symmetric-encryption 4.1.1 → 4.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/symmetric_encryption/cli.rb +2 -2
- data/lib/symmetric_encryption/encoder.rb +2 -2
- data/lib/symmetric_encryption/generator.rb +4 -4
- data/lib/symmetric_encryption/keystore/aws.rb +2 -1
- data/lib/symmetric_encryption/keystore/environment.rb +1 -1
- data/lib/symmetric_encryption/keystore/file.rb +1 -1
- data/lib/symmetric_encryption/keystore/memory.rb +1 -1
- data/lib/symmetric_encryption/version.rb +1 -1
- metadata +4 -56
- data/test/active_record_test.rb +0 -605
- data/test/cipher_test.rb +0 -216
- data/test/config/database.yml +0 -5
- data/test/config/empty.csv +0 -0
- data/test/config/mongo_mapper.yml +0 -7
- data/test/config/mongoid.yml +0 -9
- data/test/config/symmetric-encryption.yml +0 -144
- data/test/config/test_new.iv +0 -4
- data/test/config/test_new.key +0 -2
- data/test/config/test_secondary_1.iv +0 -1
- data/test/config/test_secondary_1.key +0 -2
- data/test/encoder_test.rb +0 -59
- data/test/header_test.rb +0 -214
- data/test/key_test.rb +0 -81
- data/test/keystore/aws_test.rb +0 -133
- data/test/keystore/environment_test.rb +0 -70
- data/test/keystore/file_test.rb +0 -85
- data/test/keystore/heroku_test.rb +0 -70
- data/test/keystore_test.rb +0 -254
- data/test/mongoid_test.rb +0 -595
- data/test/reader_test.rb +0 -334
- data/test/symmetric_encryption_test.rb +0 -239
- data/test/test_db.sqlite3 +0 -0
- data/test/test_helper.rb +0 -12
- data/test/utils/aws_test.rb +0 -74
- data/test/writer_test.rb +0 -79
data/test/cipher_test.rb
DELETED
@@ -1,216 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
# Tests for SymmetricEncryption::Cipher
|
4
|
-
class CipherTest < Minitest::Test
|
5
|
-
['aes-128-cbc'].each do |cipher_name|
|
6
|
-
# ['aes-128-cbc', 'aes-128-gcm'].each do |cipher_name|
|
7
|
-
describe "Cipher: #{cipher_name}" do
|
8
|
-
describe 'standalone' do
|
9
|
-
it 'allows setting the cipher_name' do
|
10
|
-
cipher = SymmetricEncryption::Cipher.new(
|
11
|
-
cipher_name: cipher_name,
|
12
|
-
key: '1234567890ABCDEF',
|
13
|
-
iv: '1234567890ABCDEF',
|
14
|
-
encoding: :none
|
15
|
-
)
|
16
|
-
assert_equal cipher_name, cipher.cipher_name
|
17
|
-
end
|
18
|
-
|
19
|
-
it 'does not require an iv' do
|
20
|
-
cipher = SymmetricEncryption::Cipher.new(
|
21
|
-
key: '1234567890ABCDEF',
|
22
|
-
cipher_name: cipher_name,
|
23
|
-
encoding: :none,
|
24
|
-
always_add_header: false
|
25
|
-
)
|
26
|
-
assert result = cipher.encrypt('Hello World')
|
27
|
-
assert_equal 'Hello World', cipher.decrypt(result)
|
28
|
-
end
|
29
|
-
|
30
|
-
it 'throw an exception on bad data' do
|
31
|
-
cipher = SymmetricEncryption::Cipher.new(
|
32
|
-
cipher_name: cipher_name,
|
33
|
-
key: '1234567890ABCDEF',
|
34
|
-
iv: '1234567890ABCDEF',
|
35
|
-
encoding: :none
|
36
|
-
)
|
37
|
-
assert_raises OpenSSL::Cipher::CipherError do
|
38
|
-
cipher.decrypt('bad data')
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
[false, true].each do |always_add_header|
|
44
|
-
%i[none base64 base64strict base16].each do |encoding|
|
45
|
-
describe "encoding: #{encoding} with#{'out' unless always_add_header} header" do
|
46
|
-
before do
|
47
|
-
@social_security_number = '987654321'
|
48
|
-
@encrypted_values = {
|
49
|
-
'aes-128-cbc' => {
|
50
|
-
base64: {
|
51
|
-
header: "QEVuQwAAyTeLjsHTa8ykoO95K0KQmg==\n",
|
52
|
-
no_header: "yTeLjsHTa8ykoO95K0KQmg==\n"
|
53
|
-
},
|
54
|
-
base64strict: {
|
55
|
-
header: 'QEVuQwAAyTeLjsHTa8ykoO95K0KQmg==',
|
56
|
-
no_header: 'yTeLjsHTa8ykoO95K0KQmg=='
|
57
|
-
},
|
58
|
-
base16: {
|
59
|
-
header: '40456e430000c9378b8ec1d36bcca4a0ef792b42909a',
|
60
|
-
no_header: 'c9378b8ec1d36bcca4a0ef792b42909a'
|
61
|
-
},
|
62
|
-
none: {
|
63
|
-
header: "@EnC\x00\x00\xC97\x8B\x8E\xC1\xD3k\xCC\xA4\xA0\xEFy+B\x90\x9A",
|
64
|
-
no_header: "\xC97\x8B\x8E\xC1\xD3k\xCC\xA4\xA0\xEFy+B\x90\x9A"
|
65
|
-
}
|
66
|
-
},
|
67
|
-
# 'aes-128-gcm' => {
|
68
|
-
# base64: {
|
69
|
-
# header: "QEVuQwAAOcqz9UDbd1Sn\n",
|
70
|
-
# no_header: "Ocqz9UDbd1Sn\n"
|
71
|
-
# },
|
72
|
-
# base64strict: {
|
73
|
-
# header: 'QEVuQwAAOcqz9UDbd1Sn',
|
74
|
-
# no_header: 'Ocqz9UDbd1Sn'
|
75
|
-
# },
|
76
|
-
# base16: {
|
77
|
-
# header: '40456e43000039cab3f540db7754a7',
|
78
|
-
# no_header: '39cab3f540db7754a7'
|
79
|
-
# },
|
80
|
-
# none: {
|
81
|
-
# header: "@EnC\x00\x009\xCA\xB3\xF5@\xDBwT\xA7",
|
82
|
-
# no_header: "9\xCA\xB3\xF5@\xDBwT\xA7"
|
83
|
-
# },
|
84
|
-
# }
|
85
|
-
}
|
86
|
-
|
87
|
-
@non_utf8 = "\xc2".force_encoding('binary')
|
88
|
-
@cipher = SymmetricEncryption::Cipher.new(
|
89
|
-
key: 'ABCDEF1234567890',
|
90
|
-
iv: 'ABCDEF1234567890',
|
91
|
-
cipher_name: cipher_name,
|
92
|
-
encoding: encoding,
|
93
|
-
always_add_header: always_add_header
|
94
|
-
)
|
95
|
-
|
96
|
-
h = @encrypted_values[cipher_name][encoding] if @encrypted_values[cipher_name]
|
97
|
-
skip "Add @encrypted_values for cipher_name: #{cipher_name} and encoding: #{encoding}, value: #{@cipher.encrypt(@social_security_number).inspect}" unless h
|
98
|
-
@social_security_number_encrypted = h[always_add_header ? :header : :no_header]
|
99
|
-
|
100
|
-
@social_security_number_encrypted.force_encoding(Encoding.find('binary')) if encoding == :none
|
101
|
-
end
|
102
|
-
|
103
|
-
it 'encrypt simple string' do
|
104
|
-
assert encrypted = @cipher.encrypt(@social_security_number)
|
105
|
-
assert_equal @social_security_number_encrypted, encrypted
|
106
|
-
end
|
107
|
-
|
108
|
-
it 'decrypt string' do
|
109
|
-
assert decrypted = @cipher.decrypt(@social_security_number_encrypted)
|
110
|
-
assert_equal @social_security_number, decrypted
|
111
|
-
assert_equal Encoding.find('utf-8'), decrypted.encoding, decrypted
|
112
|
-
end
|
113
|
-
|
114
|
-
it 'encrypt and decrypt string' do
|
115
|
-
assert encrypted = @cipher.encrypt(@social_security_number)
|
116
|
-
assert_equal @social_security_number_encrypted, encrypted
|
117
|
-
assert decrypted = @cipher.decrypt(encrypted)
|
118
|
-
assert_equal @social_security_number, decrypted
|
119
|
-
assert_equal Encoding.find('utf-8'), decrypted.encoding, decrypted
|
120
|
-
end
|
121
|
-
|
122
|
-
it 'return BINARY encoding for non-UTF-8 encrypted data' do
|
123
|
-
assert_equal Encoding.find('binary'), @non_utf8.encoding
|
124
|
-
assert_equal true, @non_utf8.valid_encoding?
|
125
|
-
assert encrypted = @cipher.encrypt(@non_utf8)
|
126
|
-
assert decrypted = @cipher.decrypt(encrypted)
|
127
|
-
assert_equal true, decrypted.valid_encoding?
|
128
|
-
assert_equal Encoding.find('binary'), decrypted.encoding, decrypted
|
129
|
-
assert_equal @non_utf8, decrypted
|
130
|
-
end
|
131
|
-
|
132
|
-
it 'return nil when encrypting nil' do
|
133
|
-
assert_nil @cipher.encrypt(nil)
|
134
|
-
end
|
135
|
-
|
136
|
-
it "return '' when encrypting ''" do
|
137
|
-
assert_equal '', @cipher.encrypt('')
|
138
|
-
end
|
139
|
-
|
140
|
-
it 'return nil when decrypting nil' do
|
141
|
-
assert_nil @cipher.decrypt(nil)
|
142
|
-
end
|
143
|
-
|
144
|
-
it "return '' when decrypting ''" do
|
145
|
-
assert_equal '', @cipher.decrypt('')
|
146
|
-
end
|
147
|
-
end
|
148
|
-
end
|
149
|
-
end
|
150
|
-
|
151
|
-
describe 'with configuration' do
|
152
|
-
before do
|
153
|
-
@cipher = SymmetricEncryption::Cipher.new(
|
154
|
-
key: '1234567890ABCDEF',
|
155
|
-
iv: '1234567890ABCDEF',
|
156
|
-
cipher_name: 'aes-128-cbc',
|
157
|
-
encoding: :none
|
158
|
-
)
|
159
|
-
@social_security_number = '987654321'
|
160
|
-
|
161
|
-
@social_security_number_encrypted = "A\335*\314\336\250V\340\023%\000S\177\305\372\266"
|
162
|
-
@social_security_number_encrypted.force_encoding('binary')
|
163
|
-
|
164
|
-
@sample_data = [
|
165
|
-
{text: '555052345', encrypted: ''}
|
166
|
-
]
|
167
|
-
end
|
168
|
-
|
169
|
-
describe 'with header' do
|
170
|
-
before do
|
171
|
-
@social_security_number = '987654321'
|
172
|
-
end
|
173
|
-
|
174
|
-
it 'build and parse header' do
|
175
|
-
key = SymmetricEncryption::Key.new(cipher_name: 'aes-128-cbc')
|
176
|
-
# Test Deprecated method
|
177
|
-
binary_header = SymmetricEncryption::Cipher.build_header(
|
178
|
-
SymmetricEncryption.cipher.version,
|
179
|
-
true,
|
180
|
-
key.iv,
|
181
|
-
key.key,
|
182
|
-
key.cipher_name
|
183
|
-
)
|
184
|
-
header = SymmetricEncryption::Header.new
|
185
|
-
header.parse(binary_header)
|
186
|
-
assert_equal true, header.compressed?
|
187
|
-
assert random_cipher = SymmetricEncryption::Cipher.new(iv: key.iv, key: key.key, cipher_name: key.cipher_name)
|
188
|
-
assert_equal random_cipher.cipher_name, header.cipher_name, 'Ciphers differ'
|
189
|
-
assert_equal random_cipher.send(:key), header.key, 'Keys differ'
|
190
|
-
assert_equal random_cipher.send(:iv), header.iv, 'IVs differ'
|
191
|
-
|
192
|
-
string = 'Hello World'
|
193
|
-
cipher = SymmetricEncryption::Cipher.new(key: header.key, iv: header.iv, cipher_name: header.cipher_name)
|
194
|
-
# Test Encryption
|
195
|
-
assert_equal random_cipher.encrypt(string), cipher.encrypt(string), 'Encrypted values differ'
|
196
|
-
end
|
197
|
-
|
198
|
-
it 'encrypt and then decrypt without a header' do
|
199
|
-
assert encrypted = @cipher.binary_encrypt(@social_security_number, header: false)
|
200
|
-
assert_equal @social_security_number, @cipher.decrypt(encrypted)
|
201
|
-
end
|
202
|
-
|
203
|
-
it 'encrypt and then decrypt using random iv' do
|
204
|
-
assert encrypted = @cipher.encrypt(@social_security_number, random_iv: true)
|
205
|
-
assert_equal @social_security_number, @cipher.decrypt(encrypted)
|
206
|
-
end
|
207
|
-
|
208
|
-
it 'encrypt and then decrypt using random iv with compression' do
|
209
|
-
assert encrypted = @cipher.encrypt(@social_security_number, random_iv: true, compress: true)
|
210
|
-
assert_equal @social_security_number, @cipher.decrypt(encrypted)
|
211
|
-
end
|
212
|
-
end
|
213
|
-
end
|
214
|
-
end
|
215
|
-
end
|
216
|
-
end
|
data/test/config/database.yml
DELETED
data/test/config/empty.csv
DELETED
File without changes
|
data/test/config/mongoid.yml
DELETED
@@ -1,144 +0,0 @@
|
|
1
|
-
# This file was auto generated by symmetric-encryption.
|
2
|
-
# Recommend using symmetric-encryption to make changes.
|
3
|
-
# For more info, run:
|
4
|
-
# symmetric-encryption --help
|
5
|
-
#
|
6
|
-
---
|
7
|
-
test:
|
8
|
-
ciphers:
|
9
|
-
- key_filename: test/config/test_new.key
|
10
|
-
iv_filename: test/config/test_new.iv
|
11
|
-
cipher_name: aes-128-cbc
|
12
|
-
encoding: base64strict
|
13
|
-
version: 2
|
14
|
-
always_add_header: true
|
15
|
-
key_encrypting_key: |
|
16
|
-
-----BEGIN RSA PRIVATE KEY-----
|
17
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
18
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
19
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
20
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
21
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
22
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
23
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
24
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
25
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
26
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
27
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
28
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
29
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
30
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
31
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
32
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
33
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
34
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
35
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
36
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
37
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
38
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
39
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
40
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
41
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
42
|
-
-----END RSA PRIVATE KEY-----
|
43
|
-
- key: 6BCDEF1234567890ABCDEF1234567890
|
44
|
-
iv: 6BCDEF1234567890
|
45
|
-
cipher_name: aes-256-cbc
|
46
|
-
version: 6
|
47
|
-
encoding: base64strict
|
48
|
-
always_add_header: true
|
49
|
-
key_encrypting_key: |
|
50
|
-
-----BEGIN RSA PRIVATE KEY-----
|
51
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
52
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
53
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
54
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
55
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
56
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
57
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
58
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
59
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
60
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
61
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
62
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
63
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
64
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
65
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
66
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
67
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
68
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
69
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
70
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
71
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
72
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
73
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
74
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
75
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
76
|
-
-----END RSA PRIVATE KEY-----
|
77
|
-
- encrypted_key: xFAsZ73PThktyo76PoNQGYnjCJUAd4+Yaz71bO5FajshXsbjkfZjjvbK9hxzWLr+C7X67hcrTypVHB1Rw0De8lRDqexlc87sTx1wtlz70lOvTBXt9Lv4sbJNLxacuqk545LIJpgK02Dq7FGzACV3jb3Yk+QQngiscETYM6PyiuFpReFB0qFOgCSLeBJsXAdNdqkEZggl8PL+lGDueDGeKUng+Ic/AFWPhJGYkk3xV++AGwUFXdDQeuHllxmV9WlzriHnDwzbfugkfGaRjWn808VXrv9Jgf2yRy++gOYUvRnjZ1ltOgXUEEmBVF2Uvhu+zs6C/D4cb1mkR7911M5naA==
|
78
|
-
iv: 1234567890ABCDEF
|
79
|
-
cipher_name: aes-128-cbc
|
80
|
-
encoding: base64strict
|
81
|
-
version: 1
|
82
|
-
always_add_header: false
|
83
|
-
key_encrypting_key: |
|
84
|
-
-----BEGIN RSA PRIVATE KEY-----
|
85
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
86
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
87
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
88
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
89
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
90
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
91
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
92
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
93
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
94
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
95
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
96
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
97
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
98
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
99
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
100
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
101
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
102
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
103
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
104
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
105
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
106
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
107
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
108
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
109
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
110
|
-
-----END RSA PRIVATE KEY-----
|
111
|
-
- key_filename: test/config/test_secondary_1.key
|
112
|
-
iv_filename: test/config/test_secondary_1.iv
|
113
|
-
cipher_name: aes-128-cbc
|
114
|
-
encoding: base64
|
115
|
-
version: 0
|
116
|
-
always_add_header: false
|
117
|
-
key_encrypting_key: |
|
118
|
-
-----BEGIN RSA PRIVATE KEY-----
|
119
|
-
MIIEpAIBAAKCAQEAxIL9H/jYUGpA38v6PowRSRJEo3aNVXULNM/QNRpx2DTf++KH
|
120
|
-
6DcuFTFcNSSSxG9n4y7tKi755be8N0uwCCuOzvXqfWmXYjbLwK3Ib2vm0btpHyvA
|
121
|
-
qxgqeJOOCxKdW/cUFLWn0tACUcEjVCNfWEGaFyvkOUuR7Ub9KfhbW9cZO3BxZMUf
|
122
|
-
IPGlHl/gWyf484sXygd+S7cpDTRRzo9RjG74DwfE0MFGf9a1fTkxnSgeOJ6asTOy
|
123
|
-
fp9tEToUlbglKaYGpOGHYQ9TV5ZsyJ9jRUyb4SP5wK2eK6dHTxTcHvT03kD90Hv4
|
124
|
-
WeKIXv3WOjkwNEyMdpnJJfSDb5oquQvCNi7ZSQIDAQABAoIBAQCbzR7TUoBugU+e
|
125
|
-
ICLvpC2wOYOh9kRoFLwlyv3QnH7WZFWRZzFJszYeJ1xr5etXQtyjCnmOkGAg+WOI
|
126
|
-
k8GlOKOpAuA/PpB/leJFiYL4lBwU/PmDdTT0cdx6bMKZlNCeMW8CXGQKiFDOcMqJ
|
127
|
-
0uGtH5YD+RChPIEeFsJxnC8SyZ9/t2ra7XnMGiCZvRXIUDSEIIsRx/mOymJ7bL+h
|
128
|
-
Lbp46IfXf6ZuIzwzoIk0JReV/r+wdmkAVDkrrMkCmVS4/X1wN/Tiik9/yvbsh/CL
|
129
|
-
ztC55eSIEjATkWxnXfPASZN6oUfQPEveGH3HzNjdncjH/Ho8FaNMIAfFpBhhLPi9
|
130
|
-
nG5sbH+BAoGBAOdoUyVoAA/QUa3/FkQaa7Ajjehe5MR5k6VtaGtcxrLiBjrNR7x+
|
131
|
-
nqlZlGvWDMiCz49dgj+G1Qk1bbYrZLRX/Hjeqy5dZOGLMfgf9eKUmS1rDwAzBMcj
|
132
|
-
M9jnnJEBx8HIlNzaR6wzp3GMd0rrccs660A8URvzkgo9qNbvMLq9vyUtAoGBANll
|
133
|
-
SY1Iv9uaIz8klTXU9YzYtsfUmgXzw7K8StPdbEbo8F1J3JPJB4D7QHF0ObIaSWuf
|
134
|
-
suZqLsvWlYGuJeyX2ntlBN82ORfvUdOrdrbDlmPyj4PfFVl0AK3U3Ai374DNrjKR
|
135
|
-
hF6YFm4TLDaJhUjeV5C43kbE1N2FAMS9LYtPJ44NAoGAFDGHZ/E+aCLerddfwwun
|
136
|
-
MBS6MnftcLPHTZ1RimTrNfsBXipBw1ItWEvn5s0kCm9X24PmdNK4TnhqHYaF4DL5
|
137
|
-
ZjbQK1idEA2Mi8GGPIKJJ2x7P6I0HYiV4qy7fe/w1ZlCXE90B7PuPbtrQY9wO7Ll
|
138
|
-
ipJ45X6I1PnyfOcckn8yafUCgYACtPAlgjJhWZn2v03cTbqA9nHQKyV/zXkyUIXd
|
139
|
-
/XPLrjrP7ouAi5A8WuSChR/yx8ECRgrEM65Be3qBEtoGCB4AS1G0NcigM6qhKBFi
|
140
|
-
VS0aMXr3+V8argcUIwJaWW/x+p2go48yXlJpLHPweeXe8mXEt4iM+QZte6p2yKQ4
|
141
|
-
h9PGQQKBgQCqSydmXBnXGIVTp2sH/2GnpxLYnDBpcJE0tM8bJ42HEQQgRThIChsn
|
142
|
-
PnGA91G9MVikYapgI0VYBHQOTsz8rTIUzsKwXG+TIaK+W84nxH5y6jUkjqwxZmAz
|
143
|
-
r1URaMAun2PfAB4g2N/kEZTExgeOGqXjFhvvjdzl97ux2cTyZhaTXg==
|
144
|
-
-----END RSA PRIVATE KEY-----
|
data/test/config/test_new.iv
DELETED
data/test/config/test_new.key
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
N�ʤd�X0��Vܝ���5]��$�y؎��=���Mq>�pP����gY���}+_�0�)�6���{�F�gN���#��Gρ'�۪���Q�I-�+f���S��~�x|t����C~�h�t8l��V簤�z+�ĺO�MKz"7N��?<�?ր�5B��D�<mq!ۺcHwHcH��?�]/_�s���[��iH^:��ٰ�{V�|�C~y\�B�y Fc,8i�5��r�ƍQ<첀
|
data/test/encoder_test.rb
DELETED
@@ -1,59 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
# Unit Test for SymmetricEncryption
|
4
|
-
#
|
5
|
-
class EncoderTest < Minitest::Test
|
6
|
-
describe SymmetricEncryption::Encoder do
|
7
|
-
%i[none base64 base64strict base16].each do |encoding|
|
8
|
-
describe "encoding: #{encoding}" do
|
9
|
-
before do
|
10
|
-
@data = '987654321'
|
11
|
-
@data_encoded =
|
12
|
-
case encoding
|
13
|
-
when :base64
|
14
|
-
"OTg3NjU0MzIx\n"
|
15
|
-
when :base64strict
|
16
|
-
'OTg3NjU0MzIx'
|
17
|
-
when :base16
|
18
|
-
'393837363534333231'
|
19
|
-
when :none
|
20
|
-
@data
|
21
|
-
end
|
22
|
-
@encoder = SymmetricEncryption::Encoder[encoding]
|
23
|
-
@non_utf8 = "\xc2".force_encoding('binary')
|
24
|
-
end
|
25
|
-
|
26
|
-
it 'correctly encodes' do
|
27
|
-
assert_equal @data_encoded, @encoder.encode(@data)
|
28
|
-
assert_equal Encoding.find('UTF-8'), @data_encoded.encoding
|
29
|
-
end
|
30
|
-
|
31
|
-
it 'return BINARY encoding for non-UTF-8 data' do
|
32
|
-
assert_equal Encoding.find('binary'), @non_utf8.encoding
|
33
|
-
assert @non_utf8.valid_encoding?
|
34
|
-
assert encoded = @encoder.encode(@non_utf8)
|
35
|
-
assert decoded = @encoder.decode(encoded)
|
36
|
-
assert decoded.valid_encoding?
|
37
|
-
assert_equal Encoding.find('binary'), decoded.encoding, decoded
|
38
|
-
assert_equal @non_utf8, decoded
|
39
|
-
end
|
40
|
-
|
41
|
-
it 'return nil when encoding nil' do
|
42
|
-
assert_nil @encoder.encode(nil)
|
43
|
-
end
|
44
|
-
|
45
|
-
it "return '' when encoding ''" do
|
46
|
-
assert_equal '', @encoder.encode('')
|
47
|
-
end
|
48
|
-
|
49
|
-
it 'return nil when decoding nil' do
|
50
|
-
assert_nil @encoder.decode(nil)
|
51
|
-
end
|
52
|
-
|
53
|
-
it "return '' when decoding ''" do
|
54
|
-
assert_equal '', @encoder.decode('')
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
data/test/header_test.rb
DELETED
@@ -1,214 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
class CipherTest < Minitest::Test
|
4
|
-
describe SymmetricEncryption::Header do
|
5
|
-
let :clear_value do
|
6
|
-
'Hello World'
|
7
|
-
end
|
8
|
-
|
9
|
-
let :random_iv do
|
10
|
-
false
|
11
|
-
end
|
12
|
-
|
13
|
-
let :compress do
|
14
|
-
false
|
15
|
-
end
|
16
|
-
|
17
|
-
let :binary_encrypted_value do
|
18
|
-
SymmetricEncryption.cipher.binary_encrypt(clear_value, random_iv: random_iv, compress: compress)
|
19
|
-
end
|
20
|
-
|
21
|
-
let :header do
|
22
|
-
header = SymmetricEncryption::Header.new
|
23
|
-
header.parse(binary_encrypted_value)
|
24
|
-
header
|
25
|
-
end
|
26
|
-
|
27
|
-
describe '#new' do
|
28
|
-
it 'sets defaults' do
|
29
|
-
header = SymmetricEncryption::Header.new
|
30
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
31
|
-
refute header.compressed?
|
32
|
-
refute header.iv
|
33
|
-
refute header.key
|
34
|
-
refute header.cipher_name
|
35
|
-
refute header.auth_tag
|
36
|
-
end
|
37
|
-
end
|
38
|
-
|
39
|
-
describe '.present?' do
|
40
|
-
it 'has a header' do
|
41
|
-
assert SymmetricEncryption::Header.present?(binary_encrypted_value)
|
42
|
-
end
|
43
|
-
|
44
|
-
it 'does not have a header' do
|
45
|
-
refute SymmetricEncryption::Header.present?(clear_value)
|
46
|
-
end
|
47
|
-
|
48
|
-
it 'does not have a header when nil' do
|
49
|
-
refute SymmetricEncryption::Header.present?(nil)
|
50
|
-
end
|
51
|
-
|
52
|
-
it 'does not have a header when empty string' do
|
53
|
-
refute SymmetricEncryption::Header.present?('')
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
describe '#cipher' do
|
58
|
-
it 'returns the global cipher used to encrypt the value' do
|
59
|
-
assert_equal SymmetricEncryption.cipher, header.cipher
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
|
-
describe '#version' do
|
64
|
-
it 'returns the global cipher used to encrypt the value' do
|
65
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
describe '#cipher_name' do
|
70
|
-
it 'returns nil when cipher name was not overridden' do
|
71
|
-
assert_nil header.cipher_name
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
describe '#key' do
|
76
|
-
it 'returns nil when key was not overridden' do
|
77
|
-
assert_nil header.key
|
78
|
-
end
|
79
|
-
end
|
80
|
-
|
81
|
-
describe '#compress' do
|
82
|
-
it 'encrypted string' do
|
83
|
-
refute header.compressed?
|
84
|
-
end
|
85
|
-
|
86
|
-
describe 'with compression' do
|
87
|
-
let :compress do
|
88
|
-
true
|
89
|
-
end
|
90
|
-
|
91
|
-
it 'encrypted string' do
|
92
|
-
assert header.compressed?
|
93
|
-
end
|
94
|
-
end
|
95
|
-
end
|
96
|
-
|
97
|
-
describe '#to_s' do
|
98
|
-
end
|
99
|
-
|
100
|
-
describe '#parse' do
|
101
|
-
it 'nil string' do
|
102
|
-
header = SymmetricEncryption::Header.new
|
103
|
-
assert_equal 0, header.parse(nil)
|
104
|
-
end
|
105
|
-
|
106
|
-
it 'empty string' do
|
107
|
-
header = SymmetricEncryption::Header.new
|
108
|
-
assert_equal 0, header.parse('')
|
109
|
-
end
|
110
|
-
|
111
|
-
it 'unencrypted string' do
|
112
|
-
header = SymmetricEncryption::Header.new
|
113
|
-
assert_equal 0, header.parse('hello there')
|
114
|
-
end
|
115
|
-
|
116
|
-
it 'encrypted string' do
|
117
|
-
header = SymmetricEncryption::Header.new
|
118
|
-
assert_equal 6, header.parse(binary_encrypted_value)
|
119
|
-
end
|
120
|
-
|
121
|
-
describe 'with random_iv' do
|
122
|
-
let :random_iv do
|
123
|
-
true
|
124
|
-
end
|
125
|
-
|
126
|
-
it 'encrypted string' do
|
127
|
-
header = SymmetricEncryption::Header.new
|
128
|
-
assert_equal 24, header.parse(binary_encrypted_value)
|
129
|
-
end
|
130
|
-
|
131
|
-
describe 'with compression' do
|
132
|
-
let :compress do
|
133
|
-
true
|
134
|
-
end
|
135
|
-
|
136
|
-
it 'encrypted string' do
|
137
|
-
assert header.compressed?
|
138
|
-
end
|
139
|
-
end
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
describe '#parse!' do
|
144
|
-
it 'nil string' do
|
145
|
-
header = SymmetricEncryption::Header.new
|
146
|
-
assert_nil header.parse!(nil)
|
147
|
-
end
|
148
|
-
|
149
|
-
it 'empty string' do
|
150
|
-
header = SymmetricEncryption::Header.new
|
151
|
-
assert_nil header.parse!('')
|
152
|
-
end
|
153
|
-
|
154
|
-
it 'unencrypted string' do
|
155
|
-
header = SymmetricEncryption::Header.new
|
156
|
-
assert_nil header.parse!('hello there')
|
157
|
-
end
|
158
|
-
|
159
|
-
it 'encrypted string' do
|
160
|
-
header = SymmetricEncryption::Header.new
|
161
|
-
remainder = header.parse!(binary_encrypted_value.dup)
|
162
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
163
|
-
refute header.compressed?
|
164
|
-
refute header.iv
|
165
|
-
refute header.key
|
166
|
-
refute header.cipher_name
|
167
|
-
refute header.auth_tag
|
168
|
-
|
169
|
-
# Decrypt with this new header
|
170
|
-
encrypted_without_header = SymmetricEncryption.cipher.binary_encrypt(clear_value, header: false)
|
171
|
-
assert_equal encrypted_without_header, remainder
|
172
|
-
|
173
|
-
assert_equal clear_value, SymmetricEncryption.cipher.binary_decrypt(remainder, header: header)
|
174
|
-
end
|
175
|
-
|
176
|
-
describe 'with random_iv' do
|
177
|
-
let :random_iv do
|
178
|
-
true
|
179
|
-
end
|
180
|
-
|
181
|
-
it 'encrypted string' do
|
182
|
-
header = SymmetricEncryption::Header.new
|
183
|
-
assert remainder = header.parse!(binary_encrypted_value)
|
184
|
-
assert_equal SymmetricEncryption.cipher.version, header.version
|
185
|
-
refute header.compressed?
|
186
|
-
assert header.iv
|
187
|
-
refute header.key
|
188
|
-
refute header.cipher_name
|
189
|
-
refute header.auth_tag
|
190
|
-
assert_equal clear_value, SymmetricEncryption.cipher.binary_decrypt(remainder, header: header)
|
191
|
-
end
|
192
|
-
end
|
193
|
-
end
|
194
|
-
|
195
|
-
describe '#iv' do
|
196
|
-
it 'encrypted string' do
|
197
|
-
header = SymmetricEncryption::Header.new
|
198
|
-
header.parse(binary_encrypted_value)
|
199
|
-
assert_nil header.iv
|
200
|
-
end
|
201
|
-
|
202
|
-
describe 'with random_iv' do
|
203
|
-
let :random_iv do
|
204
|
-
true
|
205
|
-
end
|
206
|
-
|
207
|
-
it 'encrypted string' do
|
208
|
-
assert header.iv
|
209
|
-
refute_equal SymmetricEncryption.cipher.iv, header.iv
|
210
|
-
end
|
211
|
-
end
|
212
|
-
end
|
213
|
-
end
|
214
|
-
end
|