symmetric-encryption 4.1.1 → 4.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/symmetric_encryption/cli.rb +2 -2
- data/lib/symmetric_encryption/encoder.rb +2 -2
- data/lib/symmetric_encryption/generator.rb +4 -4
- data/lib/symmetric_encryption/keystore/aws.rb +2 -1
- data/lib/symmetric_encryption/keystore/environment.rb +1 -1
- data/lib/symmetric_encryption/keystore/file.rb +1 -1
- data/lib/symmetric_encryption/keystore/memory.rb +1 -1
- data/lib/symmetric_encryption/version.rb +1 -1
- metadata +4 -56
- data/test/active_record_test.rb +0 -605
- data/test/cipher_test.rb +0 -216
- data/test/config/database.yml +0 -5
- data/test/config/empty.csv +0 -0
- data/test/config/mongo_mapper.yml +0 -7
- data/test/config/mongoid.yml +0 -9
- data/test/config/symmetric-encryption.yml +0 -144
- data/test/config/test_new.iv +0 -4
- data/test/config/test_new.key +0 -2
- data/test/config/test_secondary_1.iv +0 -1
- data/test/config/test_secondary_1.key +0 -2
- data/test/encoder_test.rb +0 -59
- data/test/header_test.rb +0 -214
- data/test/key_test.rb +0 -81
- data/test/keystore/aws_test.rb +0 -133
- data/test/keystore/environment_test.rb +0 -70
- data/test/keystore/file_test.rb +0 -85
- data/test/keystore/heroku_test.rb +0 -70
- data/test/keystore_test.rb +0 -254
- data/test/mongoid_test.rb +0 -595
- data/test/reader_test.rb +0 -334
- data/test/symmetric_encryption_test.rb +0 -239
- data/test/test_db.sqlite3 +0 -0
- data/test/test_helper.rb +0 -12
- data/test/utils/aws_test.rb +0 -74
- data/test/writer_test.rb +0 -79
data/test/cipher_test.rb
DELETED
@@ -1,216 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
# Tests for SymmetricEncryption::Cipher
|
4
|
-
class CipherTest < Minitest::Test
|
5
|
-
['aes-128-cbc'].each do |cipher_name|
|
6
|
-
# ['aes-128-cbc', 'aes-128-gcm'].each do |cipher_name|
|
7
|
-
describe "Cipher: #{cipher_name}" do
|
8
|
-
describe 'standalone' do
|
9
|
-
it 'allows setting the cipher_name' do
|
10
|
-
cipher = SymmetricEncryption::Cipher.new(
|
11
|
-
cipher_name: cipher_name,
|
12
|
-
key: '1234567890ABCDEF',
|
13
|
-
iv: '1234567890ABCDEF',
|
14
|
-
encoding: :none
|
15
|
-
)
|
16
|
-
assert_equal cipher_name, cipher.cipher_name
|
17
|
-
end
|
18
|
-
|
19
|
-
it 'does not require an iv' do
|
20
|
-
cipher = SymmetricEncryption::Cipher.new(
|
21
|
-
key: '1234567890ABCDEF',
|
22
|
-
cipher_name: cipher_name,
|
23
|
-
encoding: :none,
|
24
|
-
always_add_header: false
|
25
|
-
)
|
26
|
-
assert result = cipher.encrypt('Hello World')
|
27
|
-
assert_equal 'Hello World', cipher.decrypt(result)
|
28
|
-
end
|
29
|
-
|
30
|
-
it 'throw an exception on bad data' do
|
31
|
-
cipher = SymmetricEncryption::Cipher.new(
|
32
|
-
cipher_name: cipher_name,
|
33
|
-
key: '1234567890ABCDEF',
|
34
|
-
iv: '1234567890ABCDEF',
|
35
|
-
encoding: :none
|
36
|
-
)
|
37
|
-
assert_raises OpenSSL::Cipher::CipherError do
|
38
|
-
cipher.decrypt('bad data')
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
[false, true].each do |always_add_header|
|
44
|
-
%i[none base64 base64strict base16].each do |encoding|
|
45
|
-
describe "encoding: #{encoding} with#{'out' unless always_add_header} header" do
|
46
|
-
before do
|
47
|
-
@social_security_number = '987654321'
|
48
|
-
@encrypted_values = {
|
49
|
-
'aes-128-cbc' => {
|
50
|
-
base64: {
|
51
|
-
header: "QEVuQwAAyTeLjsHTa8ykoO95K0KQmg==\n",
|
52
|
-
no_header: "yTeLjsHTa8ykoO95K0KQmg==\n"
|
53
|
-
},
|
54
|
-
base64strict: {
|
55
|
-
header: 'QEVuQwAAyTeLjsHTa8ykoO95K0KQmg==',
|
56
|
-
no_header: 'yTeLjsHTa8ykoO95K0KQmg=='
|
57
|
-
},
|
58
|
-
base16: {
|
59
|
-
header: '40456e430000c9378b8ec1d36bcca4a0ef792b42909a',
|
60
|
-
no_header: 'c9378b8ec1d36bcca4a0ef792b42909a'
|
61
|
-
},
|
62
|
-
none: {
|
63
|
-
header: "@EnC\x00\x00\xC97\x8B\x8E\xC1\xD3k\xCC\xA4\xA0\xEFy+B\x90\x9A",
|
64
|
-
no_header: "\xC97\x8B\x8E\xC1\xD3k\xCC\xA4\xA0\xEFy+B\x90\x9A"
|
65
|
-
}
|
66
|
-
},
|
67
|
-
# 'aes-128-gcm' => {
|
68
|
-
# base64: {
|
69
|
-
# header: "QEVuQwAAOcqz9UDbd1Sn\n",
|
70
|
-
# no_header: "Ocqz9UDbd1Sn\n"
|
71
|
-
# },
|
72
|
-
# base64strict: {
|
73
|
-
# header: 'QEVuQwAAOcqz9UDbd1Sn',
|
74
|
-
# no_header: 'Ocqz9UDbd1Sn'
|
75
|
-
# },
|
76
|
-
# base16: {
|
77
|
-
# header: '40456e43000039cab3f540db7754a7',
|
78
|
-
# no_header: '39cab3f540db7754a7'
|
79
|
-
# },
|
80
|
-
# none: {
|
81
|
-
# header: "@EnC\x00\x009\xCA\xB3\xF5@\xDBwT\xA7",
|
82
|
-
# no_header: "9\xCA\xB3\xF5@\xDBwT\xA7"
|
83
|
-
# },
|
84
|
-
# }
|
85
|
-
}
|
86
|
-
|
87
|
-
@non_utf8 = "\xc2".force_encoding('binary')
|
88
|
-
@cipher = SymmetricEncryption::Cipher.new(
|
89
|
-
key: 'ABCDEF1234567890',
|
90
|
-
iv: 'ABCDEF1234567890',
|
91
|
-
cipher_name: cipher_name,
|
92
|
-
encoding: encoding,
|
93
|
-
always_add_header: always_add_header
|
94
|
-
)
|
95
|
-
|
96
|
-
h = @encrypted_values[cipher_name][encoding] if @encrypted_values[cipher_name]
|
97
|
-
skip "Add @encrypted_values for cipher_name: #{cipher_name} and encoding: #{encoding}, value: #{@cipher.encrypt(@social_security_number).inspect}" unless h
|
98
|
-
@social_security_number_encrypted = h[always_add_header ? :header : :no_header]
|
99
|
-
|
100
|
-
@social_security_number_encrypted.force_encoding(Encoding.find('binary')) if encoding == :none
|
101
|
-
end
|
102
|
-
|
103
|
-
it 'encrypt simple string' do
|
104
|
-
assert encrypted = @cipher.encrypt(@social_security_number)
|
105
|
-
assert_equal @social_security_number_encrypted, encrypted
|
106
|
-
end
|
107
|
-
|
108
|
-
it 'decrypt string' do
|
109
|
-
assert decrypted = @cipher.decrypt(@social_security_number_encrypted)
|
110
|
-
assert_equal @social_security_number, decrypted
|
111
|
-
assert_equal Encoding.find('utf-8'), decrypted.encoding, decrypted
|
112
|
-
end
|
113
|
-
|
114
|
-
it 'encrypt and decrypt string' do
|
115
|
-
assert encrypted = @cipher.encrypt(@social_security_number)
|
116
|
-
assert_equal @social_security_number_encrypted, encrypted
|
117
|
-
assert decrypted = @cipher.decrypt(encrypted)
|
118
|
-
assert_equal @social_security_number, decrypted
|
119
|
-
assert_equal Encoding.find('utf-8'), decrypted.encoding, decrypted
|
120
|
-
end
|
121
|
-
|
122
|
-
it 'return BINARY encoding for non-UTF-8 encrypted data' do
|
123
|
-
assert_equal Encoding.find('binary'), @non_utf8.encoding
|
124
|
-
assert_equal true, @non_utf8.valid_encoding?
|
125
|
-
assert encrypted = @cipher.encrypt(@non_utf8)
|
126
|
-
assert decrypted = @cipher.decrypt(encrypted)
|
127
|
-
assert_equal true, decrypted.valid_encoding?
|
128
|
-
assert_equal Encoding.find('binary'), decrypted.encoding, decrypted
|
129
|
-
assert_equal @non_utf8, decrypted
|
130
|
-
end
|
131
|
-
|
132
|
-
it 'return nil when encrypting nil' do
|
133
|
-
assert_nil @cipher.encrypt(nil)
|
134
|
-
end
|
135
|
-
|
136
|
-
it "return '' when encrypting ''" do
|
137
|
-
assert_equal '', @cipher.encrypt('')
|
138
|
-
end
|
139
|
-
|
140
|
-
it 'return nil when decrypting nil' do
|
141
|
-
assert_nil @cipher.decrypt(nil)
|
142
|
-
end
|
143
|
-
|
144
|
-
it "return '' when decrypting ''" do
|
145
|
-
assert_equal '', @cipher.decrypt('')
|
146
|
-
end
|
147
|
-
end
|
148
|
-
end
|
149
|
-
end
|
150
|
-
|
151
|
-
describe 'with configuration' do
|
152
|
-
before do
|
153
|
-
@cipher = SymmetricEncryption::Cipher.new(
|
154
|
-
key: '1234567890ABCDEF',
|
155
|
-
iv: '1234567890ABCDEF',
|
156
|
-
cipher_name: 'aes-128-cbc',
|
157
|
-
encoding: :none
|
158
|
-
)
|
159
|
-
@social_security_number = '987654321'
|
160
|
-
|
161
|
-
@social_security_number_encrypted = "A\335*\314\336\250V\340\023%\000S\177\305\372\266"
|
162
|
-
@social_security_number_encrypted.force_encoding('binary')
|
163
|
-
|
164
|
-
@sample_data = [
|
165
|
-
{text: '555052345', encrypted: ''}
|
166
|
-
]
|
167
|
-
end
|
168
|
-
|
169
|
-
describe 'with header' do
|
170
|
-
before do
|
171
|
-
@social_security_number = '987654321'
|
172
|
-
end
|
173
|
-
|
174
|
-
it 'build and parse header' do
|
175
|
-
key = SymmetricEncryption::Key.new(cipher_name: 'aes-128-cbc')
|
176
|
-
# Test Deprecated method
|
177
|
-
binary_header = SymmetricEncryption::Cipher.build_header(
|
178
|
-
SymmetricEncryption.cipher.version,
|
179
|
-
true,
|
180
|
-
key.iv,
|
181
|
-
key.key,
|
182
|
-
key.cipher_name
|
183
|
-
)
|
184
|
-
header = SymmetricEncryption::Header.new
|
185
|
-
header.parse(binary_header)
|
186
|
-
assert_equal true, header.compressed?
|
187
|
-
assert random_cipher = SymmetricEncryption::Cipher.new(iv: key.iv, key: key.key, cipher_name: key.cipher_name)
|
188
|
-
assert_equal random_cipher.cipher_name, header.cipher_name, 'Ciphers differ'
|
189
|
-
assert_equal random_cipher.send(:key), header.key, 'Keys differ'
|
190
|
-
assert_equal random_cipher.send(:iv), header.iv, 'IVs differ'
|
191
|
-
|
192
|
-
string = 'Hello World'
|
193
|
-
cipher = SymmetricEncryption::Cipher.new(key: header.key, iv: header.iv, cipher_name: header.cipher_name)
|
194
|
-
# Test Encryption
|
195
|
-
assert_equal random_cipher.encrypt(string), cipher.encrypt(string), 'Encrypted values differ'
|
196
|
-
end
|
197
|
-
|
198
|
-
it 'encrypt and then decrypt without a header' do
|
199
|
-
assert encrypted = @cipher.binary_encrypt(@social_security_number, header: false)
|
200
|
-
assert_equal @social_security_number, @cipher.decrypt(encrypted)
|
201
|
-
end
|
202
|
-
|
203
|
-
it 'encrypt and then decrypt using random iv' do
|
204
|
-
assert encrypted = @cipher.encrypt(@social_security_number, random_iv: true)
|
205
|
-
assert_equal @social_security_number, @cipher.decrypt(encrypted)
|
206
|
-
end
|
207
|
-
|
208
|
-
it 'encrypt and then decrypt using random iv with compression' do
|
209
|
-
assert encrypted = @cipher.encrypt(@social_security_number, random_iv: true, compress: true)
|
210
|
-
assert_equal @social_security_number, @cipher.decrypt(encrypted)
|
211
|
-
end
|
212
|
-
end
|
213
|
-
end
|
214
|
-
end
|
215
|
-
end
|
216
|
-
end
|
data/test/config/database.yml
DELETED
data/test/config/empty.csv
DELETED
File without changes
|
data/test/config/mongoid.yml
DELETED
@@ -1,144 +0,0 @@
|
|
1
|
-
# This file was auto generated by symmetric-encryption.
|
2
|
-
# Recommend using symmetric-encryption to make changes.
|
3
|
-
# For more info, run:
|
4
|
-
# symmetric-encryption --help
|
5
|
-
#
|
6
|
-
---
|
7
|
-
test:
|
8
|
-
ciphers:
|
9
|
-
- key_filename: test/config/test_new.key
|
10
|
-
iv_filename: test/config/test_new.iv
|
11
|
-
cipher_name: aes-128-cbc
|
12
|
-
encoding: base64strict
|
13
|
-
version: 2
|
14
|
-
always_add_header: true
|
15
|
-
key_encrypting_key: |
|
16
|
-
-----BEGIN RSA PRIVATE KEY-----
|
17
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
18
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
19
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
20
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
21
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
22
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
23
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
24
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
25
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
26
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
27
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
28
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
29
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
30
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
31
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
32
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
33
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
34
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
35
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
36
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
37
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
38
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
39
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
40
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
41
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
42
|
-
-----END RSA PRIVATE KEY-----
|
43
|
-
- key: 6BCDEF1234567890ABCDEF1234567890
|
44
|
-
iv: 6BCDEF1234567890
|
45
|
-
cipher_name: aes-256-cbc
|
46
|
-
version: 6
|
47
|
-
encoding: base64strict
|
48
|
-
always_add_header: true
|
49
|
-
key_encrypting_key: |
|
50
|
-
-----BEGIN RSA PRIVATE KEY-----
|
51
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
52
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
53
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
54
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
55
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
56
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
57
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
58
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
59
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
60
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
61
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
62
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
63
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
64
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
65
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
66
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
67
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
68
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
69
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
70
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
71
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
72
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
73
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
74
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
75
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
76
|
-
-----END RSA PRIVATE KEY-----
|
77
|
-
- encrypted_key: xFAsZ73PThktyo76PoNQGYnjCJUAd4+Yaz71bO5FajshXsbjkfZjjvbK9hxzWLr+C7X67hcrTypVHB1Rw0De8lRDqexlc87sTx1wtlz70lOvTBXt9Lv4sbJNLxacuqk545LIJpgK02Dq7FGzACV3jb3Yk+QQngiscETYM6PyiuFpReFB0qFOgCSLeBJsXAdNdqkEZggl8PL+lGDueDGeKUng+Ic/AFWPhJGYkk3xV++AGwUFXdDQeuHllxmV9WlzriHnDwzbfugkfGaRjWn808VXrv9Jgf2yRy++gOYUvRnjZ1ltOgXUEEmBVF2Uvhu+zs6C/D4cb1mkR7911M5naA==
|
78
|
-
iv: 1234567890ABCDEF
|
79
|
-
cipher_name: aes-128-cbc
|
80
|
-
encoding: base64strict
|
81
|
-
version: 1
|
82
|
-
always_add_header: false
|
83
|
-
key_encrypting_key: |
|
84
|
-
-----BEGIN RSA PRIVATE KEY-----
|
85
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
86
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
87
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
88
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
89
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
90
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
91
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
92
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
93
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
94
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
95
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
96
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
97
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
98
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
99
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
100
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
101
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
102
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
103
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
104
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
105
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
106
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
107
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
108
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
109
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
110
|
-
-----END RSA PRIVATE KEY-----
|
111
|
-
- key_filename: test/config/test_secondary_1.key
|
112
|
-
iv_filename: test/config/test_secondary_1.iv
|
113
|
-
cipher_name: aes-128-cbc
|
114
|
-
encoding: base64
|
115
|
-
version: 0
|
116
|
-
always_add_header: false
|
117
|
-
key_encrypting_key: |
|
118
|
-
-----BEGIN RSA PRIVATE KEY-----
|
119
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
120
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
121
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
122
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
123
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
124
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
125
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
126
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
127
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
128
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
129
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
130
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
131
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
132
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
133
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
134
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
135
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
136
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
137
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
138
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
139
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
140
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
141
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
142
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
143
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
144
|
-
-----END RSA PRIVATE KEY-----
|
data/test/config/test_new.iv
DELETED
data/test/config/test_new.key
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
N�ʤd�X0��Vܝ���5]��$�y؎��=���Mq>�pP����gY���}+_�0�)�6���{�F�gN���#��Gρ'�۪���Q�I-�+f���S��~�x|t����C~�h�t8l��V簤�z+�ĺO�MKz"7N��?<�?ր�5B��D�<mq!ۺcHwHcH��?�]/_�s���[��iH^:��ٰ�{V�|�C~y\�B�y Fc,8i�5��r�ƍQ<첀
|
data/test/encoder_test.rb
DELETED
@@ -1,59 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
# Unit Test for SymmetricEncryption
|
4
|
-
#
|
5
|
-
class EncoderTest < Minitest::Test
|
6
|
-
describe SymmetricEncryption::Encoder do
|
7
|
-
%i[none base64 base64strict base16].each do |encoding|
|
8
|
-
describe "encoding: #{encoding}" do
|
9
|
-
before do
|
10
|
-
@data = '987654321'
|
11
|
-
@data_encoded =
|
12
|
-
case encoding
|
13
|
-
when :base64
|
14
|
-
"OTg3NjU0MzIx\n"
|
15
|
-
when :base64strict
|
16
|
-
'OTg3NjU0MzIx'
|
17
|
-
when :base16
|
18
|
-
'393837363534333231'
|
19
|
-
when :none
|
20
|
-
@data
|
21
|
-
end
|
22
|
-
@encoder = SymmetricEncryption::Encoder[encoding]
|
23
|
-
@non_utf8 = "\xc2".force_encoding('binary')
|
24
|
-
end
|
25
|
-
|
26
|
-
it 'correctly encodes' do
|
27
|
-
assert_equal @data_encoded, @encoder.encode(@data)
|
28
|
-
assert_equal Encoding.find('UTF-8'), @data_encoded.encoding
|
29
|
-
end
|
30
|
-
|
31
|
-
it 'return BINARY encoding for non-UTF-8 data' do
|
32
|
-
assert_equal Encoding.find('binary'), @non_utf8.encoding
|
33
|
-
assert @non_utf8.valid_encoding?
|
34
|
-
assert encoded = @encoder.encode(@non_utf8)
|
35
|
-
assert decoded = @encoder.decode(encoded)
|
36
|
-
assert decoded.valid_encoding?
|
37
|
-
assert_equal Encoding.find('binary'), decoded.encoding, decoded
|
38
|
-
assert_equal @non_utf8, decoded
|
39
|
-
end
|
40
|
-
|
41
|
-
it 'return nil when encoding nil' do
|
42
|
-
assert_nil @encoder.encode(nil)
|
43
|
-
end
|
44
|
-
|
45
|
-
it "return '' when encoding ''" do
|
46
|
-
assert_equal '', @encoder.encode('')
|
47
|
-
end
|
48
|
-
|
49
|
-
it 'return nil when decoding nil' do
|
50
|
-
assert_nil @encoder.decode(nil)
|
51
|
-
end
|
52
|
-
|
53
|
-
it "return '' when decoding ''" do
|
54
|
-
assert_equal '', @encoder.decode('')
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
data/test/header_test.rb
DELETED
@@ -1,214 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
class CipherTest < Minitest::Test
|
4
|
-
describe SymmetricEncryption::Header do
|
5
|
-
let :clear_value do
|
6
|
-
'Hello World'
|
7
|
-
end
|
8
|
-
|
9
|
-
let :random_iv do
|
10
|
-
false
|
11
|
-
end
|
12
|
-
|
13
|
-
let :compress do
|
14
|
-
false
|
15
|
-
end
|
16
|
-
|
17
|
-
let :binary_encrypted_value do
|
18
|
-
SymmetricEncryption.cipher.binary_encrypt(clear_value, random_iv: random_iv, compress: compress)
|
19
|
-
end
|
20
|
-
|
21
|
-
let :header do
|
22
|
-
header = SymmetricEncryption::Header.new
|
23
|
-
header.parse(binary_encrypted_value)
|
24
|
-
header
|
25
|
-
end
|
26
|
-
|
27
|
-
describe '#new' do
|
28
|
-
it 'sets defaults' do
|
29
|
-
header = SymmetricEncryption::Header.new
|
30
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
31
|
-
refute header.compressed?
|
32
|
-
refute header.iv
|
33
|
-
refute header.key
|
34
|
-
refute header.cipher_name
|
35
|
-
refute header.auth_tag
|
36
|
-
end
|
37
|
-
end
|
38
|
-
|
39
|
-
describe '.present?' do
|
40
|
-
it 'has a header' do
|
41
|
-
assert SymmetricEncryption::Header.present?(binary_encrypted_value)
|
42
|
-
end
|
43
|
-
|
44
|
-
it 'does not have a header' do
|
45
|
-
refute SymmetricEncryption::Header.present?(clear_value)
|
46
|
-
end
|
47
|
-
|
48
|
-
it 'does not have a header when nil' do
|
49
|
-
refute SymmetricEncryption::Header.present?(nil)
|
50
|
-
end
|
51
|
-
|
52
|
-
it 'does not have a header when empty string' do
|
53
|
-
refute SymmetricEncryption::Header.present?('')
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
describe '#cipher' do
|
58
|
-
it 'returns the global cipher used to encrypt the value' do
|
59
|
-
assert_equal SymmetricEncryption.cipher, header.cipher
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
|
-
describe '#version' do
|
64
|
-
it 'returns the global cipher used to encrypt the value' do
|
65
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
describe '#cipher_name' do
|
70
|
-
it 'returns nil when cipher name was not overridden' do
|
71
|
-
assert_nil header.cipher_name
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
describe '#key' do
|
76
|
-
it 'returns nil when key was not overridden' do
|
77
|
-
assert_nil header.key
|
78
|
-
end
|
79
|
-
end
|
80
|
-
|
81
|
-
describe '#compress' do
|
82
|
-
it 'encrypted string' do
|
83
|
-
refute header.compressed?
|
84
|
-
end
|
85
|
-
|
86
|
-
describe 'with compression' do
|
87
|
-
let :compress do
|
88
|
-
true
|
89
|
-
end
|
90
|
-
|
91
|
-
it 'encrypted string' do
|
92
|
-
assert header.compressed?
|
93
|
-
end
|
94
|
-
end
|
95
|
-
end
|
96
|
-
|
97
|
-
describe '#to_s' do
|
98
|
-
end
|
99
|
-
|
100
|
-
describe '#parse' do
|
101
|
-
it 'nil string' do
|
102
|
-
header = SymmetricEncryption::Header.new
|
103
|
-
assert_equal 0, header.parse(nil)
|
104
|
-
end
|
105
|
-
|
106
|
-
it 'empty string' do
|
107
|
-
header = SymmetricEncryption::Header.new
|
108
|
-
assert_equal 0, header.parse('')
|
109
|
-
end
|
110
|
-
|
111
|
-
it 'unencrypted string' do
|
112
|
-
header = SymmetricEncryption::Header.new
|
113
|
-
assert_equal 0, header.parse('hello there')
|
114
|
-
end
|
115
|
-
|
116
|
-
it 'encrypted string' do
|
117
|
-
header = SymmetricEncryption::Header.new
|
118
|
-
assert_equal 6, header.parse(binary_encrypted_value)
|
119
|
-
end
|
120
|
-
|
121
|
-
describe 'with random_iv' do
|
122
|
-
let :random_iv do
|
123
|
-
true
|
124
|
-
end
|
125
|
-
|
126
|
-
it 'encrypted string' do
|
127
|
-
header = SymmetricEncryption::Header.new
|
128
|
-
assert_equal 24, header.parse(binary_encrypted_value)
|
129
|
-
end
|
130
|
-
|
131
|
-
describe 'with compression' do
|
132
|
-
let :compress do
|
133
|
-
true
|
134
|
-
end
|
135
|
-
|
136
|
-
it 'encrypted string' do
|
137
|
-
assert header.compressed?
|
138
|
-
end
|
139
|
-
end
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
describe '#parse!' do
|
144
|
-
it 'nil string' do
|
145
|
-
header = SymmetricEncryption::Header.new
|
146
|
-
assert_nil header.parse!(nil)
|
147
|
-
end
|
148
|
-
|
149
|
-
it 'empty string' do
|
150
|
-
header = SymmetricEncryption::Header.new
|
151
|
-
assert_nil header.parse!('')
|
152
|
-
end
|
153
|
-
|
154
|
-
it 'unencrypted string' do
|
155
|
-
header = SymmetricEncryption::Header.new
|
156
|
-
assert_nil header.parse!('hello there')
|
157
|
-
end
|
158
|
-
|
159
|
-
it 'encrypted string' do
|
160
|
-
header = SymmetricEncryption::Header.new
|
161
|
-
remainder = header.parse!(binary_encrypted_value.dup)
|
162
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
163
|
-
refute header.compressed?
|
164
|
-
refute header.iv
|
165
|
-
refute header.key
|
166
|
-
refute header.cipher_name
|
167
|
-
refute header.auth_tag
|
168
|
-
|
169
|
-
# Decrypt with this new header
|
170
|
-
encrypted_without_header = SymmetricEncryption.cipher.binary_encrypt(clear_value, header: false)
|
171
|
-
assert_equal encrypted_without_header, remainder
|
172
|
-
|
173
|
-
assert_equal clear_value, SymmetricEncryption.cipher.binary_decrypt(remainder, header: header)
|
174
|
-
end
|
175
|
-
|
176
|
-
describe 'with random_iv' do
|
177
|
-
let :random_iv do
|
178
|
-
true
|
179
|
-
end
|
180
|
-
|
181
|
-
it 'encrypted string' do
|
182
|
-
header = SymmetricEncryption::Header.new
|
183
|
-
assert remainder = header.parse!(binary_encrypted_value)
|
184
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
185
|
-
refute header.compressed?
|
186
|
-
assert header.iv
|
187
|
-
refute header.key
|
188
|
-
refute header.cipher_name
|
189
|
-
refute header.auth_tag
|
190
|
-
assert_equal clear_value, SymmetricEncryption.cipher.binary_decrypt(remainder, header: header)
|
191
|
-
end
|
192
|
-
end
|
193
|
-
end
|
194
|
-
|
195
|
-
describe '#iv' do
|
196
|
-
it 'encrypted string' do
|
197
|
-
header = SymmetricEncryption::Header.new
|
198
|
-
header.parse(binary_encrypted_value)
|
199
|
-
assert_nil header.iv
|
200
|
-
end
|
201
|
-
|
202
|
-
describe 'with random_iv' do
|
203
|
-
let :random_iv do
|
204
|
-
true
|
205
|
-
end
|
206
|
-
|
207
|
-
it 'encrypted string' do
|
208
|
-
assert header.iv
|
209
|
-
refute_equal SymmetricEncryption.cipher.iv, header.iv
|
210
|
-
end
|
211
|
-
end
|
212
|
-
end
|
213
|
-
end
|
214
|
-
end
|