symmetric-encryption 3.3 → 3.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 37b9132a3f23db50841774bccd1d0ea48db0a325
4
- data.tar.gz: 66808f69ba790855acac29dcd2ca59b59ec5a611
3
+ metadata.gz: 6c78c33fe68704b26ebd996fd8ea8785d73c6fa1
4
+ data.tar.gz: 5f1534c06fae8c76cfc0dccf5a2612ce45fbf683
5
5
  SHA512:
6
- metadata.gz: 33ba910830b6f113ccefe74d029e2ec5d68f3ea15234bae0234c7de335d9d9e29f13edbc248398f6d766e02277ee22535f8d274cae10b48bcc9b8f388de81af5
7
- data.tar.gz: c0dbfec5a29239451d18cd4ec8eef68f891100267a1b670e4b9224861b3cf9321ae7f525fc08ca7927aca260c72ec6696da40cca57af243d343bf288b28c40be
6
+ metadata.gz: 1fdf134465788b41776a086b5f86d0e2c43778899263bb9c3c702124779b5cad0d61466c1af15a11338959f76b7f6435598be7cb0f80d2c92a8d50727c21d372
7
+ data.tar.gz: 99a8de3d8d8aa73832f9541b7ab1b448685cd99739a59c600e543f4b27ef55b7c7025b3aaa62d2a0ae91c086aea30e9d9ac08209c2bfb1df7b4bf45ae8ac28eb
data/README.md CHANGED
@@ -417,6 +417,8 @@ Install the Gem with bundler
417
417
 
418
418
  ## Rails Configuration
419
419
 
420
+ If deploying to Heroku skip to the section "Rails Configuration for a Heroku deployment" below
421
+
420
422
  ### Creating the configuration file
421
423
 
422
424
  The configuration file contains the path to the production encryption key files.
@@ -484,6 +486,27 @@ environment must run the same encryption keys.
484
486
 
485
487
  Note: The generate step above must only be run once in each environment
486
488
 
489
+ ## Rails Configuration for a Heroku deployment
490
+
491
+ Deploying to Heroku requires the encrypted key to be stored in an environment
492
+ variable rather than as a file on disk.
493
+
494
+ Generate the configuration file:
495
+
496
+ rails g symmetric_encryption:heroku_config
497
+
498
+ Note: Ignore the warning about "Symmetric Encryption config not found" since it is
499
+ being generated.
500
+
501
+ Note: The encrypted keys for the release and production environments are displayed on
502
+ screen and must be entered manually as environment variables into Heroku so that the
503
+ application can find them when it starts.
504
+
505
+ #### Save to version control
506
+
507
+ This configuration file should be checked into the source code control system.
508
+ It does Not include the Symmetric Encryption keys.
509
+
487
510
  ## Using in non-Rails environments
488
511
 
489
512
  SymmetricEncryption can also be used in non-Rails environment.
@@ -681,6 +704,7 @@ Contributors
681
704
  ------------
682
705
 
683
706
  [M. Scott Ford](https://github.com/mscottford)
707
+ [Adam St. John](https://github.com/astjohn)
684
708
 
685
709
  License
686
710
  -------
@@ -0,0 +1,20 @@
1
+ module SymmetricEncryption
2
+ module Generators
3
+ class HerokuConfigGenerator < Rails::Generators::Base
4
+ desc "Creates a SymmetricEncryption configuration file at config/symmetric-encryption.yml for use in heroku"
5
+
6
+ def self.source_root
7
+ @_symmetric_encryption_source_root ||= File.expand_path("../templates", __FILE__)
8
+ end
9
+
10
+ def app_name
11
+ Rails::Application.subclasses.first.parent.to_s.underscore
12
+ end
13
+
14
+ def create_config_file
15
+ template 'symmetric-encryption.yml', File.join('config', "symmetric-encryption.yml")
16
+ end
17
+
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,75 @@
1
+ #
2
+ # Symmetric Encryption for Ruby
3
+ #
4
+ ---
5
+ # For the development and test environments the test symmetric encryption keys
6
+ # can be placed directly in the source code.
7
+ # And therefore no RSA private key is required
8
+ development: &development_defaults
9
+ key: 1234567890ABCDEF1234567890ABCDEF
10
+ iv: 1234567890ABCDEF
11
+ cipher_name: aes-128-cbc
12
+ encoding: :base64strict
13
+
14
+ test:
15
+ <<: *development_defaults
16
+
17
+ <%
18
+ cipher_name = 'aes-256-cbc'
19
+ rsa_key = OpenSSL::PKey::RSA.generate(2048)
20
+ key_pair = SymmetricEncryption::Cipher.random_key_pair(cipher_name)
21
+ iv = ::Base64.strict_encode64(key_pair[:iv])
22
+ encrypted_key = ::Base64.strict_encode64(rsa_key.public_encrypt(key_pair[:key]))
23
+
24
+ puts "\n\n********************************************************************************"
25
+ puts "Add the release environment key to Heroku: (Optional)\n\n"
26
+ puts " heroku config:add RELEASE_KEY1:#{encrypted_key}\n\n"
27
+ -%>
28
+ release:
29
+ # Since the key to encrypt and decrypt with must NOT be stored along with the
30
+ # source code, we only hold a RSA key that is used to unlock the file
31
+ # containing the actual symmetric encryption key
32
+ private_rsa_key: |
33
+ <%= rsa_key.to_s.each_line.collect { |line| " #{line}" }.join('') %>
34
+
35
+ # List Symmetric Key files in the order of current / latest first
36
+ ciphers:
37
+ -
38
+ # Filename containing Symmetric Encryption Key encrypted using the
39
+ # RSA public key derived from the private key above
40
+ encrypted_key: "<%= '<' + "%= ENV['RELEASE_KEY1'] %" + '>' %>"
41
+ iv: "<%= iv %>"
42
+ cipher_name: <%= cipher_name %>
43
+ # Base64 encode encrypted data without newlines
44
+ encoding: :base64strict
45
+ version: 1
46
+
47
+ <%
48
+ cipher_name = 'aes-256-cbc'
49
+ rsa_key = OpenSSL::PKey::RSA.generate(2048)
50
+ key_pair = SymmetricEncryption::Cipher.random_key_pair(cipher_name)
51
+ iv = ::Base64.strict_encode64(key_pair[:iv])
52
+ encrypted_key = ::Base64.strict_encode64(rsa_key.public_encrypt(key_pair[:key]))
53
+
54
+ puts "Add the production key to Heroku:\n\n"
55
+ puts " heroku config:add PRODUCTION_KEY1:#{encrypted_key}\n\n"
56
+ puts "********************************************************************************\n\n\n"
57
+ -%>
58
+ production:
59
+ # Since the key to encrypt and decrypt with must NOT be stored along with the
60
+ # source code, we only hold a RSA key that is used to unlock the file
61
+ # containing the actual symmetric encryption key
62
+ private_rsa_key: |
63
+ <%= rsa_key.to_s.each_line.collect { |line| " #{line}" }.join('') %>
64
+
65
+ # List Symmetric Key files in the order of current / latest first
66
+ ciphers:
67
+ -
68
+ # Filename containing Symmetric Encryption Key encrypted using the
69
+ # RSA public key derived from the private key above
70
+ encrypted_key: "<%= '<' + "%= ENV['PRODUCTION_KEY1'] %" + '>' %>"
71
+ iv: "<%= iv %>"
72
+ cipher_name: <%= cipher_name %>
73
+ # Base64 encode encrypted data without newlines
74
+ encoding: :base64strict
75
+ version: 1
@@ -81,8 +81,9 @@ module ActiveRecord #:nodoc:
81
81
  # Set the un-encrypted attribute
82
82
  # Also updates the encrypted field with the encrypted value
83
83
  def #{attribute}=(value)
84
- self.encrypted_#{attribute} = @stored_encrypted_#{attribute} = ::SymmetricEncryption.encrypt(value,#{random_iv},#{compress},:#{type})
85
- @#{attribute} = value.freeze
84
+ v = SymmetricEncryption::coerce(value, :#{type})
85
+ self.encrypted_#{attribute} = @stored_encrypted_#{attribute} = ::SymmetricEncryption.encrypt(v,#{random_iv},#{compress},:#{type})
86
+ @#{attribute} = v.freeze
86
87
  end
87
88
  UNENCRYPTED
88
89
 
@@ -95,7 +95,9 @@ Mongoid::Fields.option :encrypted do |model, field, options|
95
95
  decrypted_field_name = options.delete(:decrypt_as)
96
96
  if decrypted_field_name.nil? && encrypted_field_name.to_s.start_with?('encrypted_')
97
97
  decrypted_field_name = encrypted_field_name.to_s['encrypted_'.length..-1]
98
- else
98
+ end
99
+
100
+ if decrypted_field_name.nil?
99
101
  raise "SymmetricEncryption for Mongoid. Encryption enabled for field #{encrypted_field_name}. It must either start with 'encrypted_' or the option :decrypt_as must be supplied"
100
102
  end
101
103
 
@@ -119,8 +121,9 @@ Mongoid::Fields.option :encrypted do |model, field, options|
119
121
  # Also updates the encrypted field with the encrypted value
120
122
  # Freeze the decrypted field value so that it is not modified directly
121
123
  def #{decrypted_field_name}=(value)
122
- self.#{encrypted_field_name} = @stored_#{encrypted_field_name} = ::SymmetricEncryption.encrypt(value,#{random_iv},#{compress},:#{type})
123
- @#{decrypted_field_name} = value.freeze
124
+ v = SymmetricEncryption::coerce(value, :#{type})
125
+ self.#{encrypted_field_name} = @stored_#{encrypted_field_name} = ::SymmetricEncryption.encrypt(v,#{random_iv},#{compress},:#{type})
126
+ @#{decrypted_field_name} = v.freeze
124
127
  end
125
128
 
126
129
  # Returns the decrypted value for the encrypted field
@@ -387,12 +387,14 @@ module SymmetricEncryption
387
387
  #
388
388
  # :encrypted_key
389
389
  # Symmetric key encrypted using the public key from the private_rsa_key
390
+ # and then Base64 encoded
390
391
  #
391
392
  # :iv
392
393
  # Optional: The actual iv to use for encryption/decryption purposes
393
394
  #
394
395
  # :encrypted_iv
395
396
  # Initialization vector encrypted using the public key from the private_rsa_key
397
+ # and then Base64 encoded
396
398
  #
397
399
  # :iv_filename
398
400
  # Optional: Name of file containing symmetric key initialization vector
@@ -455,6 +457,23 @@ module SymmetricEncryption
455
457
  Cipher.new(config)
456
458
  end
457
459
 
460
+ # Coerce given value into given type
461
+ # Does not coerce json or yaml values
462
+ def self.coerce(value, type, from_type=nil)
463
+ return if value.nil?
464
+
465
+ from_type ||= value.class
466
+ case type
467
+ when :json
468
+ value
469
+ when :yaml
470
+ value
471
+ else
472
+ coercer = Coercible::Coercer.new
473
+ coercer[from_type].send("to_#{type}".to_sym, value)
474
+ end
475
+ end
476
+
458
477
  # Uses coercible gem to coerce values from strings into the target type
459
478
  # Note: if the type is :string, then the value is returned as is, and the
460
479
  # coercible gem is not used at all.
@@ -468,9 +487,7 @@ module SymmetricEncryption
468
487
  when :yaml
469
488
  YAML.load(value)
470
489
  else
471
- coercer = Coercible::Coercer.new
472
- coercion_method = "to_#{type}".to_sym
473
- coercer[String].send(coercion_method, value)
490
+ self.coerce(value, type, String)
474
491
  end
475
492
  end
476
493
 
@@ -488,8 +505,7 @@ module SymmetricEncryption
488
505
  when :yaml
489
506
  value.to_yaml
490
507
  else
491
- coercer = Coercible::Coercer.new
492
- coercer[coercion_type(type, value)].to_string(value)
508
+ self.coerce(value, :string, coercion_type(type, value))
493
509
  end
494
510
  end
495
511
 
@@ -1,3 +1,3 @@
1
1
  module SymmetricEncryption #:nodoc
2
- VERSION = "3.3"
2
+ VERSION = "3.4.0"
3
3
  end
@@ -231,6 +231,8 @@ class AttrEncryptedTest < Test::Unit::TestCase
231
231
  assert_equal true, @user.valid?
232
232
  end
233
233
 
234
+
235
+
234
236
  context "with saved user" do
235
237
  setup do
236
238
  @user.save!
@@ -240,6 +242,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
240
242
  @user.destroy
241
243
  end
242
244
 
245
+ should "return correct data type before save" do
246
+ u = User.new(:integer_value => "5")
247
+ assert_equal 5, u.integer_value
248
+ assert u.integer_value.kind_of?(Integer)
249
+ end
250
+
243
251
  should "handle gsub! for non-encrypted_field" do
244
252
  @user.name.gsub!('a', 'v')
245
253
  new_name = @name.gsub('a', 'v')
@@ -290,6 +298,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
290
298
  assert @user.clone.integer_value.kind_of?(Integer)
291
299
  end
292
300
 
301
+ should "coerce data type before save" do
302
+ u = User.new(:integer_value => "5")
303
+ assert_equal 5, u.integer_value
304
+ assert u.integer_value.kind_of?(Integer)
305
+ end
306
+
293
307
  should "permit replacing value with nil" do
294
308
  @user_clone.integer_value = nil
295
309
  @user_clone.save!
@@ -315,6 +329,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
315
329
  assert @user.clone.float_value.kind_of?(Float)
316
330
  end
317
331
 
332
+ should "coerce data type before save" do
333
+ u = User.new(:float_value => "5.6")
334
+ assert_equal 5.6, u.float_value
335
+ assert u.float_value.kind_of?(Float)
336
+ end
337
+
318
338
  should "permit replacing value with nil" do
319
339
  @user_clone.float_value = nil
320
340
  @user_clone.save!
@@ -340,6 +360,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
340
360
  assert @user.clone.decimal_value.kind_of?(BigDecimal)
341
361
  end
342
362
 
363
+ should "coerce data type before save" do
364
+ u = User.new(:decimal_value => "99.95")
365
+ assert_equal BigDecimal.new("99.95"), u.decimal_value
366
+ assert u.decimal_value.kind_of?(BigDecimal)
367
+ end
368
+
343
369
  should "permit replacing value with nil" do
344
370
  @user_clone.decimal_value = nil
345
371
  @user_clone.save!
@@ -365,6 +391,13 @@ class AttrEncryptedTest < Test::Unit::TestCase
365
391
  assert @user.clone.datetime_value.kind_of?(DateTime)
366
392
  end
367
393
 
394
+ should "coerce data type before save" do
395
+ now = Time.now
396
+ u = User.new(:datetime_value => now)
397
+ assert_equal now, u.datetime_value
398
+ assert u.datetime_value.kind_of?(DateTime)
399
+ end
400
+
368
401
  should "permit replacing value with nil" do
369
402
  @user_clone.datetime_value = nil
370
403
  @user_clone.save!
@@ -390,6 +423,13 @@ class AttrEncryptedTest < Test::Unit::TestCase
390
423
  assert @user.clone.time_value.kind_of?(Time)
391
424
  end
392
425
 
426
+ should "coerce data type before save" do
427
+ now = Time.now
428
+ u = User.new(:time_value => now)
429
+ assert_equal now, u.time_value
430
+ assert u.time_value.kind_of?(Time)
431
+ end
432
+
393
433
  should "permit replacing value with nil" do
394
434
  @user_clone.time_value = nil
395
435
  @user_clone.save!
@@ -415,6 +455,13 @@ class AttrEncryptedTest < Test::Unit::TestCase
415
455
  assert @user.clone.date_value.kind_of?(Date)
416
456
  end
417
457
 
458
+ should "coerce data type before save" do
459
+ now = Time.now
460
+ u = User.new(:date_value => now)
461
+ assert_equal now.to_date, u.date_value
462
+ assert u.date_value.kind_of?(Date)
463
+ end
464
+
418
465
  should "permit replacing value with nil" do
419
466
  @user_clone.date_value = nil
420
467
  @user_clone.save!
@@ -440,6 +487,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
440
487
  assert @user.clone.true_value.kind_of?(TrueClass)
441
488
  end
442
489
 
490
+ should "coerce data type before save" do
491
+ u = User.new(:true_value => "1")
492
+ assert_equal true, u.true_value
493
+ assert u.true_value.kind_of?(TrueClass)
494
+ end
495
+
443
496
  should "permit replacing value with nil" do
444
497
  @user_clone.true_value = nil
445
498
  @user_clone.save!
@@ -465,6 +518,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
465
518
  assert @user.clone.false_value.kind_of?(FalseClass)
466
519
  end
467
520
 
521
+ should "coerce data type before save" do
522
+ u = User.new(:false_value => "0")
523
+ assert_equal false, u.false_value
524
+ assert u.false_value.kind_of?(FalseClass)
525
+ end
526
+
468
527
  should "permit replacing value with nil" do
469
528
  @user_clone.false_value = nil
470
529
  @user_clone.save!
@@ -499,6 +558,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
499
558
  assert @user.clone.data_json.kind_of?(Hash)
500
559
  end
501
560
 
561
+ should "not coerce data type (leaves as hash) before save" do
562
+ u = User.new(:data_json => @h)
563
+ assert_equal @h, u.data_json
564
+ assert u.data_json.kind_of?(Hash)
565
+ end
566
+
502
567
  should "permit replacing value with nil" do
503
568
  @user_clone.data_json = nil
504
569
  @user_clone.save!
@@ -525,6 +590,12 @@ class AttrEncryptedTest < Test::Unit::TestCase
525
590
  assert @user.clone.data_yaml.kind_of?(Hash)
526
591
  end
527
592
 
593
+ should "not coerce data type (leaves as hash) before save" do
594
+ u = User.new(:data_yaml => @h)
595
+ assert_equal @h, u.data_yaml
596
+ assert u.data_yaml.kind_of?(Hash)
597
+ end
598
+
528
599
  should "permit replacing value with nil" do
529
600
  @user_clone.data_yaml = nil
530
601
  @user_clone.save!
@@ -14,6 +14,7 @@ class MongoidUser
14
14
  field :encrypted_long_string, :type => String, :encrypted => {:random_iv => true, :compress => true}
15
15
 
16
16
  field :encrypted_integer_value, :type => String, :encrypted => {:type => :integer}
17
+ field :aiv, :type => String, :encrypted => {:type => :integer, decrypt_as: :aliased_integer_value}
17
18
  field :encrypted_float_value, :type => String, :encrypted => {:type => :float}
18
19
  field :encrypted_decimal_value, :type => String, :encrypted => {:type => :decimal}
19
20
  field :encrypted_datetime_value, :type => String, :encrypted => {:type => :datetime}
@@ -70,6 +71,7 @@ class FieldEncryptedTest < Test::Unit::TestCase
70
71
  :name => "Joe Bloggs",
71
72
  # data type specific fields
72
73
  :integer_value => @integer_value,
74
+ :aliased_integer_value => @integer_value,
73
75
  :float_value => @float_value,
74
76
  :decimal_value => @decimal_value,
75
77
  :datetime_value => @datetime_value,
@@ -110,6 +112,11 @@ class FieldEncryptedTest < Test::Unit::TestCase
110
112
  assert_equal true, @user.respond_to?(:name=)
111
113
  end
112
114
 
115
+ should "support aliased fields" do
116
+ assert_equal true, @user.respond_to?(:aliased_integer_value=)
117
+ assert_equal true, @user.respond_to?(:aliased_integer_value)
118
+ end
119
+
113
120
  should "have unencrypted values" do
114
121
  assert_equal @bank_account_number, @user.bank_account_number
115
122
  assert_equal @social_security_number, @user.social_security_number
@@ -194,12 +201,25 @@ class FieldEncryptedTest < Test::Unit::TestCase
194
201
  @user_clone = MongoidUser.find(@user.id)
195
202
  end
196
203
 
204
+ context "aliased fields" do
205
+ should "return correct data type" do
206
+ @user_clone.aliased_integer_value = "5"
207
+ assert_equal 5, @user_clone.aliased_integer_value
208
+ end
209
+ end
210
+
197
211
  context "integer values" do
198
212
  should "return correct data type" do
199
213
  assert_equal @integer_value, @user_clone.integer_value
200
214
  assert @user.clone.integer_value.kind_of?(Integer)
201
215
  end
202
216
 
217
+ should "coerce data type before save" do
218
+ u = MongoidUser.new(:integer_value => "5")
219
+ assert_equal 5, u.integer_value
220
+ assert u.integer_value.kind_of?(Integer)
221
+ end
222
+
203
223
  should "permit replacing value with nil" do
204
224
  @user_clone.integer_value = nil
205
225
  @user_clone.save!
@@ -225,6 +245,12 @@ class FieldEncryptedTest < Test::Unit::TestCase
225
245
  assert @user.clone.float_value.kind_of?(Float)
226
246
  end
227
247
 
248
+ should "coerce data type before save" do
249
+ u = MongoidUser.new(:float_value => "5.6")
250
+ assert_equal 5.6, u.float_value
251
+ assert u.float_value.kind_of?(Float)
252
+ end
253
+
228
254
  should "permit replacing value with nil" do
229
255
  @user_clone.float_value = nil
230
256
  @user_clone.save!
@@ -250,6 +276,12 @@ class FieldEncryptedTest < Test::Unit::TestCase
250
276
  assert @user.clone.decimal_value.kind_of?(BigDecimal)
251
277
  end
252
278
 
279
+ should "coerce data type before save" do
280
+ u = MongoidUser.new(:decimal_value => "99.95")
281
+ assert_equal BigDecimal.new("99.95"), u.decimal_value
282
+ assert u.decimal_value.kind_of?(BigDecimal)
283
+ end
284
+
253
285
  should "permit replacing value with nil" do
254
286
  @user_clone.decimal_value = nil
255
287
  @user_clone.save!
@@ -275,6 +307,13 @@ class FieldEncryptedTest < Test::Unit::TestCase
275
307
  assert @user.clone.datetime_value.kind_of?(DateTime)
276
308
  end
277
309
 
310
+ should "coerce data type before save" do
311
+ now = Time.now
312
+ u = MongoidUser.new(:datetime_value => now)
313
+ assert_equal now, u.datetime_value
314
+ assert u.datetime_value.kind_of?(DateTime)
315
+ end
316
+
278
317
  should "permit replacing value with nil" do
279
318
  @user_clone.datetime_value = nil
280
319
  @user_clone.save!
@@ -300,6 +339,13 @@ class FieldEncryptedTest < Test::Unit::TestCase
300
339
  assert @user.clone.time_value.kind_of?(Time)
301
340
  end
302
341
 
342
+ should "coerce data type before save" do
343
+ now = Time.now
344
+ u = MongoidUser.new(:time_value => now)
345
+ assert_equal now, u.time_value
346
+ assert u.time_value.kind_of?(Time)
347
+ end
348
+
303
349
  should "permit replacing value with nil" do
304
350
  @user_clone.time_value = nil
305
351
  @user_clone.save!
@@ -325,6 +371,13 @@ class FieldEncryptedTest < Test::Unit::TestCase
325
371
  assert @user.clone.date_value.kind_of?(Date)
326
372
  end
327
373
 
374
+ should "coerce data type before save" do
375
+ now = Time.now
376
+ u = MongoidUser.new(:date_value => now)
377
+ assert_equal now.to_date, u.date_value
378
+ assert u.date_value.kind_of?(Date)
379
+ end
380
+
328
381
  should "permit replacing value with nil" do
329
382
  @user_clone.date_value = nil
330
383
  @user_clone.save!
@@ -350,6 +403,12 @@ class FieldEncryptedTest < Test::Unit::TestCase
350
403
  assert @user.clone.true_value.kind_of?(TrueClass)
351
404
  end
352
405
 
406
+ should "coerce data type before save" do
407
+ u = MongoidUser.new(:true_value => "1")
408
+ assert_equal true, u.true_value
409
+ assert u.true_value.kind_of?(TrueClass)
410
+ end
411
+
353
412
  should "permit replacing value with nil" do
354
413
  @user_clone.true_value = nil
355
414
  @user_clone.save!
@@ -375,6 +434,12 @@ class FieldEncryptedTest < Test::Unit::TestCase
375
434
  assert @user.clone.false_value.kind_of?(FalseClass)
376
435
  end
377
436
 
437
+ should "coerce data type before save" do
438
+ u = MongoidUser.new(:false_value => "0")
439
+ assert_equal false, u.false_value
440
+ assert u.false_value.kind_of?(FalseClass)
441
+ end
442
+
378
443
  should "permit replacing value with nil" do
379
444
  @user_clone.false_value = nil
380
445
  @user_clone.save!
@@ -409,6 +474,12 @@ class FieldEncryptedTest < Test::Unit::TestCase
409
474
  assert @user.clone.data_json.kind_of?(Hash)
410
475
  end
411
476
 
477
+ should "not coerce data type (leaves as hash) before save" do
478
+ u = MongoidUser.new(:data_json => @h)
479
+ assert_equal @h, u.data_json
480
+ assert u.data_json.kind_of?(Hash)
481
+ end
482
+
412
483
  should "permit replacing value with nil" do
413
484
  @user_clone.data_json = nil
414
485
  @user_clone.save!
@@ -435,6 +506,12 @@ class FieldEncryptedTest < Test::Unit::TestCase
435
506
  assert @user.clone.data_yaml.kind_of?(Hash)
436
507
  end
437
508
 
509
+ should "not coerce data type (leaves as hash) before save" do
510
+ u = MongoidUser.new(:data_yaml => @h)
511
+ assert_equal @h, u.data_yaml
512
+ assert u.data_yaml.kind_of?(Hash)
513
+ end
514
+
438
515
  should "permit replacing value with nil" do
439
516
  @user_clone.data_yaml = nil
440
517
  @user_clone.save!
@@ -454,6 +531,7 @@ class FieldEncryptedTest < Test::Unit::TestCase
454
531
  assert_equal new_value, @user.data_yaml
455
532
  end
456
533
  end
534
+
457
535
  end
458
536
 
459
537
  end
Binary file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: symmetric-encryption
3
3
  version: !ruby/object:Gem::Version
4
- version: '3.3'
4
+ version: 3.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Reid Morrison
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-01-11 00:00:00.000000000 Z
11
+ date: 2014-02-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: coercible
@@ -39,6 +39,8 @@ files:
39
39
  - examples/symmetric-encryption.yml
40
40
  - lib/rails/generators/symmetric_encryption/config/config_generator.rb
41
41
  - lib/rails/generators/symmetric_encryption/config/templates/symmetric-encryption.yml
42
+ - lib/rails/generators/symmetric_encryption/heroku_config/heroku_config_generator.rb
43
+ - lib/rails/generators/symmetric_encryption/heroku_config/templates/symmetric-encryption.yml
42
44
  - lib/rails/generators/symmetric_encryption/new_keys/new_keys_generator.rb
43
45
  - lib/symmetric-encryption.rb
44
46
  - lib/symmetric_encryption.rb