| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
| |
[ci skip]
|
|
|
|
| |
This basically reverts 8da30ad6be34339124ba4cb4e36aea260dda12bc
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's become clear to me that the use case is still a bit muddy
and the upgrade path is going to be tough for people to figure
out.
This attempts at understanding it better through documentation,
but still needs follow up work.
[ Michael Coyne & Kasper Timm Hansen ]
|
|
|
|
|
|
| |
Both classes now have a rotate method where new instances are added for
each call. When decryption or verification fails the next rotation
instance is tried.
|
| |
|
|
|
|
| |
Adds support for metadata even when using ActiveSupport::MessageEncryptor::NullSerializer.
|
|
|
|
| |
[ci skip]
|
| |
|
| |
|
|\
| |
| | |
Update MessageEncryptor example to use dynamic key length
|
| |
| |
| |
| | |
by OpenSSL
|
| | |
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | | |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| |\ \
| | | |
| | | |
| | | | |
Enforce frozen string in Rubocop
|
| | |/ |
|
| |/
| |
| |
| |
| |
| |
| | |
The ActiveSupport test suite only passes currently if it uses the latest unreleased commits for dalli, and a patch for Builder:
https://github.com/tenderlove/builder/pull/6
Beyond that, all external dependencies (at least, to the extent they’re used by ActiveSupport) are happy, including Nokogiri as of 1.8.0.
|
|/ |
|
|
|
|
| |
Follow up of #29263
|
|
|
|
| |
- Introduce a method to select default cipher, and maintain backward compatibility
|
|\
| |
| |
| |
| | |
Message encryptor auth tag check
Fixes MessageEncryptor when used in AEAD mode. Specifically, we need to check if the `auth_tag` is nil. This may arise when an AEAD encryptor is used to decrypt a ciphertext generated from a different mode, such as CBC-HMAC. Basically, the number of double dashes will differ and `auth_tag` may be nil in this case.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When MessageEncryptor tries to +decrypt_and_verify+ ciphertexts
generated in a different mode (such CBC-HMAC), the +auth_tag+ may be
+nil+ and must explicitly check for it.
See the discussion here:
https://github.com/rails/rails/pull/28132#discussion_r116388462
|
| |
| |
| |
| |
| |
| | |
PR was merged before I could finished reviewing :grimacing:
[ci skip]
|
|\ \
| | |
| | | |
Add documentation about signature_key for MessageEncryptor.new [ci skip]
|
| |/ |
|
|/ |
|
|
|
|
|
|
|
|
|
| |
We use aes-256-cbc cipher by default and it only accepts keys with 32
bytes at max.
Closes #27576.
[ci skip]
|
|
|
|
| |
key length
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
| |
#25874 was squashed before merging [skip ci]
|
|
|
|
|
|
| |
AEAD modes like `aes-256-gcm` provide both confidentiality and data authenticity, eliminating the need to use MessageVerifier to check if the encrypted data has been tampered with.
Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
|
|
|
|
|
|
| |
creation.
Based on https://github.com/rails/rails/pull/25192#discussion_r65018222 and http://ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/Cipher/Cipher.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I wrote a utility that helps find areas where you could optimize your program using a frozen string instead of a string literal, it's called [let_it_go](https://github.com/schneems/let_it_go). After going through the output and adding `.freeze` I was able to eliminate the creation of 1,114 string objects on EVERY request to [codetriage](codetriage.com). How does this impact execution?
To look at memory:
```ruby
require 'get_process_mem'
mem = GetProcessMem.new
GC.start
GC.disable
1_114.times { " " }
before = mem.mb
after = mem.mb
GC.enable
puts "Diff: #{after - before} mb"
```
Creating 1,114 string objects results in `Diff: 0.03125 mb` of RAM allocated on every request. Or 1mb every 32 requests.
To look at raw speed:
```ruby
require 'benchmark/ips'
number_of_objects_reduced = 1_114
Benchmark.ips do |x|
x.report("freeze") { number_of_objects_reduced.times { " ".freeze } }
x.report("no-freeze") { number_of_objects_reduced.times { " " } }
end
```
We get the results
```
Calculating -------------------------------------
freeze 1.428k i/100ms
no-freeze 609.000 i/100ms
-------------------------------------------------
freeze 14.363k (± 8.5%) i/s - 71.400k
no-freeze 6.084k (± 8.1%) i/s - 30.450k
```
Now we can do some maths:
```ruby
ips = 6_226k # iterations / 1 second
call_time_before = 1.0 / ips # seconds per iteration
ips = 15_254 # iterations / 1 second
call_time_after = 1.0 / ips # seconds per iteration
diff = call_time_before - call_time_after
number_of_objects_reduced * diff * 100
# => 0.4530373333993266 miliseconds saved per request
```
So we're shaving off 1 second of execution time for every 220 requests.
Is this going to be an insane speed boost to any Rails app: nope. Should we merge it: yep.
p.s. If you know of a method call that doesn't modify a string input such as [String#gsub](https://github.com/schneems/let_it_go/blob/b0e2da69f0cca87ab581022baa43291cdf48638c/lib/let_it_go/core_ext/string.rb#L37) please [give me a pull request to the appropriate file](https://github.com/schneems/let_it_go/blob/b0e2da69f0cca87ab581022baa43291cdf48638c/lib/let_it_go/core_ext/string.rb#L37), or open an issue in LetItGo so we can track and freeze more strings.
Keep those strings Frozen
![](https://www.dropbox.com/s/z4dj9fdsv213r4v/let-it-go.gif?dl=1)
|
|
|
|
|
|
| |
You can now configure custom digest for cookies in the same way as `serializer`:
config.action_dispatch.cookies_digest = 'SHA256'
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MessageEncryptor has :serializer option, where any serializer object can
be passed. This commit make it possible to set this serializer from configuration
level.
There are predefined serializers (:marshal_serializer, :json_serialzier)
and custom serializer can be passed as String, Symbol (camelized and
constantized in ActionDispatch::Session namepspace) or serializer object.
Default :json_serializer was also added to generators to provide secure
defalt.
|
|
|
|
| |
Also reduce extra object allocation by creating string directly instead of join on Array
|
|\
| |
| |
| |
| | |
Improve poor security recommendation in docs
[ci skip]
|
| |
| |
| |
| |
| | |
As reported in #9960, the current documentation recommends an insecure practice for
key generation from a password (a single round of SHA-256). The modified documentation
uses ActiveSupport::KeyGenerator to perform proper key stretching.
|
|/
|
|
|
|
|
|
|
| |
1) According to OpenSSL's documentation, cipher.random_iv must be called
after cipher.encrypt and already sets the generated IV on the cipher.
2) OpenSSL::CipherError was moved to OpenSSL::Cipher::CipherError in
Ruby 1.8.7. Since Rails 4 requires at least Ruby 1.9.3, support for
the old location can be dropped.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sometimes, on Mac OS X, programmers accidentally press Option+Space
rather than just Space and don’t see the difference. The problem is
that Option+Space writes a non-breaking space (0XA0) rather than a
normal space (0x20).
This commit removes all the non-breaking spaces inadvertently
introduced in the comments of the code.
|
|
|
|
|
|
|
|
|
| |
How to use it?
cookies.encrypted[:discount] = 45
=> Set-Cookie: discount=ZS9ZZ1R4cG1pcUJ1bm80anhQang3dz09LS1mbDZDSU5scGdOT3ltQ2dTdlhSdWpRPT0%3D--ab54663c9f4e3bc340c790d6d2b71e92f5b60315; path=/
cookies.encrypted[:discount]
=> 45
|
| |
|
| |
|
| |
|
| |
|