TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Don't show secrets for MessageEncryptor#inspect

Browse Source 
If anyone calls a message encryptor in the console it will
show the secret of the encryptor.

By overriding the `inspect` method to only show the class name we can
avoid accidentally outputting sensitive information.

Before:

```ruby
ActiveSupport::MessageEncryptor.new(secret, cipher: "aes-256-gcm").inspect
"#<ActiveSupport::MessageEncryptor:0x0000000104888038 ... @secret=\"\\xAF\\bFh]LV}q\\nl\\xB2U\\xB3 ... >"
```

After:

```ruby
ActiveSupport::MessageEncryptor.new(secret, cipher: "aes-256-gcm").inspect
"#<ActiveSupport::MessageEncryptor:0x0000000104888038>"
```
This commit is contained in:
Petrik 2023-06-16 11:57:14 +02:00
parent 5f4f9166c1
commit 3f1526ae76
3 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
activesupport/CHANGELOG.md
View File

@ -1,3 +1,21 @@
* Don't show secrets for `MessageEncryptor#inspect`.
Before:
```ruby
ActiveSupport::MessageEncryptor.new(secret, cipher: "aes-256-gcm").inspect
"#<ActiveSupport::MessageEncryptor:0x0000000104888038 ... @secret=\"\\xAF\\bFh]LV}q\\nl\\xB2U\\xB3 ... >"
```
After:
```ruby
ActiveSupport::MessageEncryptor.new(secret, cipher: "aes-256-gcm").inspect
"#<ActiveSupport::MessageEncryptor:0x0000000104888038>"
```
*Petrik de Heus*
* Don't show contents for `EncryptedConfiguration#inspect`.
Before:
@ -10,7 +28,6 @@
```ruby
Rails.application.credentials.inspect
"#<ActiveSupport::EncryptedConfiguration:0x000000010d2b38e8>"
```
*Petrik de Heus*

4
activesupport/lib/active_support/message_encryptor.rb
View File

@ -261,6 +261,10 @@ def read_message(message, **options) # :nodoc:
deserialize_with_metadata(decrypt(verify(message)), **options)
end
def inspect # :nodoc:
"#<#{self.class.name}:#{'%#016x' % (object_id << 1)}>"
end
private
def sign(data)
@verifier ? @verifier.create_message(data) : data

5
activesupport/test/message_encryptor_test.rb
View File

@ -152,6 +152,11 @@ def test_backwards_compatibility_decrypt_previously_encrypted_messages_without_m
assert_equal "Ruby on Rails", encryptor.decrypt_and_verify(encrypted_message)
end
def test_inspect_does_not_show_secrets
encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm")
assert_match(/\A#<ActiveSupport::MessageEncryptor:0x[0-9a-f]+>\z/, encryptor.inspect)
end
private
def make_codec(**options)
ActiveSupport::MessageEncryptor.new(@secret, **options)