def decrypt_text(text)
if text && match = text.match(/\Aaes-256-cbc:(.+)\Z/)
+ if cipher_key.blank?
+ logger.error "Attempt to decrypt a ciphered text with no cipher key configured in config/configuration.yml" if logger
+ return text
+ end
text = match[1]
c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
e, iv = text.split("--").map {|s| Base64.decode64(s)}
key = Redmine::Configuration['database_cipher_key'].to_s
key.blank? ? nil : Digest::SHA256.hexdigest(key)
end
+
+ def logger
+ RAILS_DEFAULT_LOGGER
+ end
end
module ClassMethods
assert_equal 'clear', r.password
end
end
+
+ def test_ciphered_password_with_no_cipher_key_configured_should_be_returned_ciphered
+ Redmine::Configuration.with 'database_cipher_key' => 'secret' do
+ r = Repository::Subversion.generate!(:password => 'clear')
+ end
+
+ Redmine::Configuration.with 'database_cipher_key' => '' do
+ r = Repository.first(:order => 'id DESC')
+ # password can not be deciphered
+ assert_nothing_raised do
+ assert r.password.match(/\Aaes-256-cbc:.+\Z/)
+ end
+ end
+ end
def test_encrypt_all
Repository.delete_all