slosilo 0.2.4 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 65875e4f2918012113c760db97863824ff8a6ea3
4
- data.tar.gz: 38e7368c8a394206a7502f54ef948695ba29b5d0
3
+ metadata.gz: 6c7c324bd61b795ff8dae75a39e3e462336994ba
4
+ data.tar.gz: 3297b732040b746dcef15177bbc986eac7ebeae5
5
5
  SHA512:
6
- metadata.gz: 37518e1a889771aa3ed3825f8fc3763a3df4d44068b67f4733c147fa6e931b0732a4f5f8ed453d00ddce6fce887216e1d5abca29da326ee3ddbb19d2e7e677ee
7
- data.tar.gz: aa2d4f8d3123ef4e8b8f4f16cd0ffb5cb881a0ce992513606224892f67e6dce179cd151b02424064a903e42afdf06b0374752b9487a04a64b4bf1290670f0771
6
+ metadata.gz: 8348e5761ba1e179a17ab339f4248550f0ebca633c63325cea058dd719e8f536e3627ee7a9336a69c1c08447abe1fb27f964d4f5178c72beee3107b663983a6b
7
+ data.tar.gz: dcfe2d6010915867a1f07c8fcb74f4e6203023110df5f332b2233bc66afdf88b146028bf9d06bc50c80e5a5a3364d1472c0cd3b94fba60fa9ea936ec214a750c
data/.gitignore CHANGED
@@ -18,3 +18,4 @@ tmp
18
18
  .rvmrc
19
19
  .project
20
20
  .kateproject.d
21
+ .idea
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2012 Rafał Rzepecki
1
+ Copyright (c) 2012 Conjur Inc
2
2
 
3
3
  MIT License
4
4
 
@@ -7,6 +7,10 @@ module Slosilo
7
7
  raise NotImplementedError
8
8
  end
9
9
 
10
+ def get_by_fingerprint fp
11
+ raise NotImplementedError
12
+ end
13
+
10
14
  def put_key id, key
11
15
  raise NotImplementedError
12
16
  end
@@ -8,16 +8,19 @@ module Slosilo
8
8
  def initialize(dir)
9
9
  @dir = dir
10
10
  @keys = {}
11
+ @fingerprints = {}
11
12
  Dir[File.join(@dir, "*.key")].each do |f|
12
13
  key = Slosilo::EncryptedAttributes.decrypt File.read(f)
13
- @keys[File.basename(f, '.key')] = key
14
+ id = File.basename(f, '.key')
15
+ key = @keys[id] = Slosilo::Key.new(key)
16
+ @fingerprints[key.fingerprint] = id
14
17
  end
15
18
  end
16
19
 
17
20
  def put_key id, value
18
21
  raise "id should not contain a period" if id.index('.')
19
22
  fname = File.join(dir, "#{id}.key")
20
- File.write(fname, Slosilo::EncryptedAttributes.encrypt(value))
23
+ File.write(fname, Slosilo::EncryptedAttributes.encrypt(value.to_der))
21
24
  File.chmod(0400, fname)
22
25
  @keys[id] = value
23
26
  end
@@ -25,6 +28,11 @@ module Slosilo
25
28
  def get_key id
26
29
  @keys[id]
27
30
  end
31
+
32
+ def get_by_fingerprint fp
33
+ id = @fingerprints[fp]
34
+ [@keys[id], id]
35
+ end
28
36
 
29
37
  def each(&block)
30
38
  @keys.each(&block)
@@ -0,0 +1,31 @@
1
+ require 'slosilo/adapters/abstract_adapter'
2
+
3
+ module Slosilo
4
+ module Adapters
5
+ class MemoryAdapter < AbstractAdapter
6
+ def initialize
7
+ @keys = {}
8
+ @fingerprints = {}
9
+ end
10
+
11
+ def put_key id, key
12
+ key = Slosilo::Key.new(key) if key.is_a?(String)
13
+ @keys[id] = key
14
+ @fingerprints[key.fingerprint] = id
15
+ end
16
+
17
+ def get_key id
18
+ @keys[id]
19
+ end
20
+
21
+ def get_by_fingerprint fp
22
+ id = @fingerprints[fp]
23
+ [@keys[id], id]
24
+ end
25
+
26
+ def each(&block)
27
+ @keys.each(&block)
28
+ end
29
+ end
30
+ end
31
+ end
@@ -1,8 +1,21 @@
1
1
  module Slosilo
2
2
  module Adapters
3
3
  class MockAdapter < Hash
4
- alias :put_key :[]=
4
+ def initialize
5
+ @fp = {}
6
+ end
7
+
8
+ def put_key id, key
9
+ @fp[key.fingerprint] = id
10
+ self[id] = key
11
+ end
12
+
5
13
  alias :get_key :[]
14
+
15
+ def get_by_fingerprint fp
16
+ id = @fp[fp]
17
+ [self[id], id]
18
+ end
6
19
  end
7
20
  end
8
21
  end
@@ -20,8 +20,8 @@ module Slosilo
20
20
  # and we can't use table_exists? because it rolls back
21
21
  create_table? keystore_table do
22
22
  String :id, primary_key: true
23
- # Note: currently only postgres is supported
24
23
  bytea :key, null: false
24
+ String :fingerprint, unique: true, null: false
25
25
  end
26
26
  end
27
27
 
@@ -15,18 +15,65 @@ module Slosilo
15
15
  end
16
16
 
17
17
  def put_key id, value
18
- model.create id: id, key: value
18
+ attrs = { id: id, key: value.to_der }
19
+ attrs[:fingerprint] = value.fingerprint if fingerprint_in_db?
20
+ model.create attrs
19
21
  end
20
22
 
21
23
  def get_key id
22
24
  stored = model[id]
23
25
  return nil unless stored
24
- stored.key
26
+ Slosilo::Key.new stored.key
25
27
  end
26
-
28
+
29
+ def get_by_fingerprint fp
30
+ if fingerprint_in_db?
31
+ stored = model[fingerprint: fp]
32
+ return nil unless stored
33
+ [Slosilo::Key.new(stored.key), stored.id]
34
+ else
35
+ warn "Please migrate to a new database schema using rake slosilo:migrate for efficient fingerprint lookups"
36
+ find_by_fingerprint fp
37
+ end
38
+ end
39
+
27
40
  def each
28
41
  model.each do |m|
29
- yield m.id, m.key
42
+ yield m.id, Slosilo::Key.new(m.key)
43
+ end
44
+ end
45
+
46
+ def migrate!
47
+ unless fingerprint_in_db?
48
+ model.db.transaction do
49
+ model.db.alter_table :slosilo_keystore do
50
+ add_column :fingerprint, String
51
+ end
52
+
53
+ # reload the schema
54
+ model.set_dataset model.dataset
55
+
56
+ model.each do |m|
57
+ m.update fingerprint: Slosilo::Key.new(m.key).fingerprint
58
+ end
59
+
60
+ model.db.alter_table :slosilo_keystore do
61
+ set_column_not_null :fingerprint
62
+ add_unique_constraint :fingerprint
63
+ end
64
+ end
65
+ end
66
+ end
67
+
68
+ private
69
+
70
+ def fingerprint_in_db?
71
+ model.columns.include? :fingerprint
72
+ end
73
+
74
+ def find_by_fingerprint fp
75
+ each do |id, k|
76
+ return [k, id] if k.fingerprint == fp
30
77
  end
31
78
  end
32
79
  end
data/lib/slosilo/key.rb CHANGED
@@ -48,7 +48,7 @@ module Slosilo
48
48
  end
49
49
 
50
50
  def to_der
51
- @key.to_der
51
+ @to_der ||= @key.to_der
52
52
  end
53
53
 
54
54
  def sign value
@@ -74,22 +74,34 @@ module Slosilo
74
74
 
75
75
  def token_valid? token, expiry = 8 * 60
76
76
  token = token.clone
77
- signature = Base64::urlsafe_decode64(token.delete "signature")
78
77
  expected_key = token.delete "key"
79
- return false if expected_key and expected_key != fingerprint
78
+ return false if (expected_key and (expected_key != fingerprint))
79
+ signature = Base64::urlsafe_decode64(token.delete "signature")
80
80
  (Time.parse(token["timestamp"]) + expiry > Time.now) && verify_signature(token, signature)
81
81
  end
82
82
 
83
83
  def sign_string value
84
- _salt = salt
85
- key.private_encrypt(hash_function.digest(_salt + value)) + _salt
84
+ salt = self.salt
85
+ key.private_encrypt(hash_function.digest(salt + value)) + salt
86
86
  end
87
87
 
88
88
  def fingerprint
89
- OpenSSL::Digest::MD5.hexdigest key.public_key.to_der
89
+ @fingerprint ||= OpenSSL::Digest::MD5.hexdigest key.public_key.to_der
90
+ end
91
+
92
+ def == other
93
+ to_der == other.to_der
94
+ end
95
+
96
+ alias_method :eql?, :==
97
+
98
+ def hash
99
+ to_der.hash
90
100
  end
91
101
 
92
102
  private
103
+ # Note that this is currently somewhat shallow stringification --
104
+ # to implement originating tokens we may need to make it deeper.
93
105
  def stringify value
94
106
  case value
95
107
  when Hash
@@ -7,16 +7,25 @@ module Slosilo
7
7
  end
8
8
 
9
9
  def put id, key
10
- adapter.put_key id.to_s, key.to_der
10
+ adapter.put_key id.to_s, key
11
11
  end
12
12
 
13
- def get id
14
- key = adapter.get_key(id.to_s)
15
- key && Key.new(key)
13
+ def get opts
14
+ id, fingerprint = opts.is_a?(Hash) ? [nil, opts[:fingerprint]] : [opts, nil]
15
+ if id
16
+ key = adapter.get_key(id.to_s)
17
+ elsif fingerprint
18
+ key, _ = get_by_fingerprint(fingerprint)
19
+ end
20
+ key
21
+ end
22
+
23
+ def get_by_fingerprint fingerprint
24
+ adapter.get_by_fingerprint fingerprint
16
25
  end
17
26
 
18
27
  def each &_
19
- adapter.each { |k, v| yield k, Key.new(v) }
28
+ adapter.each { |k, v| yield k, v }
20
29
  end
21
30
 
22
31
  def any? &block
@@ -49,10 +58,12 @@ module Slosilo
49
58
  end
50
59
 
51
60
  def token_signer token
52
- each do |id, key|
53
- return id if key.token_valid? token
61
+ key, id = keystore.get_by_fingerprint token['key']
62
+ if key && key.token_valid?(token)
63
+ return id
64
+ else
65
+ return nil
54
66
  end
55
- return nil
56
67
  end
57
68
 
58
69
  attr_accessor :adapter
@@ -1,3 +1,3 @@
1
1
  module Slosilo
2
- VERSION = "0.2.4"
2
+ VERSION = "0.4.0"
3
3
  end
@@ -19,4 +19,9 @@ namespace :slosilo do
19
19
  Slosilo[args[:name]] = key
20
20
  puts key
21
21
  end
22
+
23
+ desc "Migrate to a new database schema"
24
+ task :migrate => :environment do |t|
25
+ Slosilo.adapter.migrate!
26
+ end
22
27
  end
data/slosilo.gemspec CHANGED
@@ -7,6 +7,7 @@ Gem::Specification.new do |gem|
7
7
  gem.description = %q{This gem provides an easy way of storing and retrieving encryption keys in the database.}
8
8
  gem.summary = %q{Store SSL keys in a database}
9
9
  gem.homepage = ""
10
+ gem.license = "MIT"
10
11
 
11
12
  gem.files = `git ls-files`.split($\)
12
13
  gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
@@ -14,7 +15,7 @@ Gem::Specification.new do |gem|
14
15
  gem.name = "slosilo"
15
16
  gem.require_paths = ["lib"]
16
17
  gem.version = Slosilo::VERSION
17
- gem.required_ruby_version = '> 1.9.3'
18
+ gem.required_ruby_version = '>= 1.9.3'
18
19
 
19
20
  gem.add_development_dependency 'rake'
20
21
  gem.add_development_dependency 'rspec'
@@ -1,12 +1,12 @@
1
1
  require 'spec_helper'
2
+ require 'tmpdir'
2
3
 
3
4
  require 'slosilo/adapters/file_adapter'
4
5
 
5
6
  describe Slosilo::Adapters::FileAdapter do
6
- let(:dir) {
7
- require 'tmpdir'
8
- Dir.mktmpdir
9
- }
7
+ include_context "with example key"
8
+
9
+ let(:dir) { Dir.mktmpdir }
10
10
  let(:adapter) { Slosilo::Adapters::FileAdapter.new dir }
11
11
  subject { adapter }
12
12
 
@@ -19,7 +19,6 @@ describe Slosilo::Adapters::FileAdapter do
19
19
  end
20
20
 
21
21
  describe "#put_key" do
22
- let(:key) { "key" }
23
22
  context "unacceptable id" do
24
23
  let(:id) { "foo.bar" }
25
24
  it "isn't accepted" do
@@ -31,7 +30,7 @@ describe Slosilo::Adapters::FileAdapter do
31
30
  let(:key_encrypted) { "encrypted key" }
32
31
  let(:fname) { "#{dir}/#{id}.key" }
33
32
  it "creates the key" do
34
- Slosilo::EncryptedAttributes.should_receive(:encrypt).with(key).and_return key_encrypted
33
+ Slosilo::EncryptedAttributes.should_receive(:encrypt).with(key.to_der).and_return key_encrypted
35
34
  File.should_receive(:write).with(fname, key_encrypted)
36
35
  File.should_receive(:chmod).with(0400, fname)
37
36
  subject.put_key id, key
@@ -49,9 +48,8 @@ describe Slosilo::Adapters::FileAdapter do
49
48
  results.should == [ { one: :onek}, {two: :twok } ]
50
49
  end
51
50
  end
52
-
53
- describe 'key store' do
54
- let(:key) { 'fake key' }
51
+
52
+ context 'with real key store' do
55
53
  let(:id) { 'some id' }
56
54
 
57
55
  before do
@@ -59,14 +57,25 @@ describe Slosilo::Adapters::FileAdapter do
59
57
  pre_adapter = Slosilo::Adapters::FileAdapter.new dir
60
58
  pre_adapter.put_key(id, key)
61
59
  end
62
-
63
- it "loads and decrypts the key" do
64
- adapter.get_key(id).should == key
60
+
61
+ describe '#get_key' do
62
+ it "loads and decrypts the key" do
63
+ adapter.get_key(id).should == key
64
+ end
65
65
  end
66
- it "enumerates the keys" do
67
- results = []
68
- adapter.each { |id,k| results << { id => k } }
69
- results.should == [ { id => key } ]
66
+
67
+ describe '#get_by_fingerprint' do
68
+ it "can look up a key by a fingerprint" do
69
+ adapter.get_by_fingerprint(key_fingerprint).should == [key, id]
70
+ end
71
+ end
72
+
73
+ describe '#each' do
74
+ it "enumerates the keys" do
75
+ results = []
76
+ adapter.each { |id,k| results << { id => k } }
77
+ results.should == [ { id => key } ]
78
+ end
70
79
  end
71
80
  end
72
81
  end
data/spec/io_helper.rb ADDED
@@ -0,0 +1,18 @@
1
+ class IO
2
+ def grab &block
3
+ @grabbed_output = ""
4
+ class << self
5
+ def write arg
6
+ @grabbed_output += arg
7
+ end
8
+ end
9
+
10
+ begin
11
+ yield
12
+ ensure
13
+ singleton_class.send :remove_method, :write
14
+ end
15
+
16
+ @grabbed_output
17
+ end
18
+ end
data/spec/key_spec.rb CHANGED
@@ -7,7 +7,37 @@ describe Slosilo::Key do
7
7
  its(:to_der) { should == rsa.to_der }
8
8
  its(:to_s) { should == rsa.public_key.to_pem }
9
9
  its(:fingerprint) { should == key_fingerprint }
10
+
11
+ context "with identical key" do
12
+ let(:other) { Slosilo::Key.new rsa.to_der }
13
+ it "is equal" do
14
+ subject.should == other
15
+ end
16
+
17
+ it "is eql?" do
18
+ subject.eql?(other).should be_true
19
+ end
20
+
21
+ it "has equal hash" do
22
+ subject.hash.should == other.hash
23
+ end
24
+ end
10
25
 
26
+ context "with a different key" do
27
+ let(:other) { Slosilo::Key.new another_rsa }
28
+ it "is not equal" do
29
+ subject.should_not == other
30
+ end
31
+
32
+ it "is not eql?" do
33
+ subject.eql?(other).should_not be_true
34
+ end
35
+
36
+ it "has different hash" do
37
+ subject.hash.should_not == other.hash
38
+ end
39
+ end
40
+
11
41
  let(:plaintext) { 'quick brown fox jumped over the lazy dog' }
12
42
  describe '#encrypt' do
13
43
  it "generates a symmetric encryption key and encrypts the plaintext with the public key" do
@@ -5,9 +5,14 @@ describe Slosilo::Keystore do
5
5
  include_context "with mock adapter"
6
6
 
7
7
  describe '#put' do
8
- it "handles Slosilo::Keys too" do
8
+ it "handles Slosilo::Keys" do
9
9
  subject.put(:test, key)
10
- adapter['test'].should == rsa.to_der
10
+ adapter['test'].to_der.should == rsa.to_der
11
+ end
12
+
13
+ it "passes the Slosilo key to the adapter" do
14
+ adapter.should_receive(:put_key).with "test", key
15
+ subject.put :test, key
11
16
  end
12
17
  end
13
18
  end
@@ -1,8 +1,12 @@
1
1
  require 'spec_helper'
2
+ require 'sequel'
3
+ require 'io_helper'
2
4
 
3
5
  require 'slosilo/adapters/sequel_adapter'
4
6
 
5
7
  describe Slosilo::Adapters::SequelAdapter do
8
+ include_context "with example key"
9
+
6
10
  let(:model) { double "model" }
7
11
  before { subject.stub create_model: model }
8
12
 
@@ -13,13 +17,27 @@ describe Slosilo::Adapters::SequelAdapter do
13
17
  subject.get_key(:whatever).should_not be
14
18
  end
15
19
  end
20
+
21
+ context "when it exists" do
22
+ let(:id) { "id" }
23
+ before { model.stub(:[]).with(id).and_return (double "key entry", id: id, key: rsa.to_der) }
24
+ it "returns it" do
25
+ subject.get_key(id).should == key
26
+ end
27
+ end
16
28
  end
17
29
 
18
30
  describe "#put_key" do
19
31
  let(:id) { "id" }
20
- let(:key) { "key" }
21
32
  it "creates the key" do
22
- model.should_receive(:create).with id: id, key: key
33
+ model.should_receive(:create).with id: id, key: key.to_der
34
+ model.stub columns: [:id, :key]
35
+ subject.put_key id, key
36
+ end
37
+
38
+ it "adds the fingerprint if feasible" do
39
+ model.should_receive(:create).with id: id, key: key.to_der, fingerprint: key.fingerprint
40
+ model.stub columns: [:id, :key, :fingerprint]
23
41
  subject.put_key id, key
24
42
  end
25
43
  end
@@ -32,29 +50,71 @@ describe Slosilo::Adapters::SequelAdapter do
32
50
 
33
51
  it "iterates over each key" do
34
52
  results = []
53
+ Slosilo::Key.stub(:new) {|x|x}
35
54
  adapter.each { |id,k| results << { id => k } }
36
55
  results.should == [ { one: :onek}, {two: :twok } ]
37
56
  end
38
57
  end
39
-
40
- describe '#model' do
58
+
59
+ context do
41
60
  let(:db) { Sequel.sqlite }
42
61
  before do
43
62
  Slosilo::encryption_key = Slosilo::Symmetric.new.random_key
44
63
  subject.unstub :create_model
45
- require 'sequel'
64
+ Sequel::Model.cache_anonymous_models = false
46
65
  Sequel::Model.db = db
47
- Sequel.extension :migration
48
- require 'slosilo/adapters/sequel_adapter/migration'
49
- Sequel::Migration::descendants.first.apply db, :up
50
- end
51
-
52
- let(:key) { 'fake key' }
53
- let(:id) { 'some id' }
54
- it "transforms (encrypts) the key" do
55
- subject.model.create id: id, key: key
56
- db[:slosilo_keystore][id: id][:key].should_not == key
57
- subject.model[id].key.should == key
66
+ end
67
+
68
+ context "with old schema" do
69
+ before do
70
+ db.create_table :slosilo_keystore do
71
+ String :id, primary_key: true
72
+ bytea :key, null: false
73
+ end
74
+ subject.put_key 'test', key
75
+ end
76
+
77
+ context "after migration" do
78
+ before { subject.migrate! }
79
+
80
+ it "supports look up by id" do
81
+ subject.get_key("test").should == key
82
+ end
83
+
84
+ it "supports look up by fingerprint, without a warning" do
85
+ STDERR.grab do
86
+ subject.get_by_fingerprint(key.fingerprint).should == [key, 'test']
87
+ end.should be_empty
88
+ end
89
+ end
90
+
91
+ it "supports look up by id" do
92
+ subject.get_key("test").should == key
93
+ end
94
+
95
+ it "supports look up by fingerprint, but issues a warning" do
96
+ STDERR.grab do
97
+ subject.get_by_fingerprint(key.fingerprint).should == [key, 'test']
98
+ end.should_not be_empty
99
+ end
100
+ end
101
+
102
+ context "with current schema" do
103
+ before do
104
+ Sequel.extension :migration
105
+ require 'slosilo/adapters/sequel_adapter/migration.rb'
106
+ Sequel::Migration::descendants.first.apply db, :up
107
+ subject.put_key 'test', key
108
+ end
109
+
110
+
111
+ it "supports look up by id" do
112
+ subject.get_key("test").should == key
113
+ end
114
+
115
+ it "supports look up by fingerprint" do
116
+ subject.get_by_fingerprint(key.fingerprint).should == [key, 'test']
117
+ end
58
118
  end
59
119
  end
60
120
  end
data/spec/slosilo_spec.rb CHANGED
@@ -2,13 +2,17 @@ require 'spec_helper'
2
2
 
3
3
  describe Slosilo do
4
4
  include_context "with mock adapter"
5
- let(:key) { OpenSSL::PKey::RSA.new 512 }
6
- before { adapter['test'] = key.to_der }
5
+ include_context "with example key"
6
+ before { Slosilo['test'] = key }
7
7
 
8
8
  describe '[]' do
9
9
  it "returns a Slosilo::Key" do
10
10
  Slosilo[:test].should be_instance_of Slosilo::Key
11
11
  end
12
+
13
+ it "allows looking up by fingerprint" do
14
+ Slosilo[fingerprint: key_fingerprint].should == key
15
+ end
12
16
 
13
17
  context "when the requested key does not exist" do
14
18
  it "returns nil instead of creating a new key" do
@@ -49,7 +53,7 @@ describe Slosilo do
49
53
  let(:invalid_key) { double token_valid?: true }
50
54
  before do
51
55
  Slosilo::Key.stub new: invalid_key
52
- Slosilo::Key.stub(:new).with(key2).and_return(valid_key)
56
+ adapter[:key2] = valid_key
53
57
  end
54
58
 
55
59
  it { should be_true }
@@ -57,21 +61,32 @@ describe Slosilo do
57
61
  end
58
62
 
59
63
  describe '.token_signer' do
60
- let(:token) { double "token" }
61
- let(:key_one) { double "key", token_valid?: false }
62
- let(:other_key) { double "another key", token_valid?: false }
63
-
64
- before do
65
- subject.stub(:each).and_yield('test', key_one).and_yield('other', other_key)
66
- end
67
-
68
- it "returns nil when token doesn't have a valid signature from any known key" do
69
- subject.token_signer(token).should_not be
64
+
65
+ context "when token matches a key" do
66
+ let(:token) {{ 'data' => 'foo', 'key' => key.fingerprint, 'signature' => 'XXX' }}
67
+
68
+ context "and the signature is valid" do
69
+ before { key.stub(:token_valid?).with(token).and_return true }
70
+
71
+ it "returns the key id" do
72
+ subject.token_signer(token).should == 'test'
73
+ end
74
+ end
75
+
76
+ context "and the signature is invalid" do
77
+ before { key.stub(:token_valid?).with(token).and_return false }
78
+
79
+ it "returns nil" do
80
+ subject.token_signer(token).should_not be
81
+ end
82
+ end
70
83
  end
71
-
72
- it "returns the name of the key which validates the token" do
73
- other_key.stub(:token_valid?).with(token).and_return true
74
- subject.token_signer(token).to_s.should == 'other'
84
+
85
+ context "when token doesn't match a key" do
86
+ let(:token) {{ 'data' => 'foo', 'key' => "footprint", 'signature' => 'XXX' }}
87
+ it "returns nil" do
88
+ subject.token_signer(token).should_not be
89
+ end
75
90
  end
76
91
  end
77
92
  end
data/spec/spec_helper.rb CHANGED
@@ -42,6 +42,38 @@ Dg1ikwi8GUF4HPZe9DyhXgDhg19wM/qcpjX8bSypsUWHWP+FanhjdWU=
42
42
  """ }
43
43
  let (:key) { Slosilo::Key.new rsa.to_der }
44
44
  let (:key_fingerprint) { "d28e3a347e368416b3129a40c1b887fe" }
45
+
46
+ let (:another_rsa) do
47
+ OpenSSL::PKey::RSA.new """
48
+ -----BEGIN RSA PRIVATE KEY-----
49
+ MIIEowIBAAKCAQEAryP0uGEIcDFmHDj1MjxbW+eWMeQ1k2FTKI7qx2M3MP9FR3Bz
50
+ KjFzGKnAA6QV46K/QtEt+wpWedB/bcikPXY4/vh/b2TEi8Ybw2ztT1oW9le8Djsz
51
+ 3sQv5QrHsOXzSIARw4NZYxunxMFKCVC9jA8tXJb16RLgS3wAOMiPADlWIKEmPIX6
52
+ +hg2PDgFcrCuL3XAwJ4GKy3Q5BpIFF2j+wRNfjCXDFf1bU9Gy9DND8Y50Khhw/Zn
53
+ GYN1Y3AZ3YPzz1SPf08WM663ImYwORjdkA5VlIAMKcmSStNZZUrCOo7DQjNZVD2O
54
+ vfGhGUlPqYkmTPnCG2aNP8aJm3IbF+Cb6N6PjwIDAQABAoIBAEaYtr9PlagrsV40
55
+ 81kxjR3pptgrhhEHTQ7vNOH0Mz4T16gpQrLCRgOuARE2pgAhDPlw+hjUHPFzQrpN
56
+ Ay8nJWhZYHzVYIh67ZwDn1C6HsFjshEGei0UZb3sb3v15O/Xd9GYc4KIlkKwKxjA
57
+ K/d18rH8w9kUW8bxj+FTrpjHg9kYkWGjl1WUM4o4dALVVAbbILCHKUIv3wmU5Off
58
+ oqBDunItrfVvvc9UOt1SMO15fwuZZpk0B5cjjo6+1NNpIOzqnuu48iI5dQRAIr50
59
+ n44U4/Ix4E1p4i/9i5trCeSZRMrVxBruNxFBtCeDU6YW5fXYNBLptndfb83iqSJf
60
+ 46myqakCgYEA2MAsbtOcvQv+C7KsRMQih4WqpybV/TRdeC+dZ3flPvSuI8VLJAHp
61
+ p2Tp3WXATCwgUWL/iktwWE7WFMn3VvAuMm2ITmAze/Uk71uUS5R+iaGIeRXHgd9J
62
+ fyJrIeD63ncWbb23rif2sO6zH4cp9NLS/OopHiRNlRsWEUoGpybxczMCgYEAztrf
63
+ mX4oqjqk4af4o4/UHVp3Y9lpcUXRi6dYYECoqv6wS7qCIbJkD4I4P6oTwvk25vbk
64
+ p9fwOttuqHC53/rDXVjedNe9VExIe5NhVaug1SyArw/qsafYs0QeDRBkSgCcLfP6
65
+ LP4g824Wbv52X33BO0rJbDCICDqGDCOkqB4XcjUCgYBCkcMTxqo85ZIAxb9i31o7
66
+ hTIEZEkUmyCZ6QXO4WPnEf7pvY52YKACaVvqQ3Xr7yF93YneT40RkiTt/ZmZeeq2
67
+ Ui2q5KDrUT8mxFmnXNQAMTxY8/dyS8Gm6ks8/HwQF0MsMThYpK1/adBZvomER7vF
68
+ MaWvPDcXtFnytWmVrMA7QQKBgQDIHpHR4m6e+atIMIPoYR5Z44q7i7tp/ZzTGevy
69
+ +rry6wFN0jtRNE9/fYDDftwtdYL7AYKHKu7bUi0FQkFhAi39YhudOJaPNlmtTBEP
70
+ m8I2Wh6IvsJUa0jHbbAQ/Xm46kwuXOn8m0LvnuKPMRj+GyBVJ24kf/Mq2suSdO04
71
+ RBx0vQKBgFz93G6bSzmFg0BRTqRWEXEIuYkMIZDe48OjeP4pLYH9aERsL/f/8Dyc
72
+ X2nOMv/TdLP7mvGnwCt/sQ2626DdiNqimekyBki9J2r6BzBNVmEvnLAcYaQAiQYz
73
+ ooQ2FuL0K6ukQfHPjuMswqi41lmVH8gIVqVC+QnImUCrGxH9WXWy
74
+ -----END RSA PRIVATE KEY-----
75
+ """
76
+ end
45
77
 
46
78
  def self.mock_own_key
47
79
  before { Slosilo.stub(:[]).with(:own).and_return key }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: slosilo
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.4
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafał Rzepecki
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-05-24 00:00:00.000000000 Z
11
+ date: 2013-12-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -111,6 +111,7 @@ files:
111
111
  - lib/slosilo.rb
112
112
  - lib/slosilo/adapters/abstract_adapter.rb
113
113
  - lib/slosilo/adapters/file_adapter.rb
114
+ - lib/slosilo/adapters/memory_adapter.rb
114
115
  - lib/slosilo/adapters/mock_adapter.rb
115
116
  - lib/slosilo/adapters/sequel_adapter.rb
116
117
  - lib/slosilo/adapters/sequel_adapter/migration.rb
@@ -127,6 +128,7 @@ files:
127
128
  - spec/file_adapter_spec.rb
128
129
  - spec/http_request_spec.rb
129
130
  - spec/http_stack_spec.rb
131
+ - spec/io_helper.rb
130
132
  - spec/key_spec.rb
131
133
  - spec/keystore_spec.rb
132
134
  - spec/rack_middleware_spec.rb
@@ -136,7 +138,8 @@ files:
136
138
  - spec/spec_helper.rb
137
139
  - spec/symmetric_spec.rb
138
140
  homepage: ''
139
- licenses: []
141
+ licenses:
142
+ - MIT
140
143
  metadata: {}
141
144
  post_install_message:
142
145
  rdoc_options: []
@@ -144,7 +147,7 @@ require_paths:
144
147
  - lib
145
148
  required_ruby_version: !ruby/object:Gem::Requirement
146
149
  requirements:
147
- - - '>'
150
+ - - '>='
148
151
  - !ruby/object:Gem::Version
149
152
  version: 1.9.3
150
153
  required_rubygems_version: !ruby/object:Gem::Requirement
@@ -162,6 +165,7 @@ test_files:
162
165
  - spec/file_adapter_spec.rb
163
166
  - spec/http_request_spec.rb
164
167
  - spec/http_stack_spec.rb
168
+ - spec/io_helper.rb
165
169
  - spec/key_spec.rb
166
170
  - spec/keystore_spec.rb
167
171
  - spec/rack_middleware_spec.rb