asherah 0.1.0.beta.1-aarch64-linux
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.rspec +3 -0
- data/.rubocop.yml +39 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +5 -0
- data/CODE_OF_CONDUCT.md +77 -0
- data/CONTRIBUTING.md +128 -0
- data/Gemfile +12 -0
- data/LICENSE.txt +21 -0
- data/README.md +39 -0
- data/Rakefile +97 -0
- data/SECURITY.md +19 -0
- data/asherah.gemspec +38 -0
- data/lib/asherah/error.rb +21 -0
- data/lib/asherah/native/libasherah-arm64.so +0 -0
- data/lib/asherah/version.rb +5 -0
- data/lib/asherah.rb +187 -0
- metadata +79 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 34d923ebd19903e064dbb021dc188b42a20e3ea26dfc387b8eebd27faecf8124
|
4
|
+
data.tar.gz: 9ef0178a5b6d440a40ce470097e73b4c88b286ed5ef5743b14438554da56ced2
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 2a66d75b94988ec99bae8c7f9563dbfa3be4ec811926758a51f878b584efe971986c1cb5ac37b42bd54724491d343541ac9da64686b64d09fd4500a193109093
|
7
|
+
data.tar.gz: b408f29b7332e26fdb42d38486048a66769f0ff0fa2972a11eabf9f68f59b367cf108f3430f8f73cb4a198f9e0333ae4f999cc9d4f4e7b81af022e4f5a725cb8
|
data/.rspec
ADDED
data/.rubocop.yml
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
AllCops:
|
2
|
+
TargetRubyVersion: 2.5
|
3
|
+
NewCops: enable
|
4
|
+
SuggestExtensions: false
|
5
|
+
Exclude:
|
6
|
+
- 'vendor/**/*' # Github Actions
|
7
|
+
|
8
|
+
Layout/LineLength:
|
9
|
+
Max: 120
|
10
|
+
|
11
|
+
Metrics/BlockLength:
|
12
|
+
Enabled: false
|
13
|
+
|
14
|
+
Metrics/MethodLength:
|
15
|
+
Enabled: false
|
16
|
+
|
17
|
+
Style/WordArray:
|
18
|
+
Enabled: false
|
19
|
+
|
20
|
+
Style/SymbolArray:
|
21
|
+
Enabled: false
|
22
|
+
|
23
|
+
Style/MultilineBlockChain:
|
24
|
+
Enabled: false
|
25
|
+
|
26
|
+
Style/BlockDelimiters:
|
27
|
+
Enabled: false
|
28
|
+
|
29
|
+
Style/HashAsLastArrayItem:
|
30
|
+
Enabled: false
|
31
|
+
|
32
|
+
Metrics/AbcSize:
|
33
|
+
Enabled: false
|
34
|
+
|
35
|
+
Metrics/ParameterLists:
|
36
|
+
Enabled: false
|
37
|
+
|
38
|
+
Metrics/ModuleLength:
|
39
|
+
Enabled: false
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
3.1.0
|
data/CHANGELOG.md
ADDED
data/CODE_OF_CONDUCT.md
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
# Contributor Covenant Code of Conduct
|
2
|
+
|
3
|
+
## Our Pledge
|
4
|
+
|
5
|
+
In the interest of fostering an open and welcoming environment, we as
|
6
|
+
contributors and maintainers pledge to making participation in our project and
|
7
|
+
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
+
size, disability, ethnicity, sex characteristics, gender identity and expression,
|
9
|
+
level of experience, education, socio-economic status, nationality, personal
|
10
|
+
appearance, race, religion, or sexual identity and orientation.
|
11
|
+
|
12
|
+
## Our Standards
|
13
|
+
|
14
|
+
Examples of behavior that contributes to creating a positive environment
|
15
|
+
include:
|
16
|
+
|
17
|
+
* Using welcoming and inclusive language
|
18
|
+
* Being respectful of differing viewpoints and experiences
|
19
|
+
* Gracefully accepting constructive criticism
|
20
|
+
* Focusing on what is best for the community
|
21
|
+
* Showing empathy towards other community members
|
22
|
+
|
23
|
+
Examples of unacceptable behavior by participants include:
|
24
|
+
|
25
|
+
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
+
advances
|
27
|
+
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
+
* Public or private harassment
|
29
|
+
* Publishing others' private information, such as a physical or electronic
|
30
|
+
address, without explicit permission
|
31
|
+
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
+
professional setting
|
33
|
+
|
34
|
+
## Our Responsibilities
|
35
|
+
|
36
|
+
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
+
behavior and are expected to take appropriate and fair corrective action in
|
38
|
+
response to any instances of unacceptable behavior.
|
39
|
+
|
40
|
+
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
+
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
+
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
+
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
+
threatening, offensive, or harmful.
|
45
|
+
|
46
|
+
## Scope
|
47
|
+
|
48
|
+
This Code of Conduct applies within all project spaces, and it also applies when
|
49
|
+
an individual is representing the project or its community in public spaces.
|
50
|
+
Examples of representing a project or community include using an official
|
51
|
+
project e-mail address, posting via an official social media account, or acting
|
52
|
+
as an appointed representative at an online or offline event. Representation of
|
53
|
+
a project may be further defined and clarified by project maintainers.
|
54
|
+
|
55
|
+
## Enforcement
|
56
|
+
|
57
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
58
|
+
reported by contacting the project team at oss@godaddy.com. All
|
59
|
+
complaints will be reviewed and investigated and will result in a response that
|
60
|
+
is deemed necessary and appropriate to the circumstances. The project team is
|
61
|
+
obligated to maintain confidentiality with regard to the reporter of an incident.
|
62
|
+
Further details of specific enforcement policies may be posted separately.
|
63
|
+
|
64
|
+
Project maintainers who do not follow or enforce the Code of Conduct in good
|
65
|
+
faith may face temporary or permanent repercussions as determined by other
|
66
|
+
members of the project's leadership.
|
67
|
+
|
68
|
+
## Attribution
|
69
|
+
|
70
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
71
|
+
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
|
72
|
+
|
73
|
+
[homepage]: https://www.contributor-covenant.org
|
74
|
+
|
75
|
+
For answers to common questions about this code of conduct, see
|
76
|
+
https://www.contributor-covenant.org/faq
|
77
|
+
|
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,128 @@
|
|
1
|
+
# Contributing
|
2
|
+
|
3
|
+
Everyone is welcome to contribute to GoDaddy's Open Source Software.
|
4
|
+
Contributing doesn’t just mean submitting pull requests. To get involved,
|
5
|
+
you can report or triage bugs, and participate in discussions on the
|
6
|
+
evolution of each project.
|
7
|
+
|
8
|
+
No matter how you want to get involved, we ask that you first learn what’s
|
9
|
+
expected of anyone who participates in the project by reading the Contribution
|
10
|
+
Guidelines and our [Code of Conduct][coc].
|
11
|
+
|
12
|
+
**Please Note:** GitHub is for bug reports and contributions primarily -
|
13
|
+
if you have a support question head over to [GoDaddy's Open Source
|
14
|
+
Software Slack channel][slack]. You can request an invite
|
15
|
+
[here][invite].
|
16
|
+
|
17
|
+
## Answering Questions
|
18
|
+
|
19
|
+
One of the most important and immediate ways you can support this project is
|
20
|
+
to answer questions on [Slack][slack] or [Github][issues]. Whether you’re
|
21
|
+
helping a newcomer understand a feature or troubleshooting an edge case with a
|
22
|
+
seasoned developer, your knowledge and experience with a programming language
|
23
|
+
can go a long way to help others.
|
24
|
+
|
25
|
+
## Reporting Bugs
|
26
|
+
|
27
|
+
**Do not report potential security vulnerabilities here. Refer to
|
28
|
+
[SECURITY.md](./SECURITY.md) for more details about the process of reporting
|
29
|
+
security vulnerabilities.**
|
30
|
+
|
31
|
+
Before submitting a ticket, please search our [Issue Tracker][issues] to make
|
32
|
+
sure it does not already exist and have a simple replication of the behavior. If
|
33
|
+
the issue is isolated to one of the dependencies of this project, please create
|
34
|
+
a Github issue in that project. All dependencies should be open source software
|
35
|
+
and can be found on Github.
|
36
|
+
|
37
|
+
Submit a ticket for your issue, assuming one does not already exist:
|
38
|
+
|
39
|
+
- Create it on the project's [issue Tracker][issues].
|
40
|
+
- Clearly describe the issue by following the template layout
|
41
|
+
- Make sure to include steps to reproduce the bug.
|
42
|
+
- A reproducible (unit) test could be helpful in solving the bug.
|
43
|
+
- Describe the environment that (re)produced the problem.
|
44
|
+
|
45
|
+
## Triaging bugs or contributing code
|
46
|
+
|
47
|
+
If you're triaging a bug, first make sure that you can reproduce it. Once a bug
|
48
|
+
can be reproduced, reduce it to the smallest amount of code possible. Reasoning
|
49
|
+
about a sample or unit test that reproduces a bug in just a few lines of code
|
50
|
+
is easier than reasoning about a longer sample.
|
51
|
+
|
52
|
+
From a practical perspective, contributions are as simple as:
|
53
|
+
|
54
|
+
1. Fork and clone the repo, [see Github's instructions if you need help.][fork]
|
55
|
+
1. Create a branch for your PR with `git checkout -b pr/your-branch-name`
|
56
|
+
1. Make changes on the branch of your forked repository.
|
57
|
+
1. When committing, reference your issue (if present) and include a note about
|
58
|
+
the fix.
|
59
|
+
1. Please also add/update unit tests for your changes.
|
60
|
+
1. Push the changes to your fork and submit a pull request to the 'main
|
61
|
+
development branch' branch of the projects' repository.
|
62
|
+
|
63
|
+
If you are interested in making a large change and feel unsure about its overall
|
64
|
+
effect, start with opening an Issue in the project's [Issue Tracker][issues]
|
65
|
+
with a high-level proposal and discuss it with the core contributors through
|
66
|
+
Github comments or in [Slack][slack]. After reaching a consensus with core
|
67
|
+
contributors about the change, discuss the best way to go about implementing it.
|
68
|
+
|
69
|
+
> Tip: Keep your main branch pointing at the original repository and make
|
70
|
+
> pull requests from branches on your fork. To do this, run:
|
71
|
+
>
|
72
|
+
> ```sh
|
73
|
+
> git remote add upstream https://github.com/godaddy/asherah-ruby.git
|
74
|
+
> git fetch upstream
|
75
|
+
> git branch --set-upstream-to=upstream/main main
|
76
|
+
> ```
|
77
|
+
>
|
78
|
+
> This will add the original repository as a "remote" called "upstream," Then
|
79
|
+
> fetch the git information from that remote, then set your local main
|
80
|
+
> branch to use the upstream main branch whenever you run git pull. Then you
|
81
|
+
> can make all of your pull request branches based on this main branch.
|
82
|
+
> Whenever you want to update your version of main, do a regular git pull.
|
83
|
+
|
84
|
+
## Code Review
|
85
|
+
|
86
|
+
Any open source project relies heavily on code review to improve software
|
87
|
+
quality. All significant changes, by all developers, must be reviewed before
|
88
|
+
they are committed to the repository. Code reviews are conducted on GitHub
|
89
|
+
through comments on pull requests or commits. The developer responsible for a
|
90
|
+
code change is also responsible for making all necessary review-related changes.
|
91
|
+
|
92
|
+
Sometimes code reviews will take longer than you would hope for, especially for
|
93
|
+
larger features. Here are some accepted ways to speed up review times for your
|
94
|
+
patches:
|
95
|
+
|
96
|
+
- Review other people’s changes. If you help out, others will more likely be
|
97
|
+
willing to do the same for you.
|
98
|
+
- Split your change into multiple smaller changes. The smaller your change,
|
99
|
+
the higher the probability that somebody will take a quick look at it.
|
100
|
+
- Mention the change on [Slack][slack]. If it is urgent, provide reasons why it
|
101
|
+
is important to get this change landed. Remember that you are asking for valuable
|
102
|
+
time from other professional developers.
|
103
|
+
|
104
|
+
**Note that anyone is welcome to review and give feedback on a change, but only
|
105
|
+
people with commit access to the repository can approve it.**
|
106
|
+
|
107
|
+
## Attribution of Changes
|
108
|
+
|
109
|
+
When contributors submit a change to this project, after that change is
|
110
|
+
approved, other developers with commit access may commit it for the author. When
|
111
|
+
doing so, it is important to retain correct attribution of the contribution.
|
112
|
+
Generally speaking, Git handles attribution automatically.
|
113
|
+
|
114
|
+
## Code Style and Documentation
|
115
|
+
|
116
|
+
Ensure that your contribution follows the standards set by the project's style
|
117
|
+
guide with respect to patterns, naming, documentation and testing.
|
118
|
+
|
119
|
+
# Additional Resources
|
120
|
+
|
121
|
+
- [General GitHub Documentation](https://help.github.com/)
|
122
|
+
- [GitHub Pull Request documentation](https://help.github.com/send-pull-requests/)
|
123
|
+
|
124
|
+
[issues]: https://github.com/godaddy/asherah-ruby/issues/
|
125
|
+
[coc]: ./CODE_OF_CONDUCT.md
|
126
|
+
[slack]: https://godaddy-oss.slack.com/
|
127
|
+
[fork]: https://help.github.com/en/articles/fork-a-repo
|
128
|
+
[invite]: https://godaddy-oss-slack.herokuapp.com
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2022 GoDaddy Operating Company, LLC.
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
# Asherah
|
2
|
+
|
3
|
+
Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/asherah`. To experiment with that code, run `bin/console` for an interactive prompt.
|
4
|
+
|
5
|
+
TODO: Delete this and the text above, and describe your gem
|
6
|
+
|
7
|
+
## Installation
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
gem 'asherah'
|
13
|
+
```
|
14
|
+
|
15
|
+
And then execute:
|
16
|
+
|
17
|
+
$ bundle install
|
18
|
+
|
19
|
+
Or install it yourself as:
|
20
|
+
|
21
|
+
$ gem install asherah
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
TODO: Write usage instructions here
|
26
|
+
|
27
|
+
## Development
|
28
|
+
|
29
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
30
|
+
|
31
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
32
|
+
|
33
|
+
## Contributing
|
34
|
+
|
35
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/asherah.
|
36
|
+
|
37
|
+
## License
|
38
|
+
|
39
|
+
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
data/Rakefile
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'bundler/gem_tasks'
|
4
|
+
require 'rspec/core/rake_task'
|
5
|
+
require 'rubygems/package'
|
6
|
+
require "open-uri"
|
7
|
+
|
8
|
+
RSpec::Core::RakeTask.new(:spec)
|
9
|
+
|
10
|
+
require 'rubocop/rake_task'
|
11
|
+
|
12
|
+
RuboCop::RakeTask.new
|
13
|
+
|
14
|
+
task default: %i[spec rubocop]
|
15
|
+
|
16
|
+
DISTRIBUTIONS = {
|
17
|
+
'x86_64-linux' => ['libasherah-x64.so'],
|
18
|
+
'x86_64-darwin' => ['libasherah-x64.dylib'],
|
19
|
+
'aarch64-linux' => ['libasherah-arm64.so'],
|
20
|
+
'arm64-darwin' => ['libasherah-arm64.dylib']
|
21
|
+
}
|
22
|
+
|
23
|
+
def native_build(platform, native_files)
|
24
|
+
puts "Building gem for #{platform}"
|
25
|
+
|
26
|
+
pkg_dir = File.join(__dir__, 'pkg')
|
27
|
+
FileUtils.mkdir_p(pkg_dir)
|
28
|
+
|
29
|
+
tmp_gem_dir = File.join(__dir__, 'tmp', platform)
|
30
|
+
FileUtils.rm_rf(tmp_gem_dir, verbose: true)
|
31
|
+
FileUtils.mkdir_p(tmp_gem_dir, verbose: true)
|
32
|
+
|
33
|
+
# Copy files to tmp gem dir
|
34
|
+
gemspec = Bundler.load_gemspec('asherah.gemspec')
|
35
|
+
gemspec.files.each do |file|
|
36
|
+
dir = File.dirname(file)
|
37
|
+
filename = File.basename(file)
|
38
|
+
FileUtils.mkdir_p(File.join(tmp_gem_dir, dir))
|
39
|
+
FileUtils.copy_file(file, File.join(tmp_gem_dir, dir, filename))
|
40
|
+
end
|
41
|
+
|
42
|
+
# Set platform for native gem build and remove extentions
|
43
|
+
gemspec.platform = Gem::Platform.new(platform)
|
44
|
+
|
45
|
+
native_dir = 'lib/asherah/native'
|
46
|
+
FileUtils.cd(tmp_gem_dir, verbose: true) do
|
47
|
+
FileUtils.mkdir_p(native_dir)
|
48
|
+
native_files.each do |native_file|
|
49
|
+
native_file_path = File.join(native_dir, native_file)
|
50
|
+
gemspec.files << native_file_path
|
51
|
+
|
52
|
+
URI.open(native_file_path, 'wb') do |file|
|
53
|
+
url = "https://github.com/godaddy/asherah-cobhan/releases/download/current/#{native_file}"
|
54
|
+
puts "Downloading #{url}"
|
55
|
+
file << URI.open(url).read
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
package = Gem::Package.build gemspec
|
60
|
+
FileUtils.mv package, File.join(pkg_dir, package)
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
|
65
|
+
namespace :native do
|
66
|
+
namespace :build do
|
67
|
+
desc "Build all native gems"
|
68
|
+
task :all do
|
69
|
+
DISTRIBUTIONS.each do |platform, native_files|
|
70
|
+
native_build(platform, native_files)
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
DISTRIBUTIONS.each do |platform, native_files|
|
75
|
+
desc "Build native gem for #{platform}"
|
76
|
+
task :"#{platform}" do
|
77
|
+
native_build(platform, native_files)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
namespace :smoke do
|
83
|
+
require 'cobhan'
|
84
|
+
|
85
|
+
filename = Class.new.extend(Cobhan).library_file_name('libasherah')
|
86
|
+
platform, _ = DISTRIBUTIONS.detect { |k, v| v.include?(filename) }
|
87
|
+
|
88
|
+
desc "Smoke test native gem on #{platform} platform"
|
89
|
+
task :"#{platform}" => :"build:#{platform}" do
|
90
|
+
gemspec = Bundler.load_gemspec('asherah.gemspec')
|
91
|
+
gemspec.platform = Gem::Platform.new(platform)
|
92
|
+
|
93
|
+
sh("gem install pkg/#{gemspec.file_name}")
|
94
|
+
sh("ruby spec/smoke_test.rb")
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
data/SECURITY.md
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
# Reporting Security Issues
|
2
|
+
|
3
|
+
We take security very seriously at GoDaddy. We appreciate your efforts to
|
4
|
+
responsibly disclose your findings, and will make every effort to acknowledge
|
5
|
+
your contributions.
|
6
|
+
|
7
|
+
## Where should I report security issues?
|
8
|
+
|
9
|
+
In order to give the community time to respond and upgrade, we strongly urge you
|
10
|
+
report all security issues privately.
|
11
|
+
|
12
|
+
To report a security issue in one of our Open Source projects email us directly
|
13
|
+
at **oss@godaddy.com** and include the word "SECURITY" in the subject line.
|
14
|
+
|
15
|
+
This mail is delivered to our Open Source Security team.
|
16
|
+
|
17
|
+
After the initial reply to your report, the team will keep you informed of the
|
18
|
+
progress being made towards a fix and announcement, and may ask for additional
|
19
|
+
information or guidance.
|
data/asherah.gemspec
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'lib/asherah/version'
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = 'asherah'
|
7
|
+
spec.version = Asherah::VERSION
|
8
|
+
spec.authors = ['GoDaddy']
|
9
|
+
spec.email = ['oss@godaddy.com']
|
10
|
+
|
11
|
+
spec.summary = 'Application Layer Encryption SDK'
|
12
|
+
spec.description = <<~DESCRIPTION
|
13
|
+
Asherah is an application-layer encryption SDK that provides advanced
|
14
|
+
encryption features and defense in depth against compromise.
|
15
|
+
DESCRIPTION
|
16
|
+
|
17
|
+
spec.homepage = 'https://github.com/godaddy/asherah-ruby'
|
18
|
+
spec.license = 'MIT'
|
19
|
+
spec.required_ruby_version = '>= 2.5.0'
|
20
|
+
|
21
|
+
spec.metadata['homepage_uri'] = spec.homepage
|
22
|
+
spec.metadata['source_code_uri'] = 'https://github.com/godaddy/asherah-ruby'
|
23
|
+
spec.metadata['changelog_uri'] = 'https://github.com/godaddy/asherah-ruby/blob/main/CHANGELOG.md'
|
24
|
+
spec.metadata['rubygems_mfa_required'] = 'true'
|
25
|
+
|
26
|
+
# Specify which files should be added to the gem when it is released.
|
27
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
28
|
+
spec.files = Dir.chdir(File.expand_path(__dir__)) do
|
29
|
+
`git ls-files -z`.split("\x0").reject do |f|
|
30
|
+
(f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
|
31
|
+
end
|
32
|
+
end
|
33
|
+
spec.bindir = 'exe'
|
34
|
+
spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
|
35
|
+
spec.require_paths = ['lib']
|
36
|
+
|
37
|
+
spec.add_dependency 'cobhan', '~> 0.1.2'
|
38
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
|
2
|
+
module Asherah
|
3
|
+
module Error
|
4
|
+
ResultError = Class.new(StandardError)
|
5
|
+
|
6
|
+
CODES = {
|
7
|
+
-100 => 'not initialized',
|
8
|
+
-101 => 'already initialized',
|
9
|
+
-102 => 'get session failed',
|
10
|
+
-103 => 'encrypt failed',
|
11
|
+
-104 => 'eecrypt failed'
|
12
|
+
}
|
13
|
+
|
14
|
+
def self.check_result!(scope, result)
|
15
|
+
if result.negative?
|
16
|
+
error_message = Error::CODES.fetch(result) { 'unrecognized' }
|
17
|
+
raise Error::ResultError.new("#{scope} failed: #{error_message}")
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
Binary file
|
data/lib/asherah.rb
ADDED
@@ -0,0 +1,187 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'asherah/version'
|
4
|
+
require 'asherah/error'
|
5
|
+
require 'cobhan'
|
6
|
+
|
7
|
+
# Asherah uses the following data structures: `data_row_record`, `envelope_key_record`, and `key_meta`.
|
8
|
+
#
|
9
|
+
# `data_row_record` contains the encrypted key and provided data, as well as the information
|
10
|
+
# required to decrypt the key encryption key. This struct should be stored in your
|
11
|
+
# data persistence as it's required to decrypt data.
|
12
|
+
#
|
13
|
+
# data_row_record [Hash]
|
14
|
+
# key [Hash], envelope_key_record
|
15
|
+
# data [String]
|
16
|
+
#
|
17
|
+
# `envelope_key_record` represents an encrypted key and is the data structure used
|
18
|
+
# to persist the key in our key table. It also contains the meta data
|
19
|
+
# of the key used to encrypt it.
|
20
|
+
#
|
21
|
+
# envelope_key_record [Hash]
|
22
|
+
# created [Integer]
|
23
|
+
# encrypted_key [String]
|
24
|
+
# parent_key_meta [Hash], key_meta
|
25
|
+
#
|
26
|
+
# `key_meta` contains the `id` and `created` timestamp for an encryption key.
|
27
|
+
#
|
28
|
+
# key_meta [Hash]
|
29
|
+
# id [String]
|
30
|
+
# created [Integer]
|
31
|
+
module Asherah
|
32
|
+
extend Cobhan
|
33
|
+
|
34
|
+
LIB_ROOT_PATH = File.expand_path('asherah/native', __dir__)
|
35
|
+
load_library(LIB_ROOT_PATH, 'libasherah', [
|
36
|
+
[
|
37
|
+
:Setup,
|
38
|
+
[
|
39
|
+
:pointer, :pointer, :pointer, :pointer, :pointer, :pointer, :int32,
|
40
|
+
:pointer, :pointer, :pointer, :pointer, :int32, :int32, :int32
|
41
|
+
],
|
42
|
+
:int32
|
43
|
+
],
|
44
|
+
[:Encrypt, [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :int32],
|
45
|
+
[:Decrypt, [:pointer, :pointer, :pointer, :int64, :pointer, :int64, :pointer], :int32]
|
46
|
+
].freeze)
|
47
|
+
|
48
|
+
class << self
|
49
|
+
# Initializes Asherah encryption session
|
50
|
+
#
|
51
|
+
# @param kms_type [String]
|
52
|
+
# @param metastore [String]
|
53
|
+
# @param service_name [String]
|
54
|
+
# @param product_id [String]
|
55
|
+
# @param rdbms_connection_string [String]
|
56
|
+
# @param dynamo_db_endpoint [String]
|
57
|
+
# @param dynamo_db_region [String]
|
58
|
+
# @param dynamo_db_table_name [String]
|
59
|
+
# @param enable_region_suffix [Boolean]
|
60
|
+
# @param preferred_region [String]
|
61
|
+
# @param region_map [String]
|
62
|
+
# @param verbose [Boolean]
|
63
|
+
# @param session_cache [Boolean]
|
64
|
+
# @param debug_output [Boolean]
|
65
|
+
def setup(
|
66
|
+
kms_type:,
|
67
|
+
metastore:,
|
68
|
+
service_name:,
|
69
|
+
product_id:,
|
70
|
+
rdbms_connection_string: '',
|
71
|
+
dynamo_db_endpoint: '',
|
72
|
+
dynamo_db_region: '',
|
73
|
+
dynamo_db_table_name: '',
|
74
|
+
enable_region_suffix: false,
|
75
|
+
preferred_region: '',
|
76
|
+
region_map: '',
|
77
|
+
verbose: false,
|
78
|
+
session_cache: false,
|
79
|
+
debug_output: false
|
80
|
+
)
|
81
|
+
kms_type_buffer = string_to_cbuffer(kms_type)
|
82
|
+
metastore_buffer = string_to_cbuffer(metastore)
|
83
|
+
rdbms_connection_string_buffer = string_to_cbuffer(rdbms_connection_string)
|
84
|
+
dynamo_db_endpoint_buffer = string_to_cbuffer(dynamo_db_endpoint)
|
85
|
+
dynamo_db_region_buffer = string_to_cbuffer(dynamo_db_region)
|
86
|
+
dynamo_db_table_name_buffer = string_to_cbuffer(dynamo_db_table_name)
|
87
|
+
enable_region_suffix_int = enable_region_suffix ? 1 : 0
|
88
|
+
service_name_buffer = string_to_cbuffer(service_name)
|
89
|
+
product_id_buffer = string_to_cbuffer(product_id)
|
90
|
+
preferred_region_buffer = string_to_cbuffer(preferred_region)
|
91
|
+
region_map_buffer = string_to_cbuffer(region_map)
|
92
|
+
verbose_int = verbose ? 1 : 0
|
93
|
+
session_cache_int = session_cache ? 1 : 0
|
94
|
+
debug_output_int = debug_output ? 1 : 0
|
95
|
+
|
96
|
+
result = Setup(
|
97
|
+
kms_type_buffer,
|
98
|
+
metastore_buffer,
|
99
|
+
rdbms_connection_string_buffer,
|
100
|
+
dynamo_db_endpoint_buffer,
|
101
|
+
dynamo_db_region_buffer,
|
102
|
+
dynamo_db_table_name_buffer,
|
103
|
+
enable_region_suffix_int,
|
104
|
+
service_name_buffer,
|
105
|
+
product_id_buffer,
|
106
|
+
preferred_region_buffer,
|
107
|
+
region_map_buffer,
|
108
|
+
verbose_int,
|
109
|
+
session_cache_int,
|
110
|
+
debug_output_int
|
111
|
+
)
|
112
|
+
|
113
|
+
Error.check_result!('setup', result)
|
114
|
+
end
|
115
|
+
|
116
|
+
# Encrypts data for a given partition_id
|
117
|
+
#
|
118
|
+
# @param partition_id [String]
|
119
|
+
# @param data [String]
|
120
|
+
# @return [Hash], data_row_record
|
121
|
+
def encrypt(partition_id, data)
|
122
|
+
partition_id_buffer = string_to_cbuffer(partition_id)
|
123
|
+
data_buffer = string_to_cbuffer(data)
|
124
|
+
output_encrypted_data_buffer = allocate_cbuffer(data.length + 256)
|
125
|
+
output_encrypted_key_buffer = allocate_cbuffer(256)
|
126
|
+
output_created_buffer = int_to_buffer(0)
|
127
|
+
output_parent_key_id_buffer = allocate_cbuffer(256)
|
128
|
+
output_parent_key_created_buffer = int_to_buffer(0)
|
129
|
+
|
130
|
+
result = Encrypt(
|
131
|
+
partition_id_buffer,
|
132
|
+
data_buffer,
|
133
|
+
output_encrypted_data_buffer,
|
134
|
+
output_encrypted_key_buffer,
|
135
|
+
output_created_buffer,
|
136
|
+
output_parent_key_id_buffer,
|
137
|
+
output_parent_key_created_buffer
|
138
|
+
)
|
139
|
+
|
140
|
+
Error.check_result!('encrypt', result)
|
141
|
+
|
142
|
+
parent_key_id = cbuffer_to_string(output_parent_key_id_buffer)
|
143
|
+
|
144
|
+
{
|
145
|
+
data: cbuffer_to_string(output_encrypted_data_buffer),
|
146
|
+
key: {
|
147
|
+
encrypted_key: cbuffer_to_string(output_encrypted_key_buffer),
|
148
|
+
created: buffer_to_int(output_created_buffer),
|
149
|
+
parent_key_meta: {
|
150
|
+
id: parent_key_id,
|
151
|
+
created: buffer_to_int(output_parent_key_created_buffer)
|
152
|
+
}
|
153
|
+
}
|
154
|
+
}
|
155
|
+
end
|
156
|
+
|
157
|
+
# Decrypts a data_row_record for a partition_id
|
158
|
+
#
|
159
|
+
# @param partition_id [String]
|
160
|
+
# @param data_row_record [Hash], data_row_record
|
161
|
+
# @return [String]
|
162
|
+
def decrypt(partition_id, data_row_record)
|
163
|
+
partition_id_buffer = string_to_cbuffer(partition_id)
|
164
|
+
encrypted_data_buffer = string_to_cbuffer(data_row_record[:data])
|
165
|
+
encrypted_key_buffer = string_to_cbuffer(data_row_record[:key][:encrypted_key])
|
166
|
+
created = data_row_record[:key][:created]
|
167
|
+
parent_key_id_buffer = string_to_cbuffer(data_row_record[:key][:parent_key_meta][:id])
|
168
|
+
parent_key_created = data_row_record[:key][:parent_key_meta][:created]
|
169
|
+
|
170
|
+
output_data_buffer = allocate_cbuffer(encrypted_data_buffer.size + 256)
|
171
|
+
|
172
|
+
result = Decrypt(
|
173
|
+
partition_id_buffer,
|
174
|
+
encrypted_data_buffer,
|
175
|
+
encrypted_key_buffer,
|
176
|
+
created,
|
177
|
+
parent_key_id_buffer,
|
178
|
+
parent_key_created,
|
179
|
+
output_data_buffer
|
180
|
+
)
|
181
|
+
|
182
|
+
Error.check_result!('decrypt', result)
|
183
|
+
|
184
|
+
cbuffer_to_string(output_data_buffer)
|
185
|
+
end
|
186
|
+
end
|
187
|
+
end
|
metadata
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: asherah
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0.beta.1
|
5
|
+
platform: aarch64-linux
|
6
|
+
authors:
|
7
|
+
- GoDaddy
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2022-03-07 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: cobhan
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.1.2
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 0.1.2
|
27
|
+
description: |
|
28
|
+
Asherah is an application-layer encryption SDK that provides advanced
|
29
|
+
encryption features and defense in depth against compromise.
|
30
|
+
email:
|
31
|
+
- oss@godaddy.com
|
32
|
+
executables: []
|
33
|
+
extensions: []
|
34
|
+
extra_rdoc_files: []
|
35
|
+
files:
|
36
|
+
- ".rspec"
|
37
|
+
- ".rubocop.yml"
|
38
|
+
- ".ruby-version"
|
39
|
+
- CHANGELOG.md
|
40
|
+
- CODE_OF_CONDUCT.md
|
41
|
+
- CONTRIBUTING.md
|
42
|
+
- Gemfile
|
43
|
+
- LICENSE.txt
|
44
|
+
- README.md
|
45
|
+
- Rakefile
|
46
|
+
- SECURITY.md
|
47
|
+
- asherah.gemspec
|
48
|
+
- lib/asherah.rb
|
49
|
+
- lib/asherah/error.rb
|
50
|
+
- lib/asherah/native/libasherah-arm64.so
|
51
|
+
- lib/asherah/version.rb
|
52
|
+
homepage: https://github.com/godaddy/asherah-ruby
|
53
|
+
licenses:
|
54
|
+
- MIT
|
55
|
+
metadata:
|
56
|
+
homepage_uri: https://github.com/godaddy/asherah-ruby
|
57
|
+
source_code_uri: https://github.com/godaddy/asherah-ruby
|
58
|
+
changelog_uri: https://github.com/godaddy/asherah-ruby/blob/main/CHANGELOG.md
|
59
|
+
rubygems_mfa_required: 'true'
|
60
|
+
post_install_message:
|
61
|
+
rdoc_options: []
|
62
|
+
require_paths:
|
63
|
+
- lib
|
64
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: 2.5.0
|
69
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
70
|
+
requirements:
|
71
|
+
- - ">"
|
72
|
+
- !ruby/object:Gem::Version
|
73
|
+
version: 1.3.1
|
74
|
+
requirements: []
|
75
|
+
rubygems_version: 3.3.3
|
76
|
+
signing_key:
|
77
|
+
specification_version: 4
|
78
|
+
summary: Application Layer Encryption SDK
|
79
|
+
test_files: []
|