symmetric-encryption 4.0.1 → 4.1.0

data/test/reader_test.rb

@@ -6,7 +6,7 @@ require 'stringio'
 class ReaderTest < Minitest::Test
   describe SymmetricEncryption::Reader do
     before do
-      @data     = [
+      @data = [
         "Hello World\n",
         "Keep this secret\n",
         'And keep going even further and further...'
@@ -17,7 +17,7 @@ class ReaderTest < Minitest::Test
       @cipher                        = SymmetricEncryption.cipher(0)
       @data_encrypted_without_header = @cipher.binary_encrypt(@data_str, header: false)
 
-      header                      = SymmetricEncryption::Header.new(
+      header = SymmetricEncryption::Header.new(
         version:     @cipher.version,
         iv:          @cipher.iv,
         key:         @cipher.send(:key),
@@ -87,7 +87,7 @@ class ReaderTest < Minitest::Test
 
     [
       # No Header
-      {header: false, random_key: false, random_iv: false},
+      {header: false, random_key: false, random_iv: false, compress: false},
       # Default Header with random key and iv
       {},
       # Header with no compression ( default anyway )
@@ -184,6 +184,26 @@ class ReaderTest < Minitest::Test
             end
           end
 
+          it '#read(size, outbuf)' do
+            file = SymmetricEncryption::Reader.open(@file_name)
+            # Not supported with compressed files
+            if file.is_a?(SymmetricEncryption::Reader)
+              eof           = file.eof?
+              output_buffer = 'buffer'
+              data          = file.read(4096, output_buffer)
+              file.close
+
+              assert_equal @eof, eof
+              if @data_size.positive?
+                assert_equal @data_str, data
+                assert_equal data.object_id, output_buffer.object_id
+              else
+                assert_nil data
+                assert_empty output_buffer
+              end
+            end
+          end
+
           it '#each_line' do
             SymmetricEncryption::Reader.open(@file_name) do |file|
               i = 0
@@ -212,9 +232,9 @@ class ReaderTest < Minitest::Test
             assert_equal @eof, eof
             if @data_size.positive?
               assert_equal @data_str, data
+            elsif defined?(JRuby)
               # On JRuby Zlib::GzipReader.new(file) returns '' instead of nil on an empty file
-            elsif defined?(JRuby) && options[:compress] && (usecase == :empty)
-              assert_equal '', data
+              assert data.blank?
             else
               assert_nil data
             end
@@ -222,7 +242,7 @@ class ReaderTest < Minitest::Test
 
           it '#gets(delim)' do
             SymmetricEncryption::Reader.open(@file_name) do |file|
-              i = 0
+              i           = 0
               while (line = file.gets("\n"))
                 assert_equal @data[i], line
                 i += 1
@@ -233,7 +253,7 @@ class ReaderTest < Minitest::Test
 
           it '#gets(delim,size)' do
             SymmetricEncryption::Reader.open(@file_name) do |file|
-              i = 0
+              i  = 0
               i += 1 while file.gets("\n", 128)
               assert_equal (@data_size.positive? ? 3 : 0), i
             end
@@ -284,7 +304,7 @@ class ReaderTest < Minitest::Test
       before do
         @file_name = '_test'
         # Create encrypted file with old encryption key
-        SymmetricEncryption::Writer.open(@file_name, version: 0, header: false, random_key: false, random_iv: false) do |file|
+        SymmetricEncryption::Writer.open(@file_name, version: 0, header: false, random_key: false, random_iv: false, compress: false) do |file|
           @data.inject(0) { |sum, str| sum + file.write(str) }
         end
       end

data/test/symmetric_encryption_test.rb

@@ -6,7 +6,7 @@ class SymmetricEncryptionTest < Minitest::Test
   describe 'SymmetricEncryption' do
     describe 'configuration' do
       before do
-        config   = SymmetricEncryption::Config.new(
+        config = SymmetricEncryption::Config.new(
           file_name: File.join(File.dirname(__FILE__), 'config', 'symmetric-encryption.yml'),
           env:       'test'
         )
@@ -146,7 +146,7 @@ class SymmetricEncryptionTest < Minitest::Test
       before do
         @social_security_number = '987654321'
         # Encrypt data without a header and encode with base64 which has a trailing '\n'
-        no_header = SymmetricEncryption.cipher(0).binary_encrypt(@social_security_number, header: false)
+        no_header               = SymmetricEncryption.cipher(0).binary_encrypt(@social_security_number, header: false)
         assert @encrypted_0_ssn = SymmetricEncryption.cipher(0).encode(no_header)
       end
 

data/test/test_helper.rb

@@ -6,6 +6,7 @@ require 'minitest/stub_any_instance'
 require 'awesome_print'
 require 'active_record'
 require 'symmetric-encryption'
+require 'fileutils'
 
 # Load Symmetric Encryption keys
 SymmetricEncryption.load!(File.join(File.dirname(__FILE__), 'config', 'symmetric-encryption.yml'), 'test')

data/test/utils/aws_test.rb

@@ -0,0 +1,74 @@
+require_relative '../test_helper'
+require 'stringio'
+
+module SymmetricEncryption
+  module Utils
+    class AwsTest < Minitest::Test
+      describe SymmetricEncryption::Utils::Aws do
+        before do
+          unless (ENV['AWS_ACCESS_KEY_ID'] && ENV['AWS_SECRET_ACCESS_KEY']) || ENV['AWS_CONFIG_FILE']
+            # For example: export AWS_CONFIG_FILE=~/.aws/credentials
+            skip 'Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, or AWS_CONFIG_FILE to run AWS KMS tests'
+          end
+        end
+
+        let :region do
+          'us-east-1'
+        end
+
+        let :master_key_alias do
+          'alias/symmetric-encryption/test'
+        end
+
+        let :aws do
+          SymmetricEncryption::Utils::Aws.new(region: region, master_key_alias: master_key_alias)
+        end
+
+        describe '#key_spec' do
+          it 'converts aes-256-cbc' do
+            assert_equal 'AES_256', aws.key_spec('aes-256-cbc')
+          end
+
+          it 'converts aes-128-cbc' do
+            assert_equal 'AES_128', aws.key_spec('aes-128-cbc')
+          end
+        end
+
+        describe '#create_master_key' do
+          it 'creates a new master key' do
+            skip 'Only run if really needed, gets tested once as part of the CMK auto-create'
+            aws.delete_master_key(retention_days: 7)
+            aws.create_master_key
+          end
+        end
+
+        describe '#generate_data_key' do
+          it 'creates a new data key' do
+            assert aws.generate_data_key('aes-128-cbc')
+          end
+        end
+
+        describe '#generate_encrypted_data_key' do
+          it 'creates a new data key' do
+            assert aws.generate_encrypted_data_key('aes-128-cbc')
+          end
+        end
+
+        describe '#encrypt' do
+          it 'encrypts a block of data' do
+            assert aws.encrypt('hello')
+          end
+        end
+
+        describe '#decrypt' do
+          it 'decrypts a previously encrypted block of data' do
+            message   = 'hello world this is a top secret message'
+            encrypted = aws.encrypt(message)
+            decrypted = aws.decrypt(encrypted)
+            assert_equal message, decrypted
+          end
+        end
+      end
+    end
+  end
+end

data/test/writer_test.rb

@@ -6,7 +6,7 @@ require 'stringio'
 class WriterTest < Minitest::Test
   describe SymmetricEncryption::Writer do
     before do
-      @data             = [
+      @data = [
         "Hello World\n",
         "Keep this secret\n",
         'And keep going even further and further...'
@@ -22,55 +22,57 @@ class WriterTest < Minitest::Test
       File.delete(@source_file_name) if File.exist?(@source_file_name)
     end
 
-    describe '#write' do
-      it 'encrypt to string stream' do
-        stream      = StringIO.new
-        file        = SymmetricEncryption::Writer.new(stream)
-        written_len = @data.inject(0) { |sum, str| sum + file.write(str) }
-        assert_equal @data_len, file.size
-        file.close
+    [true, false, nil].each do |compress|
+      describe "compress: #{compress.inspect}" do
+        describe '.open' do
+          it 'encrypt to stream' do
+            written_len = 0
+            stream      = StringIO.new
+            SymmetricEncryption::Writer.open(stream, compress: compress) do |file|
+              written_len = @data.inject(0) { |sum, str| sum + file.write(str) }
+            end
+            size = stream.string.size
+            if compress == false
+              assert @data_len, size
+            else
+              # With small files the compressed file is larger
+              assert size >= @data_len
+            end
+            assert_equal @data_len, written_len
+          end
 
-        assert_equal @data_len, written_len
-        assert_equal @data_str, SymmetricEncryption::Reader.read(StringIO.new(stream.string))
-      end
-    end
-
-    describe '.open' do
-      it 'encrypt to stream' do
-        written_len = 0
-        stream      = StringIO.new
-        SymmetricEncryption::Writer.open(stream) do |file|
-          written_len = @data.inject(0) { |sum, str| sum + file.write(str) }
-          assert_equal @data_len, file.size
-        end
-        assert_equal @data_len, written_len
-      end
-
-      it 'encrypt to file' do
-        written_len = nil
-        SymmetricEncryption::Writer.open(@file_name) do |file|
-          written_len = @data.inject(0) { |sum, str| sum + file.write(str) }
-          assert_equal @data_len, file.size
+          it 'encrypt to file' do
+            written_len = SymmetricEncryption::Writer.open(@file_name, compress: compress) do |file|
+              @data.inject(0) { |sum, str| sum + file.write(str) }
+            end
+            assert_equal @data_len, written_len
+            size = File.size(@file_name)
+            if compress == false
+              assert @data_len, size
+            else
+              # With small files the compressed file is larger
+              assert size >= @data_len
+            end
+            assert_equal @data_str, SymmetricEncryption::Reader.read(@file_name)
+          end
         end
-        assert_equal @data_len, written_len
-        assert_equal @data_str, SymmetricEncryption::Reader.read(@file_name)
-      end
-    end
 
-    describe '.encrypt' do
-      it 'stream' do
-        target_stream = StringIO.new
-        source_stream = StringIO.new(@data_str)
-        source_bytes  = SymmetricEncryption::Writer.encrypt(source: source_stream, target: target_stream)
-        assert_equal @data_len, source_bytes
-        assert_equal @data_str, SymmetricEncryption::Reader.read(StringIO.new(target_stream.string))
-      end
+        describe '.encrypt' do
+          it 'stream' do
+            target_stream = StringIO.new
+            source_stream = StringIO.new(@data_str)
+            source_bytes  = SymmetricEncryption::Writer.encrypt(source: source_stream, target: target_stream, compress: compress)
+            assert_equal @data_len, source_bytes
+            assert_equal @data_str, SymmetricEncryption::Reader.read(StringIO.new(target_stream.string))
+          end
 
-      it 'file' do
-        File.open(@source_file_name, 'wb') { |f| f.write(@data_str) }
-        source_bytes = SymmetricEncryption::Writer.encrypt(source: @source_file_name, target: @file_name)
-        assert_equal @data_len, source_bytes
-        assert_equal @data_str, SymmetricEncryption::Reader.read(@file_name)
+          it 'file' do
+            File.open(@source_file_name, 'wb') { |f| f.write(@data_str) }
+            source_bytes = SymmetricEncryption::Writer.encrypt(source: @source_file_name, target: @file_name, compress: compress)
+            assert_equal @data_len, source_bytes
+            assert_equal @data_str, SymmetricEncryption::Reader.read(@file_name)
+          end
+        end
       end
     end
   end

metadata

@@ -1,30 +1,30 @@
 --- !ruby/object:Gem::Specification
 name: symmetric-encryption
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.1.0
 platform: ruby
 authors:
 - Reid Morrison
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-05-03 00:00:00.000000000 Z
+date: 2018-10-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: coercible
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-  type: :runtime
+  name: coercible
   prerelease: false
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-description: 
+description:
 email:
 - reidmo@gmail.com
 executables:
@@ -51,14 +51,17 @@ files:
 - lib/symmetric_encryption/header.rb
 - lib/symmetric_encryption/key.rb
 - lib/symmetric_encryption/keystore.rb
+- lib/symmetric_encryption/keystore/aws.rb
 - lib/symmetric_encryption/keystore/environment.rb
 - lib/symmetric_encryption/keystore/file.rb
+- lib/symmetric_encryption/keystore/heroku.rb
 - lib/symmetric_encryption/keystore/memory.rb
 - lib/symmetric_encryption/railtie.rb
 - lib/symmetric_encryption/railties/symmetric_encryption_validator.rb
 - lib/symmetric_encryption/reader.rb
 - lib/symmetric_encryption/rsa_key.rb
 - lib/symmetric_encryption/symmetric_encryption.rb
+- lib/symmetric_encryption/utils/aws.rb
 - lib/symmetric_encryption/utils/re_encrypt_files.rb
 - lib/symmetric_encryption/version.rb
 - lib/symmetric_encryption/writer.rb
@@ -76,20 +79,23 @@ files:
 - test/encoder_test.rb
 - test/header_test.rb
 - test/key_test.rb
+- test/keystore/aws_test.rb
 - test/keystore/environment_test.rb
 - test/keystore/file_test.rb
+- test/keystore/heroku_test.rb
 - test/keystore_test.rb
 - test/mongoid_test.rb
 - test/reader_test.rb
 - test/symmetric_encryption_test.rb
 - test/test_db.sqlite3
 - test/test_helper.rb
+- test/utils/aws_test.rb
 - test/writer_test.rb
 homepage: http://rocketjob.github.io/symmetric-encryption/
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -104,25 +110,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
+rubyforge_project:
 rubygems_version: 2.7.6
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Encrypt ActiveRecord and Mongoid attributes, files and passwords in configuration
   files.
 test_files:
-- test/keystore/environment_test.rb
-- test/keystore/file_test.rb
 - test/symmetric_encryption_test.rb
-- test/config/test_secondary_1.key
-- test/config/mongoid.yml
-- test/config/test_new.iv
-- test/config/test_secondary_1.iv
-- test/config/database.yml
-- test/config/test_new.key
-- test/config/symmetric-encryption.yml
-- test/config/empty.csv
-- test/config/mongo_mapper.yml
 - test/test_db.sqlite3
 - test/mongoid_test.rb
 - test/active_record_test.rb
@@ -134,3 +129,17 @@ test_files:
 - test/test_helper.rb
 - test/writer_test.rb
 - test/cipher_test.rb
+- test/keystore/environment_test.rb
+- test/keystore/file_test.rb
+- test/keystore/heroku_test.rb
+- test/keystore/aws_test.rb
+- test/config/test_secondary_1.key
+- test/config/mongoid.yml
+- test/config/test_new.iv
+- test/config/test_secondary_1.iv
+- test/config/database.yml
+- test/config/test_new.key
+- test/config/symmetric-encryption.yml
+- test/config/empty.csv
+- test/config/mongo_mapper.yml
+- test/utils/aws_test.rb