validas-encrypted_cookie_store 0.4.1 → 0.4.2

data/README.md

@@ -6,11 +6,7 @@ session data in a cookie), but it uses encryption so that people can't read
 what's in the session data. This makes it possible to store sensitive data
 in the session.
 
-This version of EncryptedCookieStore is written for Rails 3.0.0+. It will not work with Rails 3.0.0.beta3 or earlier. It does not yet work with Rails 3.1. It has been tested with:
-
-  * 3.0.0
-  * 3.0.7
-  * 3.0.8.rc4
+This version of EncryptedCookieStore is written for Rails 3.1.0+. It will not work with Rails 3.0.0 or earlier. It does work with Rails 3.2.
 
 The original version for Rails 2.3 can be found here: https://github.com/FooBarWidget/encrypted_cookie_store
 
@@ -21,17 +17,17 @@ Installation and usage
 
 First, install it:
 
-    gem install scottwb-encrypted_cookie_store
+    gem install validas-encrypted_cookie_store
 
 Then, add it to you bundler Gemfile:
 
-    gem 'scottwb-encrypted_cookie_store', :require => 'encrypted_cookie_store'
+    gem 'validas-encrypted_cookie_store', :require => 'encrypted_cookie_store'
 
 Then edit `config/initializers/session_store.rb` and set your session store to
 EncryptedCookieStore:
 
     MyApp::Application.config.session_store(
-      EncryptedCookieStore::EncryptedCookieStore,
+      ApplicationDispatch::Session::EncryptedCookieStore,
       :key            => '_myapp_session',
       :encryption_key => '966a4....'
     )

data/VERSION

@@ -1 +1 @@
-0.4.1
+0.4.2

data/lib/encrypted_cookie_store/encrypted_cookie_store.rb

@@ -1,145 +1,124 @@
-require 'openssl'
-require 'encrypted_cookie_store/constants'
-
-module EncryptedCookieStore
-  class EncryptedCookieStore < ActionDispatch::Session::CookieStore
-    OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
-    include EncryptedCookieStoreConstants
+require 'active_support/core_ext/hash/keys'
+require 'action_dispatch/middleware/session/abstract_store'
+require 'rack/session/cookie'
+
+module ActionDispatch
+  module Session
+    class EncryptedCookieStore < Rack::Session::Cookie
+      OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
+
+      ENCRYPTION_KEY_SIZE = 32
+      include Compatibility
+      include StaleSessionCheck
+
+      class << self
+        attr_accessor :iv_cipher_type
+        attr_accessor :data_cipher_type
+      end
 
-    class << self
-      attr_accessor :iv_cipher_type
-      attr_accessor :data_cipher_type
-    end
+      self.iv_cipher_type   = "aes-128-ecb".freeze
+      self.data_cipher_type = "aes-256-cfb".freeze
 
-    self.iv_cipher_type   = "aes-128-ecb".freeze
-    self.data_cipher_type = "aes-256-cfb".freeze
+      def initialize(app, options = {})
+        ensure_encryption_key_secure(options[:encryption_key])
+        @encryption_key = unhex(options[:encryption_key]).freeze
+        @iv_cipher      = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.iv_cipher_type)
+        @data_cipher    = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.data_cipher_type)
+        super(app, options)
+      end
 
-    def initialize(app, options = {})
-      ensure_encryption_key_secure(options[:encryption_key])
-      @encryption_key = unhex(options[:encryption_key]).freeze
-      @iv_cipher      = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.iv_cipher_type)
-      @data_cipher    = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.data_cipher_type)
-      super(app, options)
-    end
+      # Override rack's method
+      def destroy_session(env, session_id, options)
+        new_sid = super
+        # Reset hash and Assign the new session id
+        env["action_dispatch.request.unsigned_session_cookie"] = new_sid ? { "session_id" => new_sid } : {}
+        new_sid
+      end
 
-    private
-    # Like ActiveSupport::MessageVerifier, but does not base64-encode data.
-    class MessageVerifier
-      def initialize(secret, digest = 'SHA1')
-        @secret = secret
-        @digest = digest
+      private
+      def unpacked_cookie_data(env)
+        env["action_dispatch.request.unsigned_session_cookie"] ||= begin
+                                                                     stale_session_check! do
+            request = ActionDispatch::Request.new(env)
+            if data = request.cookie_jar.signed[@key]
+              data = unmarshal(data)
+            end
+
+            data || {}
+          end
+                                                                   end
       end
 
-      def verify(signed_message)
-        digest, data = signed_message.split("--", 2)
-        if digest != generate_digest(data)
-          raise ActiveSupport::MessageVerifier::InvalidSignature
-        else
-          Marshal.load(data)
-        end
+      def set_session(env, sid, session_data, options={})
+        session_data["session_id"] = sid
+
+        @iv_cipher.encrypt
+        @data_cipher.encrypt
+        @iv_cipher.key   = @encryption_key
+        @data_cipher.key = @encryption_key
+
+        iv               = @data_cipher.random_iv
+        @data_cipher.iv  = iv
+        encrypted_iv     = @iv_cipher.update(iv) << @iv_cipher.final
+        encrypted_session_data = @data_cipher.update(Marshal.dump(session_data)) << @data_cipher.final
+
+        "#{base64(encrypted_iv)}--#{base64(encrypted_session_data)}"
       end
 
-      def generate(value)
-        data   = Marshal.dump(value)
-        digest = generate_digest(data)
-        "#{digest}--#{data}"
+      def set_cookie(env, session_id, cookie)
+        request = ActionDispatch::Request.new(env)
+        request.cookie_jar.signed[@key] = cookie
       end
 
       private
-      def generate_digest(data)
-        OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(@digest), @secret, data)
+      def base64(data)
+        ::Base64.strict_encode64(data)
       end
-    end
 
-    def set_session(env, sid, session_data, options={})
-      # We hmac-then-encrypt instead of encrypt-then-hmac so that we
-      # can properly detect:
-      # - changes to the encryption key or initialization vector
-      # - a migration from the unencrypted CookieStore.
-      #
-      # Being able to detect these allows us to invalidate the old session data.
-
-      @iv_cipher.encrypt
-      @data_cipher.encrypt
-      @iv_cipher.key   = @encryption_key
-      @data_cipher.key = @encryption_key
-
-      clear_session_data = super(env, sid, session_data, {})
-      iv               = @data_cipher.random_iv
-      @data_cipher.iv  = iv
-      encrypted_iv     = @iv_cipher.update(iv) << @iv_cipher.final
-      encrypted_session_data = @data_cipher.update(Marshal.dump(clear_session_data)) << @data_cipher.final
-
-      "#{base64(encrypted_iv)}--#{base64(encrypted_session_data)}"
-    end
+      def unhex(hex_data)
+        [hex_data].pack("H*")
+      end
 
-    def unpacked_cookie_data(env)
-      env["action_dispatch.request.unsigned_session_cookie"] ||= begin
-                                                                   stale_session_check! do
-          request = ActionDispatch::Request.new(env)
-          if (data = request.cookie_jar.signed[@key]) && data.is_a?(String)
-            unmarshal(data)
-          else
-            {}
+      def unmarshal(cookie)
+        if cookie
+          b64_encrypted_iv, b64_encrypted_session_data = cookie.split("--", 2)
+          if b64_encrypted_iv && b64_encrypted_session_data
+            encrypted_iv           = ::Base64.strict_decode64(b64_encrypted_iv)
+            encrypted_session_data = ::Base64.strict_decode64(b64_encrypted_session_data)
+
+            @iv_cipher.decrypt
+            @iv_cipher.key = @encryption_key
+            iv = @iv_cipher.update(encrypted_iv) << @iv_cipher.final
+
+            @data_cipher.decrypt
+            @data_cipher.key = @encryption_key
+            @data_cipher.iv = iv
+            Marshal.load(@data_cipher.update(encrypted_session_data) << @data_cipher.final) rescue nil
           end
+        else
+          nil
         end
-                                                                 end
-    end
-
-    def unmarshal(cookie)
-      if cookie
-        b64_encrypted_iv, b64_encrypted_session_data = cookie.split("--", 2)
-        if b64_encrypted_iv && b64_encrypted_session_data
-          encrypted_iv           = ::Base64.strict_decode64(b64_encrypted_iv)
-          encrypted_session_data = ::Base64.strict_decode64(b64_encrypted_session_data)
-
-          @iv_cipher.decrypt
-          @iv_cipher.key = @encryption_key
-          iv = @iv_cipher.update(encrypted_iv) << @iv_cipher.final
-
-          @data_cipher.decrypt
-          @data_cipher.key = @encryption_key
-          @data_cipher.iv = iv
-          session_data = Marshal.load(@data_cipher.update(encrypted_session_data) << @data_cipher.final) rescue nil
-        end
-      else
+      rescue OpenSSLCipherError
         nil
       end
-    rescue OpenSSLCipherError
-      nil
-    end
 
-    # To prevent users from using an insecure encryption key like "Password" we make sure that the
-    # encryption key they've provided is at least 30 characters in length.
-    def ensure_encryption_key_secure(encryption_key)
-      if encryption_key.blank?
-        raise ArgumentError, "An encryption key is required for encrypting the " +
-          "cookie session data. Please set config.action_controller.session = { " +
-          "..., :encryption_key => \"some random string of exactly " +
-          "#{ENCRYPTION_KEY_SIZE * 2} bytes\", ... } in config/environment.rb"
-      end
+      def ensure_encryption_key_secure(encryption_key)
+        if encryption_key.blank?
+          raise ArgumentError, "An encryption key is required for encrypting the " +
+            "cookie session data. Please set config.action_controller.session = { " +
+            "..., :encryption_key => \"some random string of exactly " +
+            "#{ENCRYPTION_KEY_SIZE * 2} bytes\", ... } in config/environment.rb"
+        end
 
-      if encryption_key.size != ENCRYPTION_KEY_SIZE * 2
-        raise ArgumentError, "The EncryptedCookieStore encryption key must be a " +
-          "hexadecimal string of exactly #{ENCRYPTION_KEY_SIZE * 2} bytes. " +
-          "The value that you've provided, \"#{encryption_key}\", is " +
-          "#{encryption_key.size} bytes. You could use the following (randomly " +
-          "generated) string as encryption key: " +
-          SecureRandom.hex(ENCRYPTION_KEY_SIZE)
+        if encryption_key.size != ENCRYPTION_KEY_SIZE * 2
+          raise ArgumentError, "The EncryptedCookieStore encryption key must be a " +
+            "hexadecimal string of exactly #{ENCRYPTION_KEY_SIZE * 2} bytes. " +
+            "The value that you've provided, \"#{encryption_key}\", is " +
+            "#{encryption_key.size} bytes. You could use the following (randomly " +
+            "generated) string as encryption key: " +
+            SecureRandom.hex(ENCRYPTION_KEY_SIZE)
+        end
       end
     end
-
-    def verifier_for(secret, digest)
-      key = secret.respond_to?(:call) ? secret.call : secret
-      MessageVerifier.new(key, digest)
-    end
-
-    def base64(data)
-      ::Base64.strict_encode64(data)
-    end
-
-    def unhex(hex_data)
-      [hex_data].pack("H*")
-    end
   end
 end

data/spec/encrypted_cookie_store_spec.rb

@@ -5,84 +5,84 @@ require 'rails'
 require 'action_controller'
 require 'encrypted_cookie_store'
 
-describe EncryptedCookieStore::EncryptedCookieStore do
-	SECRET = "b6a30e998806a238c4bad45cc720ed55e56e50d9f00fff58552e78a20fe8262df61" <<
-		"42fcfdb0676018bb9767ed560d4a624fb7f3603b4e53c77ec189ae3853bd1"
-	GOOD_ENCRYPTION_KEY = "dd458e790c3b995e3606384c58efc53da431db892f585aa3ca2a17eabe6df75b"
-	ANOTHER_GOOD_ENCRYPTION_KEY = "ce6a45c34607d2048d735b0a31a769de4e1512eb83c7012059a66937158a8975"
-	OBJECT = { :user_id => 123, :admin => true, :message => "hello world!" }
-	
-	def create(options = {})
-		EncryptedCookieStore::EncryptedCookieStore.new(nil, options.reverse_merge(
-			:key => 'key',
-			:secret => SECRET
-		))
-	end
-	
-	it "checks whether an encryption key is given" do
-		lambda { create }.should raise_error(ArgumentError, /encryption key is required/)
-	end
-	
-	it "checks whether the encryption key has the correct size" do
-		encryption_key = "too small"
-		block = lambda { create(:encryption_key => encryption_key) }
-		block.should raise_error(ArgumentError, /must be a hexadecimal string of exactly \d+ bytes/)
-	end
-	
-	specify "marshalling and unmarshalling data works" do
-		data   = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:set_session, nil, nil, OBJECT)
-		object = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
-		object[:user_id].should == 123
-		object[:admin].should be_true
-		object[:message].should == "hello world!"
-	end
-	
-	it "uses a different initialization vector every time data is marshalled" do
-		store  = create(:encryption_key => GOOD_ENCRYPTION_KEY)
-		data1  = store.send(:set_session, nil, nil, OBJECT)
-		data2  = store.send(:set_session, nil, nil, OBJECT)
-		data3  = store.send(:set_session, nil, nil, OBJECT)
-		data4  = store.send(:set_session, nil, nil, OBJECT)
-		data1.should_not == data2
-		data1.should_not == data3
-		data1.should_not == data4
-	end
-	
-	it "invalidates the data if the encryption key is changed" do
-		data   = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:set_session, nil, nil, OBJECT)
-		object = create(:encryption_key => ANOTHER_GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
-		object.should be_nil
-	end
-	
-	it "invalidates the data if the IV cannot be decrypted" do
-		store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
-		data  = store.send(:set_session, nil, nil, OBJECT)
-		iv_cipher = store.instance_variable_get(:@iv_cipher)
-		iv_cipher.should_receive(:update).and_raise(EncryptedCookieStore::EncryptedCookieStore::OpenSSLCipherError)
-		store.send(:unmarshal, data).should be_nil
-	end
+describe ActionDispatch::Session::EncryptedCookieStore do
+  SECRET = "b6a30e998806a238c4bad45cc720ed55e56e50d9f00fff58552e78a20fe8262df61" <<
+    "42fcfdb0676018bb9767ed560d4a624fb7f3603b4e53c77ec189ae3853bd1"
+  GOOD_ENCRYPTION_KEY = "dd458e790c3b995e3606384c58efc53da431db892f585aa3ca2a17eabe6df75b"
+  ANOTHER_GOOD_ENCRYPTION_KEY = "ce6a45c34607d2048d735b0a31a769de4e1512eb83c7012059a66937158a8975"
+  OBJECT = { :user_id => 123, :admin => true, :message => "hello world!" }
 
-        # FIXME: This test case is broken. The super classes' structure have changed since Rails 3.0.0.beta3
-        #        and we're no longer getting a string to unmarshal, since this have been pushed up to rack.
-	#it "invalidates the data if we just migrated from CookieStore" do
-	#	old_store = ActionDispatch::Session::CookieStore.new(nil, :key => 'key', :secret => SECRET)
-	#	legacy_data = old_store.send(:set_session, nil, nil, OBJECT)
-	#	store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
-	#	store.send(:unmarshal, legacy_data).should be_nil
-	#end
-	
-	it "invalidates the data if it was tampered with" do
-		store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
-		data = store.send(:set_session, nil, nil, OBJECT)
-		b64_encrypted_iv, b64_encrypted_session_data = data.split("--", 2)
-		b64_encrypted_session_data[0..1] = "AA"
-		data = "#{b64_encrypted_iv}--#{b64_encrypted_session_data}"
-		store.send(:unmarshal, data).should be_nil
-	end
-	
-	it "invalidates the data if it looks like garbage" do
-		store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
-		garbage = "\202d\3477 jTf\274\360\200z\355\334N3\001\0036\321qLu\027\320\325*%:%\270D"
-		store.send(:unmarshal, garbage).should be_nil
-	end
+  def create(options = {})
+    ActionDispatch::Session::EncryptedCookieStore.new(nil, options.reverse_merge(
+                                                                              :key => 'key',
+                                                                              :secret => SECRET
+                                                                              ))
+  end
+
+  it "checks whether an encryption key is given" do
+    lambda { create }.should raise_error(ArgumentError, /encryption key is required/)
+  end
+
+  it "checks whether the encryption key has the correct size" do
+    encryption_key = "too small"
+    block = lambda { create(:encryption_key => encryption_key) }
+    block.should raise_error(ArgumentError, /must be a hexadecimal string of exactly \d+ bytes/)
+  end
+
+  specify "marshalling and unmarshalling data works" do
+    data   = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:set_session, nil, nil, OBJECT)
+    object = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
+    object[:user_id].should == 123
+    object[:admin].should be_true
+    object[:message].should == "hello world!"
+  end
+
+  it "uses a different initialization vector every time data is marshalled" do
+    store  = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+    data1  = store.send(:set_session, nil, nil, OBJECT)
+    data2  = store.send(:set_session, nil, nil, OBJECT)
+    data3  = store.send(:set_session, nil, nil, OBJECT)
+    data4  = store.send(:set_session, nil, nil, OBJECT)
+    data1.should_not == data2
+    data1.should_not == data3
+    data1.should_not == data4
+  end
+
+  it "invalidates the data if the encryption key is changed" do
+    data   = create(:encryption_key => GOOD_ENCRYPTION_KEY).send(:set_session, nil, nil, OBJECT)
+    object = create(:encryption_key => ANOTHER_GOOD_ENCRYPTION_KEY).send(:unmarshal, data)
+    object.should be_nil
+  end
+
+  it "invalidates the data if the IV cannot be decrypted" do
+    store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+    data  = store.send(:set_session, nil, nil, OBJECT)
+    iv_cipher = store.instance_variable_get(:@iv_cipher)
+    iv_cipher.should_receive(:update).and_raise(ActionDispatch::Session::EncryptedCookieStore::OpenSSLCipherError)
+    store.send(:unmarshal, data).should be_nil
+  end
+
+  # FIXME: This test case is broken. The super classes' structure have changed since Rails 3.0.0.beta3
+  #        and we're no longer getting a string to unmarshal, since this have been pushed up to rack.
+  # it "invalidates the data if we just migrated from CookieStore", :focus => true do
+  #   old_store = ActionDispatch::Session::CookieStore.new(nil, :key => 'key', :secret => SECRET)
+  #   legacy_data = old_store.send(:set_session, nil, nil, OBJECT, {})
+  #   store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+  #   store.send(:unmarshal, legacy_data).should be_nil
+  # end
+
+  it "invalidates the data if it was tampered with" do
+    store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+    data = store.send(:set_session, nil, nil, OBJECT)
+    b64_encrypted_iv, b64_encrypted_session_data = data.split("--", 2)
+    b64_encrypted_session_data[0..1] = "AA"
+    data = "#{b64_encrypted_iv}--#{b64_encrypted_session_data}"
+    store.send(:unmarshal, data).should be_nil
+  end
+
+  it "invalidates the data if it looks like garbage" do
+    store = create(:encryption_key => GOOD_ENCRYPTION_KEY)
+    garbage = "\202d\3477 jTf\274\360\200z\355\334N3\001\0036\321qLu\027\320\325*%:%\270D"
+    store.send(:unmarshal, garbage).should be_nil
+  end
 end

data/validas-encrypted_cookie_store.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = "validas-encrypted_cookie_store"
-  s.version = "0.4.1"
+  s.version = "0.4.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["FooBarWidget", "Scott W. Bradley", "Validas Engineering Team"]
-  s.date = "2012-10-30"
+  s.date = "2012-10-31"
   s.description = "A Rails 3.1 & 3.2 version of Encrypted Cookie Store by FooBarWidget"
   s.email = "scottwb@gmail.com"
   s.extra_rdoc_files = [
@@ -26,7 +26,6 @@ Gem::Specification.new do |s|
     "Rakefile",
     "VERSION",
     "lib/encrypted_cookie_store.rb",
-    "lib/encrypted_cookie_store/constants.rb",
     "lib/encrypted_cookie_store/encrypted_cookie_store.rb",
     "lib/encrypted_cookie_store/railtie.rb",
     "lib/tasks/encrypted_cookie_store.rake",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: validas-encrypted_cookie_store
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.4.2
   prerelease: 
 platform: ruby
 authors:
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-10-30 00:00:00.000000000 Z
+date: 2012-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -110,7 +110,6 @@ files:
 - Rakefile
 - VERSION
 - lib/encrypted_cookie_store.rb
-- lib/encrypted_cookie_store/constants.rb
 - lib/encrypted_cookie_store/encrypted_cookie_store.rb
 - lib/encrypted_cookie_store/railtie.rb
 - lib/tasks/encrypted_cookie_store.rake

data/lib/encrypted_cookie_store/constants.rb

@@ -1,3 +0,0 @@
-module EncryptedCookieStoreConstants
-	ENCRYPTION_KEY_SIZE = 32
-end