validas-encrypted_cookie_store 0.4.0

data/.rspec

@@ -0,0 +1,2 @@
+--colour
+--format documentation

data/.travis.yml

@@ -0,0 +1,3 @@
+rvm:
+  - 1.9.2
+  - 1.9.3

data/Gemfile

@@ -0,0 +1,11 @@
+source 'http://rubygems.org'
+
+gem 'rails', '~>3.2.0'
+
+group :development do
+  gem 'rake'
+  gem 'bundler'
+  gem 'rspec', "~> 2.6.0"
+  gem 'jeweler'
+end
+

data/Gemfile.lock

@@ -0,0 +1,104 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionmailer (3.2.8)
+      actionpack (= 3.2.8)
+      mail (~> 2.4.4)
+    actionpack (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      journey (~> 1.0.4)
+      rack (~> 1.4.0)
+      rack-cache (~> 1.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.1.3)
+    activemodel (3.2.8)
+      activesupport (= 3.2.8)
+      builder (~> 3.0.0)
+    activerecord (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
+      arel (~> 3.0.2)
+      tzinfo (~> 0.3.29)
+    activeresource (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
+    activesupport (3.2.8)
+      i18n (~> 0.6)
+      multi_json (~> 1.0)
+    arel (3.0.2)
+    builder (3.0.4)
+    diff-lcs (1.1.3)
+    erubis (2.7.0)
+    git (1.2.5)
+    hike (1.2.1)
+    i18n (0.6.1)
+    jeweler (1.8.4)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+      rdoc
+    journey (1.0.4)
+    json (1.7.5)
+    mail (2.4.4)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.19)
+    multi_json (1.3.6)
+    polyglot (0.3.3)
+    rack (1.4.1)
+    rack-cache (1.2)
+      rack (>= 0.4)
+    rack-ssl (1.3.2)
+      rack
+    rack-test (0.6.2)
+      rack (>= 1.0)
+    rails (3.2.8)
+      actionmailer (= 3.2.8)
+      actionpack (= 3.2.8)
+      activerecord (= 3.2.8)
+      activeresource (= 3.2.8)
+      activesupport (= 3.2.8)
+      bundler (~> 1.0)
+      railties (= 3.2.8)
+    railties (3.2.8)
+      actionpack (= 3.2.8)
+      activesupport (= 3.2.8)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (>= 0.14.6, < 2.0)
+    rake (0.9.2.2)
+    rdoc (3.12)
+      json (~> 1.4)
+    rspec (2.6.0)
+      rspec-core (~> 2.6.0)
+      rspec-expectations (~> 2.6.0)
+      rspec-mocks (~> 2.6.0)
+    rspec-core (2.6.4)
+    rspec-expectations (2.6.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.6.0)
+    sprockets (2.1.3)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    thor (0.16.0)
+    tilt (1.3.3)
+    treetop (1.4.12)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.34)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler
+  jeweler
+  rails (~> 3.2.0)
+  rake
+  rspec (~> 2.6.0)

data/LICENSE.txt

@@ -0,0 +1,25 @@
+Copyright (c) 2009 - 2010 Phusion
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of the Phusion nor the names of its contributors
+      may be used to endorse or promote products derived from this software
+      without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,114 @@
+[![Build Status](https://secure.travis-ci.org/validas/encrypted_cookie_store.png)](http://travis-ci.org/validas/encrypted_cookie_store)
+EncryptedCookieStore
+====================
+EncryptedCookieStore is similar to Ruby on Rails's CookieStore (it saves
+session data in a cookie), but it uses encryption so that people can't read
+what's in the session data. This makes it possible to store sensitive data
+in the session.
+
+This version of EncryptedCookieStore is written for Rails 3.0.0+. It will not work with Rails 3.0.0.beta3 or earlier. It does not yet work with Rails 3.1. It has been tested with:
+
+  * 3.0.0
+  * 3.0.7
+  * 3.0.8.rc4
+
+The original version for Rails 2.3 can be found here: https://github.com/FooBarWidget/encrypted_cookie_store
+
+For a version that probably works with Rails 3.0.0.beta - 3.0.0.beta3, check here: https://github.com/twoism-dev/encrypted_cookie_store
+
+Installation and usage
+----------------------
+
+First, install it:
+
+    gem install scottwb-encrypted_cookie_store
+
+Then, add it to you bundler Gemfile:
+
+    gem 'scottwb-encrypted_cookie_store', :require => 'encrypted_cookie_store'
+
+Then edit `config/initializers/session_store.rb` and set your session store to
+EncryptedCookieStore:
+
+    MyApp::Application.config.session_store(
+      EncryptedCookieStore::EncryptedCookieStore,
+      :key            => '_myapp_session',
+      :encryption_key => '966a4....'
+    )
+
+The encryption key *must* be a hexadecimal string of exactly 32 bytes. It
+should be entirely random, because otherwise it can make the encryption weak.
+
+You can generate a new encryption key by running `rake secret:encryption_key`.
+This command will output a random encryption key that you can then copy and
+paste into your environment.rb.
+
+You also need to make sure you have a secret token defined in `config/initializers/secret_token.rb`, just as you work for the standard CookieStore, e.g.:
+
+    MyApp::Application.config.secret_token = 'f75bb....'
+
+Operational details
+-------------------
+Upon generating cookie data, EncryptedCookieStore generates a new, random
+initialization vector for encrypting the session data. This initialization
+vector is then encrypted with 128-bit AES in ECB mode. The session data is
+first protected with an HMAC to prevent tampering. The session data, along
+with the HMAC, are then encrypted using 256-bit AES in CFB mode with the
+generated initialization vector. This encrypted session data + HMAC are
+then stored, along with the encrypted initialization vector, into the cookie.
+
+Upon unmarshalling the cookie data, EncryptedCookieStore decrypts the
+encrypted initialization vector and use that to decrypt the encrypted
+session data + HMAC. The decrypted session data is then verified against
+the HMAC.
+
+The reason why HMAC verification occurs after decryption instead of before
+decryption is because we want to be able to detect changes to the encryption
+key and changes to the HMAC secret key, as well as migrations from CookieStore.
+Verifying after decryption allows us to automatically invalidate such old
+session cookies.
+
+EncryptedCookieStore is quite fast: it is able to marshal and unmarshal a
+simple session object 5000 times in 8.7 seconds on a MacBook Pro with a 2.4
+Ghz Intel Core 2 Duo (in battery mode). This is about 0.174 ms per
+marshal+unmarshal action. See `rake benchmark` in the EncryptedCookieStore
+sources for details.
+
+EncryptedCookieStore vs other session stores
+--------------------------------------------
+EncryptedCookieStore inherits all the benefits of CookieStore:
+
+ * It works out of the box without the need to setup a seperate data store (e.g. database table, daemon, etc).
+ * It does not require any maintenance. Old, stale sessions do not need to be manually cleaned up, as is the case with PStore and ActiveRecordStore.
+ * Compared to MemCacheStore, EncryptedCookieStore can "hold" an infinite number of sessions at any time.
+ * It can be scaled across multiple servers without any additional setup.
+ * It is fast.
+ * It is more secure than CookieStore because it allows you to store sensitive data in the session.
+
+There are of course drawbacks as well:
+
+ * It is prone to session replay attacks. These kind of attacks are explained in the [Ruby on Rails Security Guide](http://guides.rubyonrails.org/security.html#session-storage). Therefore you should never store anything along the lines of `is_admin` in the session.
+ * You can store at most a little less than 4 KB of data in the session because that's the size limit of a cookie. "A little less" because EncryptedCookieStore also stores a small amount of bookkeeping data in the cookie.
+ * Although encryption makes it more secure than CookieStore, there's still a chance that a bug in EncryptedCookieStore renders it insecure. We welcome everyone to audit this code. There's also a chance that weaknesses in AES are found in the near future which render it insecure. If you are storing *really* sensitive information in the session, e.g. social security numbers, or plans for world domination, then you should consider using ActiveRecordStore or some other server-side store.
+
+JRuby: Illegal Key Size error
+-----------------------------
+If you get this error (and your code works with MRI)...
+
+    Illegal key size
+    
+    [...]/vendor/plugins/encrypted_cookie_store/lib/encrypted_cookie_store.rb:62:in `marshal'
+
+...then it probably means you don't have the "unlimited strength" policy files
+installed for your JVM.
+[Download and install them.](http://www.ngs.ac.uk/tools/jcepolicyfiles)
+You probably have the "strong" version if they are already there.
+
+As a workaround, you can change the cipher type from 256-bit AES to 128-bit by
+inserting the following in `config/initializer/session_store.rb`:
+
+    EncryptedCookieStore.data_cipher_type = 'aes-128-cfb'.freeze  # was 256
+
+Please note that after changing to 128-bit AES, EncryptedCookieStore still
+requires a 32 bytes hexadecimal encryption key, although only half of the key
+is actually used.

data/Rakefile

@@ -0,0 +1,81 @@
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  gem.name              = "validas-encrypted_cookie_store"
+  gem.homepage          = "https://github.com/validas/encrypted_cookie_store"
+  gem.summary           = "A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget"
+  gem.description       = "A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget"
+  gem.email             = "scottwb@gmail.com"
+  gem.authors           = ["FooBarWidget", "Scott W. Bradley", "Validas Engineering Team"]
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = FileList['spec/**/*_spec.rb']
+end
+task :default => :spec
+
+
+desc "Run benchmark"
+task :benchmark do
+  $LOAD_PATH.unshift(File.expand_path("lib"))
+  require 'rubygems'
+  require 'benchmark'
+  require "rails"
+  require 'action_controller'
+  require 'encrypted_cookie_store'
+
+  secret = "b6a30e998806a238c4bad45cc720ed55e56e50d9f00fff58552e78a20fe8262df61" <<
+           "42fcfdb0676018bb9767ed560d4a624fb7f3603b4e53c77ec189ae3853bd1"
+  encryption_key = "dd458e790c3b995e3606384c58efc53da431db892f585aa3ca2a17eabe6df75b"
+  store  = EncryptedCookieStore::EncryptedCookieStore.new(
+    nil,
+    :secret => secret,
+    :key => 'my_app',
+    :encryption_key => encryption_key
+  )
+  object = {
+    :hello => "world",
+    :user_id => 1234,
+    :is_admin => true,
+    :shopping_cart => ["Tea x 1", "Carrots x 13", "Pocky x 20", "Pen x 4"],
+    :session_id => "b6a30e998806a238c4bad45cc720ed55e56e50d9f00ff"
+  }
+  count  = 50_000
+
+  puts "Marshalling and unmarshalling #{count} times..."
+  result = Benchmark.measure do
+    count.times do
+      data = store.send(:set_session, nil, nil, object)
+      store.send(:unmarshal, data)
+    end
+  end
+  puts result
+  printf "%.3f ms per marshal+unmarshal action\n", result.real * 1000 / count
+end
+
+
+require "rdoc/task"
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = "rdoc"
+  rdoc.title    = "validas-encrypted_cookie_store #{version}"
+  rdoc.rdoc_files.include("README*")
+  rdoc.rdoc_files.include("lib/**/*.rb")
+  #rdoc.main = "README.md"
+end

data/VERSION

@@ -0,0 +1 @@
+0.4.0

data/lib/encrypted_cookie_store.rb

@@ -0,0 +1,2 @@
+require 'encrypted_cookie_store/railtie'
+require 'encrypted_cookie_store/encrypted_cookie_store'

data/lib/encrypted_cookie_store/constants.rb

@@ -0,0 +1,3 @@
+module EncryptedCookieStoreConstants
+	ENCRYPTION_KEY_SIZE = 32
+end

data/lib/encrypted_cookie_store/encrypted_cookie_store.rb

@@ -0,0 +1,145 @@
+require 'openssl'
+require 'encrypted_cookie_store/constants'
+
+module EncryptedCookieStore
+  class EncryptedCookieStore < ActionDispatch::Session::CookieStore
+    OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
+    include EncryptedCookieStoreConstants
+
+    class << self
+      attr_accessor :iv_cipher_type
+      attr_accessor :data_cipher_type
+    end
+
+    self.iv_cipher_type   = "aes-128-ecb".freeze
+    self.data_cipher_type = "aes-256-cfb".freeze
+
+    def initialize(app, options = {})
+      ensure_encryption_key_secure(options[:encryption_key])
+      @encryption_key = unhex(options[:encryption_key]).freeze
+      @iv_cipher      = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.iv_cipher_type)
+      @data_cipher    = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.data_cipher_type)
+      super(app, options)
+    end
+
+    private
+    # Like ActiveSupport::MessageVerifier, but does not base64-encode data.
+    class MessageVerifier
+      def initialize(secret, digest = 'SHA1')
+        @secret = secret
+        @digest = digest
+      end
+
+      def verify(signed_message)
+        digest, data = signed_message.split("--", 2)
+        if digest != generate_digest(data)
+          raise ActiveSupport::MessageVerifier::InvalidSignature
+        else
+          Marshal.load(data)
+        end
+      end
+
+      def generate(value)
+        data   = Marshal.dump(value)
+        digest = generate_digest(data)
+        "#{digest}--#{data}"
+      end
+
+      private
+      def generate_digest(data)
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(@digest), @secret, data)
+      end
+    end
+
+    def set_session(env, sid, session_data, options={})
+      # We hmac-then-encrypt instead of encrypt-then-hmac so that we
+      # can properly detect:
+      # - changes to the encryption key or initialization vector
+      # - a migration from the unencrypted CookieStore.
+      #
+      # Being able to detect these allows us to invalidate the old session data.
+
+      @iv_cipher.encrypt
+      @data_cipher.encrypt
+      @iv_cipher.key   = @encryption_key
+      @data_cipher.key = @encryption_key
+
+      clear_session_data = super(env, sid, session_data, {})
+      iv               = @data_cipher.random_iv
+      @data_cipher.iv  = iv
+      encrypted_iv     = @iv_cipher.update(iv) << @iv_cipher.final
+      encrypted_session_data = @data_cipher.update(Marshal.dump(clear_session_data)) << @data_cipher.final
+
+      "#{base64(encrypted_iv)}--#{base64(encrypted_session_data)}"
+    end
+
+    def unpacked_cookie_data(env)
+      env["action_dispatch.request.unsigned_session_cookie"] ||= begin
+                                                                   stale_session_check! do
+          request = ActionDispatch::Request.new(env)
+          if (data = request.cookie_jar.signed[@key]) && data.is_a?(String)
+            unmarshal(data)
+          else
+            {}
+          end
+        end
+                                                                 end
+    end
+
+    def unmarshal(cookie)
+      if cookie
+        b64_encrypted_iv, b64_encrypted_session_data = cookie.split("--", 2)
+        if b64_encrypted_iv && b64_encrypted_session_data
+          encrypted_iv           = ::Base64.strict_decode64(b64_encrypted_iv)
+          encrypted_session_data = ::Base64.strict_decode64(b64_encrypted_session_data)
+
+          @iv_cipher.decrypt
+          @iv_cipher.key = @encryption_key
+          iv = @iv_cipher.update(encrypted_iv) << @iv_cipher.final
+
+          @data_cipher.decrypt
+          @data_cipher.key = @encryption_key
+          @data_cipher.iv = iv
+          session_data = Marshal.load(@data_cipher.update(encrypted_session_data) << @data_cipher.final) rescue nil
+        end
+      else
+        nil
+      end
+    rescue OpenSSLCipherError
+      nil
+    end
+
+    # To prevent users from using an insecure encryption key like "Password" we make sure that the
+    # encryption key they've provided is at least 30 characters in length.
+    def ensure_encryption_key_secure(encryption_key)
+      if encryption_key.blank?
+        raise ArgumentError, "An encryption key is required for encrypting the " +
+          "cookie session data. Please set config.action_controller.session = { " +
+          "..., :encryption_key => \"some random string of exactly " +
+          "#{ENCRYPTION_KEY_SIZE * 2} bytes\", ... } in config/environment.rb"
+      end
+
+      if encryption_key.size != ENCRYPTION_KEY_SIZE * 2
+        raise ArgumentError, "The EncryptedCookieStore encryption key must be a " +
+          "hexadecimal string of exactly #{ENCRYPTION_KEY_SIZE * 2} bytes. " +
+          "The value that you've provided, \"#{encryption_key}\", is " +
+          "#{encryption_key.size} bytes. You could use the following (randomly " +
+          "generated) string as encryption key: " +
+          SecureRandom.hex(ENCRYPTION_KEY_SIZE)
+      end
+    end
+
+    def verifier_for(secret, digest)
+      key = secret.respond_to?(:call) ? secret.call : secret
+      MessageVerifier.new(key, digest)
+    end
+
+    def base64(data)
+      ::Base64.strict_encode64(data)
+    end
+
+    def unhex(hex_data)
+      [hex_data].pack("H*")
+    end
+  end
+end

data/lib/encrypted_cookie_store/railtie.rb

@@ -0,0 +1,10 @@
+module EncryptedCookieStore
+  class Railtie < Rails::Railtie
+    initializer "encrypted_cookie_store_railtie.boot" do |app|
+    end
+
+    rake_tasks do
+      load 'tasks/encrypted_cookie_store.rake'
+    end
+  end
+end

data/lib/tasks/encrypted_cookie_store.rake

@@ -0,0 +1,7 @@
+namespace :secret do
+	desc "Generate an encryption key for EncryptedCookieStore that's cryptographically secure."
+	task :encryption_key do
+		require 'encrypted_cookie_store/constants'
+		puts ActiveSupport::SecureRandom.hex(EncryptedCookieStoreConstants::ENCRYPTION_KEY_SIZE)
+	end
+end

data/spec/encrypted_cookie_store_spec.rb

@@ -0,0 +1,88 @@
+$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__) + "/../lib"))
+require 'rubygems'
+gem 'rails', '>= 3.0.0'
+require 'rails'
+require 'action_controller'
+require 'encrypted_cookie_store'
+
+describe EncryptedCookieStore::EncryptedCookieStore do
+	SECRET = "b6a30e998806a238c4bad45cc720ed55e56e50d9f00fff58552e78a20fe8262df61" <<
+		"42fcfdb0676018bb9767ed560d4a624fb7f3603b4e53c77ec189ae3853bd1"
+	GOOD_ENCRYPTION_KEY = "dd458e790c3b995e3606384c58efc53da431db892f585aa3ca2a17eabe6df75b"
+	ANOTHER_GOOD_ENCRYPTION_KEY = "ce6a45c34607d2048d735b0a31a769de4e1512eb83c7012059a66937158a8975"
+	OBJECT = { :user_id => 123, :admin => true, :message => "hello world!" }
+	
+	def create(options = {})
+		EncryptedCookieStore::EncryptedCookieStore.new(nil, options.reverse_merge(
+			:key => 'key',
+			:secret => SECRET
+		))
+	end
+	
+	it "checks whether an encryption key is given" do
+		lambda { create }.should raise_error(ArgumentError, /encryption key is required/)
+	end
+	
+	it "checks whether the encryption key has the correct size" do
+		encryption_key = "too small"
+		block = lambda { create(:encryption_key => encryption_key) }
+		block.should raise_error(ArgumentError, /must be a hexadecimal string of exactly \d+ bytes/)
+	end
+	
+	specify "marshalling and unmarshalling data works" do
+		data   = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:set_session, nil, nil, OBJECT)
+		object = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
+		object[:user_id].should == 123
+		object[:admin].should be_true
+		object[:message].should == "hello world!"
+	end
+	
+	it "uses a different initialization vector every time data is marshalled" do
+		store  = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+		data1  = store.send(:set_session, nil, nil, OBJECT)
+		data2  = store.send(:set_session, nil, nil, OBJECT)
+		data3  = store.send(:set_session, nil, nil, OBJECT)
+		data4  = store.send(:set_session, nil, nil, OBJECT)
+		data1.should_not == data2
+		data1.should_not == data3
+		data1.should_not == data4
+	end
+	
+	it "invalidates the data if the encryption key is changed" do
+		data   = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:set_session, nil, nil, OBJECT)
+		object = create(:encryption_key => ANOTHER_GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
+		object.should be_nil
+	end
+	
+	it "invalidates the data if the IV cannot be decrypted" do
+		store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+		data  = store.send(:set_session, nil, nil, OBJECT)
+		iv_cipher = store.instance_variable_get(:@iv_cipher)
+		iv_cipher.should_receive(:update).and_raise(EncryptedCookieStore::EncryptedCookieStore::OpenSSLCipherError)
+		store.send(:unmarshal, data).should be_nil
+	end
+
+        # FIXME: This test case is broken. The super classes' structure have changed since Rails 3.0.0.beta3
+        #        and we're no longer getting a string to unmarshal, since this have been pushed up to rack.
+	#it "invalidates the data if we just migrated from CookieStore" do
+	#	old_store = ActionDispatch::Session::CookieStore.new(nil, :key => 'key', :secret => SECRET)
+	#	legacy_data = old_store.send(:set_session, nil, nil, OBJECT)
+	#	store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+	#	store.send(:unmarshal, legacy_data).should be_nil
+	#end
+	
+	it "invalidates the data if it was tampered with" do
+		store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+		data = store.send(:set_session, nil, nil, OBJECT)
+		b64_encrypted_iv, b64_encrypted_session_data = data.split("--", 2)
+		b64_encrypted_session_data[0..1] = "AA"
+		data = "#{b64_encrypted_iv}--#{b64_encrypted_session_data}"
+		store.send(:unmarshal, data).should be_nil
+	end
+	
+	it "invalidates the data if it looks like garbage" do
+		store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+		garbage = "\202d\3477 jTf\274\360\200z\355\334N3\001\0036\321qLu\027\320\325*%:%\270D"
+		store.send(:unmarshal, garbage).should be_nil
+	end
+end

data/validas-encrypted_cookie_store.gemspec

@@ -0,0 +1,65 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = "validas-encrypted_cookie_store"
+  s.version = "0.4.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["FooBarWidget", "Scott W. Bradley", "Validas Engineering Team"]
+  s.date = "2012-10-30"
+  s.description = "A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget"
+  s.email = "scottwb@gmail.com"
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.md"
+  ]
+  s.files = [
+    ".rspec",
+    ".travis.yml",
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE.txt",
+    "README.md",
+    "Rakefile",
+    "VERSION",
+    "lib/encrypted_cookie_store.rb",
+    "lib/encrypted_cookie_store/constants.rb",
+    "lib/encrypted_cookie_store/encrypted_cookie_store.rb",
+    "lib/encrypted_cookie_store/railtie.rb",
+    "lib/tasks/encrypted_cookie_store.rake",
+    "spec/encrypted_cookie_store_spec.rb",
+    "validas-encrypted_cookie_store.gemspec"
+  ]
+  s.homepage = "https://github.com/validas/encrypted_cookie_store"
+  s.require_paths = ["lib"]
+  s.rubygems_version = "1.8.24"
+  s.summary = "A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget"
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<rails>, ["~> 3.2.0"])
+      s.add_development_dependency(%q<rake>, [">= 0"])
+      s.add_development_dependency(%q<bundler>, [">= 0"])
+      s.add_development_dependency(%q<rspec>, ["~> 2.6.0"])
+      s.add_development_dependency(%q<jeweler>, [">= 0"])
+    else
+      s.add_dependency(%q<rails>, ["~> 3.2.0"])
+      s.add_dependency(%q<rake>, [">= 0"])
+      s.add_dependency(%q<bundler>, [">= 0"])
+      s.add_dependency(%q<rspec>, ["~> 2.6.0"])
+      s.add_dependency(%q<jeweler>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<rails>, ["~> 3.2.0"])
+    s.add_dependency(%q<rake>, [">= 0"])
+    s.add_dependency(%q<bundler>, [">= 0"])
+    s.add_dependency(%q<rspec>, ["~> 2.6.0"])
+    s.add_dependency(%q<jeweler>, [">= 0"])
+  end
+end
+

metadata

@@ -0,0 +1,143 @@
+--- !ruby/object:Gem::Specification
+name: validas-encrypted_cookie_store
+version: !ruby/object:Gem::Version
+  version: 0.4.0
+  prerelease: 
+platform: ruby
+authors:
+- FooBarWidget
+- Scott W. Bradley
+- Validas Engineering Team
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-10-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.6.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.6.0
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget
+email: scottwb@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.txt
+- README.md
+files:
+- .rspec
+- .travis.yml
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- VERSION
+- lib/encrypted_cookie_store.rb
+- lib/encrypted_cookie_store/constants.rb
+- lib/encrypted_cookie_store/encrypted_cookie_store.rb
+- lib/encrypted_cookie_store/railtie.rb
+- lib/tasks/encrypted_cookie_store.rake
+- spec/encrypted_cookie_store_spec.rb
+- validas-encrypted_cookie_store.gemspec
+homepage: https://github.com/validas/encrypted_cookie_store
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget
+test_files: []