symmetric-encryption 2.2.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +39 -1
- data/Rakefile +4 -16
- data/lib/symmetric_encryption/cipher.rb +189 -103
- data/lib/symmetric_encryption/reader.rb +16 -5
- data/lib/symmetric_encryption/symmetric_encryption.rb +203 -116
- data/lib/symmetric_encryption/version.rb +1 -1
- data/lib/symmetric_encryption/writer.rb +1 -1
- data/test/attr_encrypted_test.rb +2 -2
- data/test/cipher_test.rb +30 -10
- data/test/config/symmetric-encryption.yml +41 -11
- data/test/field_encrypted_test.rb +2 -2
- data/test/reader_test.rb +23 -14
- data/test/symmetric_encryption_test.rb +58 -26
- data/test/test_db.sqlite3 +0 -0
- data/test/writer_test.rb +4 -0
- metadata +24 -16
- data/Gemfile +0 -19
- data/Gemfile.lock +0 -61
- data/nbproject/private/config.properties +0 -0
- data/nbproject/private/private.properties +0 -1
- data/nbproject/private/private.xml +0 -4
- data/nbproject/private/rake-d.txt +0 -4
- data/nbproject/project.properties +0 -9
- data/nbproject/project.xml +0 -16
data/test/reader_test.rb
CHANGED
@@ -22,19 +22,24 @@ class ReaderTest < Test::Unit::TestCase
|
|
22
22
|
]
|
23
23
|
@data_str = @data.inject('') {|sum,str| sum << str}
|
24
24
|
@data_len = @data_str.length
|
25
|
-
|
25
|
+
# Use Cipher 0 since it does not always include a header
|
26
|
+
@cipher = SymmetricEncryption.cipher(0)
|
27
|
+
@data_encrypted_without_header = @cipher.binary_encrypt(@data_str)
|
26
28
|
|
27
|
-
@data_encrypted_with_header = SymmetricEncryption::Cipher.
|
28
|
-
|
29
|
+
@data_encrypted_with_header = SymmetricEncryption::Cipher.build_header(
|
30
|
+
@cipher.version,
|
29
31
|
compress = false,
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
32
|
+
@cipher.send(:iv),
|
33
|
+
@cipher.send(:key),
|
34
|
+
@cipher.cipher_name,
|
35
|
+
binary=false,
|
36
|
+
)
|
37
|
+
@data_encrypted_with_header << @cipher.binary_encrypt(@data_str)
|
34
38
|
|
35
39
|
# Verify regular decrypt can decrypt this string
|
36
|
-
|
37
|
-
|
40
|
+
@cipher.binary_decrypt(@data_encrypted_without_header)
|
41
|
+
@cipher.binary_decrypt(@data_encrypted_with_header)
|
42
|
+
assert @data_encrypted_without_header != @data_encrypted_with_header
|
38
43
|
end
|
39
44
|
|
40
45
|
[true, false].each do |header|
|
@@ -45,13 +50,15 @@ class ReaderTest < Test::Unit::TestCase
|
|
45
50
|
|
46
51
|
should "#read()" do
|
47
52
|
stream = StringIO.new(@data_encrypted)
|
48
|
-
|
53
|
+
# Version 0 supplied if the file/stream does not have a header
|
54
|
+
decrypted = SymmetricEncryption::Reader.open(stream, version: 0) {|file| file.read}
|
49
55
|
assert_equal @data_str, decrypted
|
50
56
|
end
|
51
57
|
|
52
58
|
should "#read(size) followed by #read()" do
|
53
59
|
stream = StringIO.new(@data_encrypted)
|
54
|
-
|
60
|
+
# Version 0 supplied if the file/stream does not have a header
|
61
|
+
decrypted = SymmetricEncryption::Reader.open(stream, version: 0) do |file|
|
55
62
|
file.read(10)
|
56
63
|
file.read
|
57
64
|
end
|
@@ -61,7 +68,8 @@ class ReaderTest < Test::Unit::TestCase
|
|
61
68
|
should "#each_line" do
|
62
69
|
stream = StringIO.new(@data_encrypted)
|
63
70
|
i = 0
|
64
|
-
|
71
|
+
# Version 0 supplied if the file/stream does not have a header
|
72
|
+
decrypted = SymmetricEncryption::Reader.open(stream, version: 0) do |file|
|
65
73
|
file.each_line do |line|
|
66
74
|
assert_equal @data[i], line
|
67
75
|
i += 1
|
@@ -72,7 +80,8 @@ class ReaderTest < Test::Unit::TestCase
|
|
72
80
|
should "#read(size)" do
|
73
81
|
stream = StringIO.new(@data_encrypted)
|
74
82
|
i = 0
|
75
|
-
|
83
|
+
# Version 0 supplied if the file/stream does not have a header
|
84
|
+
decrypted = SymmetricEncryption::Reader.open(stream, version: 0) do |file|
|
76
85
|
index = 0
|
77
86
|
[0,10,5,5000].each do |size|
|
78
87
|
buf = file.read(size)
|
@@ -305,7 +314,7 @@ class ReaderTest < Test::Unit::TestCase
|
|
305
314
|
should "decrypt from file in a single read with different version" do
|
306
315
|
# Should fail since file was encrypted using version 0 key
|
307
316
|
assert_raise OpenSSL::Cipher::CipherError do
|
308
|
-
SymmetricEncryption::Reader.open(@filename, :version =>
|
317
|
+
SymmetricEncryption::Reader.open(@filename, :version => 2) {|file| file.read}
|
309
318
|
end
|
310
319
|
end
|
311
320
|
end
|
@@ -16,38 +16,37 @@ class SymmetricEncryptionTest < Test::Unit::TestCase
|
|
16
16
|
|
17
17
|
context 'configuration' do
|
18
18
|
setup do
|
19
|
-
@
|
20
|
-
|
21
|
-
assert @cipher_v0 = @config[:ciphers][1]
|
19
|
+
@ciphers = SymmetricEncryption.send(:read_config, File.join(File.dirname(__FILE__), 'config', 'symmetric-encryption.yml'), 'test')
|
20
|
+
@cipher_v2, @cipher_v1, @cipher_v0 = @ciphers
|
22
21
|
end
|
23
22
|
|
24
23
|
should "match config file for first cipher" do
|
25
24
|
cipher = SymmetricEncryption.cipher
|
26
|
-
|
27
|
-
|
25
|
+
assert @cipher_v2.send(:key)
|
26
|
+
assert @cipher_v2.send(:iv)
|
27
|
+
assert @cipher_v2.version
|
28
|
+
assert_equal @cipher_v2.cipher_name, cipher.cipher_name
|
29
|
+
assert_equal @cipher_v2.version, cipher.version
|
28
30
|
assert_equal false, SymmetricEncryption.secondary_ciphers.include?(cipher)
|
29
31
|
end
|
30
32
|
|
31
33
|
should "match config file for v1 cipher" do
|
32
|
-
cipher = SymmetricEncryption.cipher(
|
33
|
-
assert @
|
34
|
-
assert @
|
35
|
-
assert_equal @
|
36
|
-
assert_equal @
|
34
|
+
cipher = SymmetricEncryption.cipher(2)
|
35
|
+
assert @cipher_v2.cipher_name
|
36
|
+
assert @cipher_v2.version
|
37
|
+
assert_equal @cipher_v2.cipher_name, cipher.cipher_name
|
38
|
+
assert_equal @cipher_v2.version, cipher.version
|
37
39
|
assert_equal false, SymmetricEncryption.secondary_ciphers.include?(cipher)
|
38
40
|
end
|
39
41
|
|
40
42
|
should "match config file for v0 cipher" do
|
41
43
|
cipher = SymmetricEncryption.cipher(0)
|
42
|
-
assert @cipher_v0
|
43
|
-
assert @cipher_v0
|
44
|
-
assert_equal @cipher_v0
|
45
|
-
assert_equal @cipher_v0
|
44
|
+
assert @cipher_v0.cipher_name
|
45
|
+
assert @cipher_v0.version
|
46
|
+
assert_equal @cipher_v0.cipher_name, cipher.cipher_name
|
47
|
+
assert_equal @cipher_v0.version, cipher.version
|
46
48
|
assert_equal true, SymmetricEncryption.secondary_ciphers.include?(cipher)
|
47
49
|
end
|
48
|
-
|
49
|
-
should 'read ciphers from config file' do
|
50
|
-
end
|
51
50
|
end
|
52
51
|
|
53
52
|
SymmetricEncryption::Cipher::ENCODINGS.each do |encoding|
|
@@ -57,13 +56,13 @@ class SymmetricEncryptionTest < Test::Unit::TestCase
|
|
57
56
|
@social_security_number_encrypted =
|
58
57
|
case encoding
|
59
58
|
when :base64
|
60
|
-
"
|
59
|
+
"QEVuQwIAS+8X1NRrqdfEIQyFHVPuVA==\n"
|
61
60
|
when :base64strict
|
62
|
-
"
|
61
|
+
"QEVuQwIAS+8X1NRrqdfEIQyFHVPuVA=="
|
63
62
|
when :base16
|
64
|
-
"
|
63
|
+
"40456e4302004bef17d4d46ba9d7c4210c851d53ee54"
|
65
64
|
when :none
|
66
|
-
"
|
65
|
+
"@EnC\x02\x00K\xEF\x17\xD4\xD4k\xA9\xD7\xC4!\f\x85\x1DS\xEET".force_encoding(Encoding.find("binary"))
|
67
66
|
else
|
68
67
|
raise "Add test for encoding: #{encoding}"
|
69
68
|
end
|
@@ -88,28 +87,61 @@ class SymmetricEncryptionTest < Test::Unit::TestCase
|
|
88
87
|
assert_equal true, SymmetricEncryption.encrypted?(@social_security_number_encrypted)
|
89
88
|
assert_equal false, SymmetricEncryption.encrypted?(@social_security_number)
|
90
89
|
end
|
90
|
+
end
|
91
|
+
|
92
|
+
context "using select_cipher" do
|
93
|
+
setup do
|
94
|
+
@social_security_number = "987654321"
|
95
|
+
# Encrypt data without a header and encode with base64 which has a trailing '\n'
|
96
|
+
@encrypted_0_ssn = SymmetricEncryption.cipher(0).encode(SymmetricEncryption.cipher(0).binary_encrypt(@social_security_number,false,false,false))
|
91
97
|
|
92
|
-
|
93
|
-
|
98
|
+
SymmetricEncryption.select_cipher do |encoded_str, decoded_str|
|
99
|
+
# Use cipher version 0 if the encoded string ends with "\n" otherwise
|
100
|
+
# use the current default cipher
|
101
|
+
encoded_str.end_with?("\n") ? SymmetricEncryption.cipher(0) : SymmetricEncryption.cipher
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
teardown do
|
106
|
+
# Clear out select_cipher
|
107
|
+
SymmetricEncryption.select_cipher
|
108
|
+
end
|
109
|
+
|
110
|
+
should "decrypt string without a header using an old cipher" do
|
111
|
+
assert_equal @social_security_number, SymmetricEncryption.decrypt(@encrypted_0_ssn)
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
context "without select_cipher" do
|
116
|
+
setup do
|
117
|
+
@social_security_number = "987654321"
|
118
|
+
# Encrypt data without a header and encode with base64 which has a trailing '\n'
|
119
|
+
assert @encrypted_0_ssn = SymmetricEncryption.cipher(0).encode(SymmetricEncryption.cipher(0).binary_encrypt(@social_security_number,false,false,false))
|
120
|
+
end
|
121
|
+
|
122
|
+
should "decrypt string without a header using an old cipher" do
|
123
|
+
assert_raises OpenSSL::Cipher::CipherError do
|
124
|
+
SymmetricEncryption.decrypt(@encrypted_0_ssn)
|
125
|
+
end
|
94
126
|
end
|
95
127
|
end
|
96
128
|
end
|
97
129
|
|
98
130
|
context "random iv" do
|
99
131
|
setup do
|
100
|
-
|
132
|
+
@social_security_number = "987654321"
|
101
133
|
end
|
102
134
|
|
103
135
|
should "encrypt and then decrypt using random iv" do
|
104
136
|
# Encrypt with random iv
|
105
|
-
assert encrypted = SymmetricEncryption.encrypt(@social_security_number, true)
|
137
|
+
assert encrypted = SymmetricEncryption.encrypt(@social_security_number, random_iv=true)
|
106
138
|
assert_equal true, SymmetricEncryption.encrypted?(encrypted)
|
107
139
|
assert_equal @social_security_number, SymmetricEncryption.decrypt(encrypted)
|
108
140
|
end
|
109
141
|
|
110
142
|
should "encrypt and then decrypt using random iv with compression" do
|
111
143
|
# Encrypt with random iv and compress
|
112
|
-
assert encrypted = SymmetricEncryption.encrypt(@social_security_number, true, true)
|
144
|
+
assert encrypted = SymmetricEncryption.encrypt(@social_security_number, random_iv=true, compress=true)
|
113
145
|
assert_equal true, SymmetricEncryption.encrypted?(encrypted)
|
114
146
|
assert_equal @social_security_number, SymmetricEncryption.decrypt(encrypted)
|
115
147
|
end
|
data/test/test_db.sqlite3
CHANGED
Binary file
|
data/test/writer_test.rb
CHANGED
@@ -22,7 +22,11 @@ class WriterTest < Test::Unit::TestCase
|
|
22
22
|
]
|
23
23
|
@data_str = @data.inject('') {|sum,str| sum << str}
|
24
24
|
@data_len = @data_str.length
|
25
|
+
cipher = SymmetricEncryption.cipher
|
26
|
+
before = cipher.always_add_header
|
27
|
+
cipher.always_add_header = false
|
25
28
|
@data_encrypted = SymmetricEncryption.cipher.binary_encrypt(@data_str, false, false)
|
29
|
+
cipher.always_add_header = before
|
26
30
|
@filename = '._test'
|
27
31
|
end
|
28
32
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: symmetric-encryption
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Reid Morrison
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-
|
11
|
+
date: 2013-09-19 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: SymmetricEncryption supports encrypting ActiveRecord data, Mongoid data,
|
14
14
|
passwords in configuration files, encrypting and decrypting of large files through
|
@@ -19,17 +19,10 @@ executables: []
|
|
19
19
|
extensions: []
|
20
20
|
extra_rdoc_files: []
|
21
21
|
files:
|
22
|
-
- Gemfile
|
23
|
-
- Gemfile.lock
|
24
|
-
- LICENSE.txt
|
25
|
-
- README.md
|
26
|
-
- Rakefile
|
27
|
-
- examples/symmetric-encryption.yml
|
28
22
|
- lib/rails/generators/symmetric_encryption/config/config_generator.rb
|
29
23
|
- lib/rails/generators/symmetric_encryption/config/templates/symmetric-encryption.yml
|
30
24
|
- lib/rails/generators/symmetric_encryption/new_keys/new_keys_generator.rb
|
31
25
|
- lib/symmetric-encryption.rb
|
32
|
-
- lib/symmetric_encryption.rb
|
33
26
|
- lib/symmetric_encryption/cipher.rb
|
34
27
|
- lib/symmetric_encryption/extensions/active_record/base.rb
|
35
28
|
- lib/symmetric_encryption/mongoid.rb
|
@@ -40,12 +33,11 @@ files:
|
|
40
33
|
- lib/symmetric_encryption/symmetric_encryption.rb
|
41
34
|
- lib/symmetric_encryption/version.rb
|
42
35
|
- lib/symmetric_encryption/writer.rb
|
43
|
-
-
|
44
|
-
-
|
45
|
-
-
|
46
|
-
-
|
47
|
-
-
|
48
|
-
- nbproject/project.xml
|
36
|
+
- lib/symmetric_encryption.rb
|
37
|
+
- examples/symmetric-encryption.yml
|
38
|
+
- LICENSE.txt
|
39
|
+
- Rakefile
|
40
|
+
- README.md
|
49
41
|
- test/attr_encrypted_test.rb
|
50
42
|
- test/cipher_test.rb
|
51
43
|
- test/config/database.yml
|
@@ -86,4 +78,20 @@ rubygems_version: 2.0.3
|
|
86
78
|
signing_key:
|
87
79
|
specification_version: 4
|
88
80
|
summary: Symmetric Encryption for Ruby, and Ruby on Rails
|
89
|
-
test_files:
|
81
|
+
test_files:
|
82
|
+
- test/attr_encrypted_test.rb
|
83
|
+
- test/cipher_test.rb
|
84
|
+
- test/config/database.yml
|
85
|
+
- test/config/empty.csv
|
86
|
+
- test/config/mongoid_v2.yml
|
87
|
+
- test/config/mongoid_v3.yml
|
88
|
+
- test/config/symmetric-encryption.yml
|
89
|
+
- test/config/test_new.iv
|
90
|
+
- test/config/test_new.key
|
91
|
+
- test/config/test_secondary_1.iv
|
92
|
+
- test/config/test_secondary_1.key
|
93
|
+
- test/field_encrypted_test.rb
|
94
|
+
- test/reader_test.rb
|
95
|
+
- test/symmetric_encryption_test.rb
|
96
|
+
- test/test_db.sqlite3
|
97
|
+
- test/writer_test.rb
|
data/Gemfile
DELETED
@@ -1,19 +0,0 @@
|
|
1
|
-
source 'https://rubygems.org'
|
2
|
-
|
3
|
-
group :test do
|
4
|
-
gem 'rake'
|
5
|
-
gem 'shoulda'
|
6
|
-
|
7
|
-
gem 'activerecord'
|
8
|
-
gem 'sqlite3', :platform => :ruby
|
9
|
-
|
10
|
-
platforms :jruby do
|
11
|
-
gem 'jdbc-sqlite3'
|
12
|
-
gem 'activerecord-jdbcsqlite3-adapter'
|
13
|
-
end
|
14
|
-
|
15
|
-
# Use Mongo as the database with Mongoid as the Object Document Mapper
|
16
|
-
# Edge has support for Rails 4
|
17
|
-
gem 'mongoid', git: 'https://github.com/mongoid/mongoid.git'
|
18
|
-
gem 'awesome_print'
|
19
|
-
end
|
data/Gemfile.lock
DELETED
@@ -1,61 +0,0 @@
|
|
1
|
-
GIT
|
2
|
-
remote: https://github.com/mongoid/mongoid.git
|
3
|
-
revision: cb541fa1fd7cf9ab0a725c757490d0ac435a79f7
|
4
|
-
specs:
|
5
|
-
mongoid (4.0.0)
|
6
|
-
activemodel (~> 4.0.0)
|
7
|
-
moped (~> 1.5)
|
8
|
-
origin (~> 1.0)
|
9
|
-
tzinfo (~> 0.3.22)
|
10
|
-
|
11
|
-
GEM
|
12
|
-
remote: https://rubygems.org/
|
13
|
-
specs:
|
14
|
-
activemodel (4.0.0)
|
15
|
-
activesupport (= 4.0.0)
|
16
|
-
builder (~> 3.1.0)
|
17
|
-
activerecord (4.0.0)
|
18
|
-
activemodel (= 4.0.0)
|
19
|
-
activerecord-deprecated_finders (~> 1.0.2)
|
20
|
-
activesupport (= 4.0.0)
|
21
|
-
arel (~> 4.0.0)
|
22
|
-
activerecord-deprecated_finders (1.0.3)
|
23
|
-
activesupport (4.0.0)
|
24
|
-
i18n (~> 0.6, >= 0.6.4)
|
25
|
-
minitest (~> 4.2)
|
26
|
-
multi_json (~> 1.3)
|
27
|
-
thread_safe (~> 0.1)
|
28
|
-
tzinfo (~> 0.3.37)
|
29
|
-
arel (4.0.0)
|
30
|
-
atomic (1.1.10)
|
31
|
-
awesome_print (1.1.0)
|
32
|
-
builder (3.1.4)
|
33
|
-
i18n (0.6.4)
|
34
|
-
minitest (4.7.5)
|
35
|
-
moped (1.5.0)
|
36
|
-
multi_json (1.7.7)
|
37
|
-
origin (1.1.0)
|
38
|
-
rake (10.1.0)
|
39
|
-
shoulda (3.5.0)
|
40
|
-
shoulda-context (~> 1.0, >= 1.0.1)
|
41
|
-
shoulda-matchers (>= 1.4.1, < 3.0)
|
42
|
-
shoulda-context (1.1.4)
|
43
|
-
shoulda-matchers (2.2.0)
|
44
|
-
activesupport (>= 3.0.0)
|
45
|
-
sqlite3 (1.3.7)
|
46
|
-
thread_safe (0.1.0)
|
47
|
-
atomic
|
48
|
-
tzinfo (0.3.37)
|
49
|
-
|
50
|
-
PLATFORMS
|
51
|
-
ruby
|
52
|
-
|
53
|
-
DEPENDENCIES
|
54
|
-
activerecord
|
55
|
-
activerecord-jdbcsqlite3-adapter
|
56
|
-
awesome_print
|
57
|
-
jdbc-sqlite3
|
58
|
-
mongoid!
|
59
|
-
rake
|
60
|
-
shoulda
|
61
|
-
sqlite3
|
File without changes
|
@@ -1 +0,0 @@
|
|
1
|
-
platform.active=Ruby_2
|
data/nbproject/project.xml
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
-
<project xmlns="http://www.netbeans.org/ns/project/1">
|
3
|
-
<type>org.netbeans.modules.ruby.rubyproject</type>
|
4
|
-
<configuration>
|
5
|
-
<data xmlns="http://www.netbeans.org/ns/ruby-project/1">
|
6
|
-
<name>symmetric-encryption</name>
|
7
|
-
<source-roots>
|
8
|
-
<root id="src.lib.dir" name="Source Files"/>
|
9
|
-
<root id="src.examples.dir" name="Examples"/>
|
10
|
-
</source-roots>
|
11
|
-
<test-roots>
|
12
|
-
<root id="test.test.dir" name="Test Files"/>
|
13
|
-
</test-roots>
|
14
|
-
</data>
|
15
|
-
</configuration>
|
16
|
-
</project>
|