Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
8a32a58f
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
8a32a58f
编写于
9月 15, 2011
作者:
J
José Valim
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #3037 from wvanbergen/master
MessageVerifier: set serializer and crypto algorithm using an option hash
上级
28300f4e
6d520803
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
40 addition
and
22 deletion
+40
-22
activesupport/lib/active_support/message_encryptor.rb
activesupport/lib/active_support/message_encryptor.rb
+10
-7
activesupport/lib/active_support/message_verifier.rb
activesupport/lib/active_support/message_verifier.rb
+10
-7
activesupport/test/message_encryptor_test.rb
activesupport/test/message_encryptor_test.rb
+10
-4
activesupport/test/message_verifier_test.rb
activesupport/test/message_verifier_test.rb
+10
-4
未找到文件。
activesupport/lib/active_support/message_encryptor.rb
浏览文件 @
8a32a58f
...
...
@@ -13,12 +13,15 @@ class MessageEncryptor
class
InvalidMessage
<
StandardError
;
end
OpenSSLCipherError
=
OpenSSL
::
Cipher
.
const_defined?
(
:CipherError
)
?
OpenSSL
::
Cipher
::
CipherError
:
OpenSSL
::
CipherError
attr_accessor
:serializer
def
initialize
(
secret
,
cipher
=
'aes-256-cbc'
,
serializer
=
Marshal
)
def
initialize
(
secret
,
options
=
{})
unless
options
.
is_a?
(
Hash
)
ActiveSupport
::
Deprecation
.
warn
"The second parameter should be an options hash. Use :cipher => 'algorithm' to sepcify the cipher algorithm."
options
=
{
:cipher
=>
options
}
end
@secret
=
secret
@cipher
=
cipher
@serializer
=
serializer
@cipher
=
options
[
:cipher
]
||
'aes-256-cbc'
@serializer
=
options
[
:serializer
]
||
Marshal
end
def
encrypt
(
value
)
...
...
@@ -30,7 +33,7 @@ def encrypt(value)
cipher
.
key
=
@secret
cipher
.
iv
=
iv
encrypted_data
=
cipher
.
update
(
serializer
.
dump
(
value
))
encrypted_data
=
cipher
.
update
(
@
serializer
.
dump
(
value
))
encrypted_data
<<
cipher
.
final
[
encrypted_data
,
iv
].
map
{
|
v
|
ActiveSupport
::
Base64
.
encode64s
(
v
)}.
join
(
"--"
)
...
...
@@ -47,7 +50,7 @@ def decrypt(encrypted_message)
decrypted_data
=
cipher
.
update
(
encrypted_data
)
decrypted_data
<<
cipher
.
final
serializer
.
load
(
decrypted_data
)
@
serializer
.
load
(
decrypted_data
)
rescue
OpenSSLCipherError
,
TypeError
raise
InvalidMessage
end
...
...
activesupport/lib/active_support/message_verifier.rb
浏览文件 @
8a32a58f
...
...
@@ -26,12 +26,15 @@ module ActiveSupport
class
MessageVerifier
class
InvalidSignature
<
StandardError
;
end
attr_accessor
:serializer
def
initialize
(
secret
,
digest
=
'SHA1'
,
serializer
=
Marshal
)
def
initialize
(
secret
,
options
=
{})
unless
options
.
is_a?
(
Hash
)
ActiveSupport
::
Deprecation
.
warn
"The second parameter should be an options hash. Use :digest => 'algorithm' to sepcify the digest algorithm."
options
=
{
:digest
=>
options
}
end
@secret
=
secret
@digest
=
digest
@serializer
=
serializer
@digest
=
options
[
:digest
]
||
'SHA1'
@serializer
=
options
[
:serializer
]
||
Marshal
end
def
verify
(
signed_message
)
...
...
@@ -39,14 +42,14 @@ def verify(signed_message)
data
,
digest
=
signed_message
.
split
(
"--"
)
if
data
.
present?
&&
digest
.
present?
&&
secure_compare
(
digest
,
generate_digest
(
data
))
serializer
.
load
(
ActiveSupport
::
Base64
.
decode64
(
data
))
@
serializer
.
load
(
ActiveSupport
::
Base64
.
decode64
(
data
))
else
raise
InvalidSignature
end
end
def
generate
(
value
)
data
=
ActiveSupport
::
Base64
.
encode64s
(
serializer
.
dump
(
value
))
data
=
ActiveSupport
::
Base64
.
encode64s
(
@
serializer
.
dump
(
value
))
"
#{
data
}
--
#{
generate_digest
(
data
)
}
"
end
...
...
activesupport/test/message_encryptor_test.rb
浏览文件 @
8a32a58f
...
...
@@ -10,7 +10,7 @@
require
'active_support/time'
require
'active_support/json'
class
MessageEncryptorTest
<
Test
::
Uni
t
::
TestCase
class
MessageEncryptorTest
<
ActiveSuppor
t
::
TestCase
class
JSONSerializer
def
dump
(
value
)
...
...
@@ -52,11 +52,17 @@ def test_signed_round_tripping
end
def
test_alternative_serialization_method
@encryptor
.
serializer
=
JSONSerializer
.
new
message
=
@
encryptor
.
encrypt_and_sign
({
:foo
=>
123
,
'bar'
=>
Time
.
utc
(
2010
)
})
assert_equal
@
encryptor
.
decrypt_and_verify
(
message
),
{
"foo"
=>
123
,
"bar"
=>
"2010-01-01T00:00:00Z"
}
encryptor
=
ActiveSupport
::
MessageEncryptor
.
new
(
SecureRandom
.
hex
(
64
),
:serializer
=>
JSONSerializer
.
new
)
message
=
encryptor
.
encrypt_and_sign
({
:foo
=>
123
,
'bar'
=>
Time
.
utc
(
2010
)
})
assert_equal
encryptor
.
decrypt_and_verify
(
message
),
{
"foo"
=>
123
,
"bar"
=>
"2010-01-01T00:00:00Z"
}
end
def
test_digest_algorithm_as_second_parameter_deprecation
assert_deprecated
(
/options hash/
)
do
ActiveSupport
::
MessageEncryptor
.
new
(
SecureRandom
.
hex
(
64
),
'aes-256-cbc'
)
end
end
private
def
assert_not_decrypted
(
value
)
assert_raise
(
ActiveSupport
::
MessageEncryptor
::
InvalidMessage
)
do
...
...
activesupport/test/message_verifier_test.rb
浏览文件 @
8a32a58f
...
...
@@ -10,7 +10,7 @@
require
'active_support/time'
require
'active_support/json'
class
MessageVerifierTest
<
Test
::
Uni
t
::
TestCase
class
MessageVerifierTest
<
ActiveSuppor
t
::
TestCase
class
JSONSerializer
def
dump
(
value
)
...
...
@@ -45,9 +45,15 @@ def test_tampered_data_raises
end
def
test_alternative_serialization_method
@verifier
.
serializer
=
JSONSerializer
.
new
message
=
@verifier
.
generate
({
:foo
=>
123
,
'bar'
=>
Time
.
utc
(
2010
)
})
assert_equal
@verifier
.
verify
(
message
),
{
"foo"
=>
123
,
"bar"
=>
"2010-01-01T00:00:00Z"
}
verifier
=
ActiveSupport
::
MessageVerifier
.
new
(
"Hey, I'm a secret!"
,
:serializer
=>
JSONSerializer
.
new
)
message
=
verifier
.
generate
({
:foo
=>
123
,
'bar'
=>
Time
.
utc
(
2010
)
})
assert_equal
verifier
.
verify
(
message
),
{
"foo"
=>
123
,
"bar"
=>
"2010-01-01T00:00:00Z"
}
end
def
test_digest_algorithm_as_second_parameter_deprecation
assert_deprecated
(
/options hash/
)
do
ActiveSupport
::
MessageVerifier
.
new
(
"secret"
,
"SHA1"
)
end
end
def
assert_not_verified
(
message
)
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录