)
+    )
+    assert "cleartext_value", rotating.value
+  end
+  def test_rotation_invokes_the_rotation_handler
+    original = instance_with_attr_encrypted_config(@old_config)
+    original.value = "cleartext-value"
+    rotation_handler_instance = Minitest::Mock.new
+    rotation_handler_instance.expect(:call, true)
+    rotating = setup_key_rotation(
+      from_config: @old_config,
+      to_config: @new_config,
+      rotation_handler: mock_rotation_handler_class(instance: rotation_handler_instance)
+    )
+    rotating.value
+    rotation_handler_instance.verify
+  end
+  def test_rotation_invokes_the_rotation_error_handler_when_rotation_fails
+    rotation_handler_instance = Minitest::Mock.new
+    rotation_handler_instance.expect(:call, true)
+    rotation_error_handler_instance = Minitest::Mock.new
+    rotation_error_handler_instance.expect(:call, true)
+    wrong_key = generate_key
+    original = instance_with_attr_encrypted_config(@old_config)
+    original.value = "cleartext-value"
+    rotating = setup_key_rotation(
+      from_config: @old_config.merge(key: wrong_key),
+      to_config: @new_config,
+      rotation_handler: mock_rotation_handler_class(instance: rotation_handler_instance),
+      rotation_error_handler: mock_rotation_error_handler_class(instance: rotation_error_handler_instance)
+    )
+    rotating.encrypted_value = original.encrypted_value
+    rotating.value
+    rotation_error_handler_instance.verify
+  end
+  def instance_with_attr_encrypted_config(key: generate_key, iv: generate_iv)
+    FakeRotatable.class_eval do
+      attr_encrypted(
+        :value,
+        key: key,
+        iv: iv,
+      )
+    end
+    FakeRotatable.new
+  end
+  def setup_key_rotation(from_config: @old_config, to_config: @new_config, rotation_handler: proc {}, rotation_error_handler: proc {})
+    original = instance_with_attr_encrypted_config(from_config)
+    original.value = "cleartext-value"
+    FakeRotatable.class_eval do
+      attr_encrypted(
+        :value,
+        key: to_config.fetch(:key),
+        iv: to_config.fetch(:iv),
+        old_key: from_config.fetch(:key),
+        old_iv: from_config.fetch(:iv),
+        rotation_handler: rotation_handler,
+        rotation_error_handler: rotation_error_handler,
+      )
+    end
+    rotating = FakeRotatable.new
+    rotating.encrypted_value = original.encrypted_value
+    rotating
+  end
+  def generate_attr_encrypted_config(key: generate_key, iv: generate_iv)
+    {
+      key: key,
+      iv: iv,
+    }
+  end
+  def generate_key
+    SecureRandom.random_bytes(32)
+  end
+  def generate_iv
+    SecureRandom.random_bytes(12)
+  end
+  def mock_rotation_handler_class(instance:)
+    mock_rotation_handler_class = Minitest::Mock.new
+    mock_rotation_handler_class.expect(:new, instance, [FakeRotatable, :value, "cleartext-value", String, Hash])
+    mock_rotation_handler_class.expect(:!, false) # For presence checks
+    3.times { mock_rotation_handler_class.expect(:is_a?, false, [Symbol]) }
+    mock_rotation_handler_class
+  end
+  def mock_rotation_error_handler_class(instance:)
+    mock_rotation_handler_class = Minitest::Mock.new
+    mock_rotation_handler_class.expect(:new, instance, [FakeRotatable, :value, StandardError, String, Hash])
+    mock_rotation_handler_class.expect(:!, false) # For presence checks
+    3.times { mock_rotation_handler_class.expect(:is_a?, false, [Symbol]) }
+    mock_rotation_handler_class
+  end
+end

metadata CHANGED Viewed

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: powerhome-attr_encrypted
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.0
 platform: ruby
 authors:
 - Wade Winningham
 - Ben Langfeld
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-17 00:00:00.000000000 Z
+date: 2021-09-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: encryptor
@@ -235,6 +235,7 @@ files:
 - test/attr_encrypted_test.rb
 - test/compatibility_test.rb
 - test/data_mapper_test.rb
+- test/key_rotation_test.rb
 - test/legacy_active_record_test.rb
 - test/legacy_attr_encrypted_test.rb
 - test/legacy_compatibility_test.rb
@@ -274,8 +275,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key:
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Power's version of the attr_encrypted gem
 test_files:
@@ -283,6 +284,7 @@ test_files:
 - test/attr_encrypted_test.rb
 - test/compatibility_test.rb
 - test/data_mapper_test.rb
+- test/key_rotation_test.rb
 - test/legacy_active_record_test.rb
 - test/legacy_attr_encrypted_test.rb
 - test/legacy_compatibility_test.rb
@@ -291,4 +293,3 @@ test_files:
 - test/run.sh
 - test/sequel_test.rb
 - test/test_helper.rb
-...