Skip to content

Commit

Permalink
Implement API suggestions of pull request.
Browse files Browse the repository at this point in the history
  • Loading branch information
@wvanbergen
wvanbergen committed Sep 15, 2011
1 parent a8aaef6 commit db040cd
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 18 deletions.
11 changes: 5 additions & 6 deletions activesupport/lib/active_support/message_encryptor.rb
View file
Expand Up @@ -13,13 +13,12 @@ class MessageEncryptor
class InvalidMessage < StandardError; end
OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError

attr_accessor :serializer, :deserializer
attr_accessor :serializer

def initialize(secret, cipher = 'aes-256-cbc')
def initialize(secret, cipher = 'aes-256-cbc', serializer = Marshal)
@secret = secret
@cipher = cipher
@serializer = lambda { |value| Marshal.dump(value) }
@deserializer = lambda { |value| Marshal.load(value) }
@serializer = serializer
end

def encrypt(value)
Expand All @@ -31,7 +30,7 @@ def encrypt(value)
cipher.key = @secret
cipher.iv = iv

encrypted_data = cipher.update(serializer.call(value))
encrypted_data = cipher.update(serializer.dump(value))
encrypted_data << cipher.final

[encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--")
Expand All @@ -48,7 +47,7 @@ def decrypt(encrypted_message)
decrypted_data = cipher.update(encrypted_data)
decrypted_data << cipher.final

deserializer.call(decrypted_data)
serializer.load(decrypted_data)
rescue OpenSSLCipherError, TypeError
raise InvalidMessage
end
Expand Down
11 changes: 5 additions & 6 deletions activesupport/lib/active_support/message_verifier.rb
View file
Expand Up @@ -21,28 +21,27 @@ module ActiveSupport
class MessageVerifier
class InvalidSignature < StandardError; end

attr_accessor :serializer, :deserializer
attr_accessor :serializer

def initialize(secret, digest = 'SHA1')
def initialize(secret, digest = 'SHA1', serializer = Marshal)
@secret = secret
@digest = digest
@serializer = lambda { |value| Marshal.dump(value) }
@deserializer = lambda { |value| Marshal.load(value) }
@serializer = serializer
end

def verify(signed_message)
raise InvalidSignature if signed_message.blank?

data, digest = signed_message.split("--")
if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
deserializer.call(ActiveSupport::Base64.decode64(data))
serializer.load(ActiveSupport::Base64.decode64(data))
else
raise InvalidSignature
end
end

def generate(value)
data = ActiveSupport::Base64.encode64s(serializer.call(value))
data = ActiveSupport::Base64.encode64s(serializer.dump(value))
"#{data}--#{generate_digest(data)}"
end

Expand Down
15 changes: 12 additions & 3 deletions activesupport/test/message_encryptor_test.rb
View file
Expand Up @@ -11,6 +11,17 @@
require 'active_support/json'

class MessageEncryptorTest < Test::Unit::TestCase

class JSONSerializer
def dump(value)
ActiveSupport::JSON.encode(value)
end

def load(value)
ActiveSupport::JSON.decode(value)
end
end

def setup
@encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.hex(64))
@data = { :some => "data", :now => Time.local(2010) }
Expand Down Expand Up @@ -41,9 +52,7 @@ def test_signed_round_tripping
end

def test_alternative_serialization_method
@encryptor.serializer = lambda { |value| ActiveSupport::JSON.encode(value) }
@encryptor.deserializer = lambda { |value| ActiveSupport::JSON.decode(value) }

@encryptor.serializer = JSONSerializer.new
message = @encryptor.encrypt_and_sign({ :foo => 123, 'bar' => Time.utc(2010) })
assert_equal @encryptor.decrypt_and_verify(message), { "foo" => 123, "bar" => "2010-01-01T00:00:00Z" }
end
Expand Down
15 changes: 12 additions & 3 deletions activesupport/test/message_verifier_test.rb
View file
Expand Up @@ -11,6 +11,17 @@
require 'active_support/json'

class MessageVerifierTest < Test::Unit::TestCase

class JSONSerializer
def dump(value)
ActiveSupport::JSON.encode(value)
end

def load(value)
ActiveSupport::JSON.decode(value)
end
end

def setup
@verifier = ActiveSupport::MessageVerifier.new("Hey, I'm a secret!")
@data = { :some => "data", :now => Time.local(2010) }
Expand All @@ -34,9 +45,7 @@ def test_tampered_data_raises
end

def test_alternative_serialization_method
@verifier.serializer = lambda { |value| ActiveSupport::JSON.encode(value) }
@verifier.deserializer = lambda { |value| ActiveSupport::JSON.decode(value) }

@verifier.serializer = JSONSerializer.new
message = @verifier.generate({ :foo => 123, 'bar' => Time.utc(2010) })
assert_equal @verifier.verify(message), { "foo" => 123, "bar" => "2010-01-01T00:00:00Z" }
end
Expand Down

0 comments on commit db040cd

Please sign in to comment.