asherah 0.1.0.beta.2-aarch64-linux → 0.4.1-aarch64-linux

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 92b084ae34e14e15ff7b8d37a038109202241c783cdf55c910241e9164fce134
-  data.tar.gz: 4d943000d6d5096723bb4fd289aabf4c227531ecb42037e3e667792efbedc359
+  metadata.gz: 552ed1c9e334c3f83bab7b90e0c522e00218a690d3e67bf59347e0065aa7a6d5
+  data.tar.gz: 98dcb37bc214640dec990ecaff49bea688d0966bc77f6182b43b19fe3fc686a8
 SHA512:
-  metadata.gz: 5d1a41ab2cbc1ea2a3442b79c30d7692c7170eefe60a52f2807ecc30b4abe013623e9da4edfcc034eb567b94d8cd9a88f8d06a48aa3a1368a3b7cd7eb3134185
-  data.tar.gz: f4cead2ad512f90c3d3f3865e06436db72655fd8180b79e8317cab3cd34bc6a9b5470be86dd29cd7d08d866978148f5edd8afabedb83f04ce5e8a56598240b1e
+  metadata.gz: 3248250cf38f0ffb145c1e3d99a530d1167a903f4907216f010b77a1a5168a4ca8c54ee979853630035efa1f6f495f1aeea7d2ab82b66fd513ad9ecbfcdaed55
+  data.tar.gz: e9531283d182efb3c47f8234c4cd1b8e7dbb505a987a407d57847a07eb57b1994ba6d0fb2ce6c42d62e572e9a7031728ab718a3d53c657e8c35f11c908de8c47

data/.rubocop.yml

@@ -4,6 +4,7 @@ AllCops:
   SuggestExtensions: false
   Exclude:
     - 'vendor/**/*' # Github Actions
+    - 'tmp/**/*'
 
 Layout/LineLength:
   Max: 120

data/CHANGELOG.md

@@ -1,5 +1,31 @@
 ## [Unreleased]
 
+## [0.4.1] - 2022-03-25
+
+- Build and release platform gems
+
+## [0.4.0] - 2022-03-25
+
+- Download native file during gem install and verify checksum
+- Upgrade to use asherah-cobhan v0.4.11
+
+## [0.3.0] - 2022-03-22
+
+- Free up cobhan buffers after encrypt/decrypt to prevent growing heap memory
+- Use local `estimate_buffer` calculation instead of FFI call
+- Upgrade to use asherah-cobhan v0.4.3
+
+## [0.2.0] - 2022-03-21
+
+- Implement versioning for asherah-cobhan binaries
+- Upgrade to use asherah-cobhan v0.3.1
+- Add BadConfig error and expose error codes
+- Remove DRR methods and use JSON exclusively
+- Cross language testing using Asherah Go
+
+## [0.1.0] - 2022-03-14
+
+- First official release
 
 ## [0.1.0.beta2] - 2022-03-14
 

data/Gemfile

@@ -6,3 +6,5 @@ source 'https://rubygems.org'
 gemspec
 
 gem 'rake', '~> 13.0'
+
+gem 'cucumber', '~> 7.1.0'

data/README.md

@@ -1,8 +1,8 @@
 # Asherah
 
-Asherah is a Ruby wrapper around [Asherah Go](https://github.com/godaddy/asherah) application-layer encryption SDK that provides advanced encryption features and defense in depth against compromise. It uses a technique known as "envelope encryption" and supports cloud-agnostic data storage and key management.
+Asherah is a Ruby FFI wrapper around Go version of [Asherah](https://github.com/godaddy/asherah) application-layer encryption SDK. Asherah provides advanced encryption features and defense in depth against compromise. It uses a technique known as "envelope encryption" and supports cloud-agnostic data storage and key management.
 
-Check out the following documentation to get more familiar with its concepts:
+Check out the following documentation to get more familiar with the concepts and configuration options:
 
 - [Design and Architecture](https://github.com/godaddy/asherah/blob/master/docs/DesignAndArchitecture.md)
 - [Key Caching](https://github.com/godaddy/asherah/blob/master/docs/KeyCaching.md)
@@ -10,6 +10,10 @@ Check out the following documentation to get more familiar with its concepts:
 - [Metastore](https://github.com/godaddy/asherah/blob/master/docs/Metastore.md)
 - [System Requirements](https://github.com/godaddy/asherah/blob/master/docs/SystemRequirements.md)
 
+## Supported Platforms
+
+Currently supported platforms are Linux and Darwin operating systems for x64 and arm64 CPU architectures.
+
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -34,10 +38,10 @@ Configure Asherah:
 
 ```ruby
 Asherah.configure do |config|
-  config.kms_type = 'static'
+  config.kms = 'static'
   config.metastore = 'memory'
-  config.service_name = 'gem'
-  config.product_id = 'sable'
+  config.service_name = 'service'
+  config.product_id = 'product'
 end
 ```
 
@@ -45,23 +49,33 @@ Encrypt some data for a `partition_id`
 
 ```ruby
 partition_id = 'user_1'
-data = 'Some PII data'
-data_row_record = Asherah.encrypt(partition_id, data)
-p data_row_record
+data = 'PII data'
+data_row_record_json = Asherah.encrypt(partition_id, data)
+puts data_row_record_json
 ```
 
-Decrypt `data_row_record`
+Decrypt `data_row_record_json`
 
 ```ruby
-decrypted_data = Asherah.decrypt(partition_id, data_row_record)
-p decrypted_data
+decrypted_data = Asherah.decrypt(partition_id, data_row_record_json)
+puts decrypted_data
 ```
 
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
 
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+To install this gem onto your local machine, run `rake install`.
+
+To release a new version, update the version number in `version.rb`, create and push a version tag:
+
+```
+git tag -a v$(rake version) -m "Version $(rake version)"
+git push origin v$(rake version)
+```
+
+And then create a release in Github with title `echo "Version $(rake version)"` that will trigger `.github/workflows/publish.yml` workflow and push the `.gem` file to [rubygems.org](https://rubygems.org):
+
 
 ## Contributing
 

data/Rakefile

@@ -2,8 +2,6 @@
 
 require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
-require 'rubygems/package'
-require 'open-uri'
 
 RSpec::Core::RakeTask.new(:spec)
 
@@ -11,86 +9,21 @@ require 'rubocop/rake_task'
 
 RuboCop::RakeTask.new
 
-task default: %i[spec rubocop]
-
-DISTRIBUTIONS = {
-  'x86_64-linux' => ['libasherah-x64.so'],
-  'x86_64-darwin' => ['libasherah-x64.dylib'],
-  'aarch64-linux' => ['libasherah-arm64.so'],
-  'arm64-darwin' => ['libasherah-arm64.dylib']
-}.freeze
-
-def native_build(platform, native_files)
-  puts "Building gem for #{platform}"
-
-  pkg_dir = File.join(__dir__, 'pkg')
-  FileUtils.mkdir_p(pkg_dir)
-
-  tmp_gem_dir = File.join(__dir__, 'tmp', platform)
-  FileUtils.rm_rf(tmp_gem_dir, verbose: true)
-  FileUtils.mkdir_p(tmp_gem_dir, verbose: true)
-
-  # Copy files to tmp gem dir
-  gemspec = Bundler.load_gemspec('asherah.gemspec')
-  gemspec.files.each do |file|
-    dir = File.dirname(file)
-    filename = File.basename(file)
-    FileUtils.mkdir_p(File.join(tmp_gem_dir, dir))
-    FileUtils.copy_file(file, File.join(tmp_gem_dir, dir, filename))
-  end
-
-  # Set platform for native gem build and remove extentions
-  gemspec.platform = Gem::Platform.new(platform)
-
-  native_dir = 'lib/asherah/native'
-  FileUtils.cd(tmp_gem_dir, verbose: true) do
-    FileUtils.mkdir_p(native_dir)
-    native_files.each do |native_file|
-      native_file_path = File.join(native_dir, native_file)
-      gemspec.files << native_file_path
-
-      File.open(native_file_path, 'wb') do |file|
-        url = "https://github.com/godaddy/asherah-cobhan/releases/download/current/#{native_file}"
-        puts "Downloading #{url}"
-        file << URI.parse(url).open.read
-      end
-    end
-
-    package = Gem::Package.build gemspec
-    FileUtils.mv package, File.join(pkg_dir, package)
+desc 'Download the binary for the current platform'
+task :download do
+  tmp_dir = 'tmp'
+  FileUtils.mkdir_p(tmp_dir)
+  FileUtils.cd(tmp_dir, verbose: true) do
+    system('ruby ../ext/asherah/extconf.rb')
   end
 end
 
-namespace :native do
-  desc 'Build all native gems'
-  task :build do
-    DISTRIBUTIONS.each do |platform, native_files|
-      native_build(platform, native_files)
-    end
-  end
-
-  namespace :build do
-    DISTRIBUTIONS.each do |platform, native_files|
-      desc "Build native gem for #{platform}"
-      task :"#{platform}" do
-        native_build(platform, native_files)
-      end
-    end
-  end
-
-  namespace :smoke do
-    require 'cobhan'
-
-    filename = Class.new.extend(Cobhan).library_file_name('libasherah')
-    platform, _files = DISTRIBUTIONS.detect { |_k, v| v.include?(filename) }
-
-    desc "Smoke test native gem on #{platform} platform"
-    task "#{platform}": :"build:#{platform}" do
-      gemspec = Bundler.load_gemspec('asherah.gemspec')
-      gemspec.platform = Gem::Platform.new(platform)
+task default: %i[spec rubocop]
+task spec: :download
 
-      sh("gem install pkg/#{gemspec.file_name}")
-      sh('ruby spec/smoke_test.rb')
-    end
-  end
+desc 'Print current version'
+task :version do
+  puts Asherah::VERSION
 end
+
+Rake.add_rakelib 'tasks'

data/asherah.gemspec

@@ -27,14 +27,15 @@ Gem::Specification.new do |spec|
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject do |f|
-      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features|tasks)/|\.(?:git|travis|circleci)|appveyor)})
     end
   end
   spec.bindir = 'exe'
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
+  spec.extensions = ['ext/asherah/extconf.rb']
 
-  spec.add_dependency 'cobhan', '~> 0.1.2'
+  spec.add_dependency 'cobhan', '~> 0.2.0'
   spec.add_development_dependency 'dotenv', '~> 2.7.6'
   spec.add_development_dependency 'rspec', '~> 3.10.0'
   spec.add_development_dependency 'rubocop', '~> 1.7'

data/ext/asherah/checksums.yml

@@ -0,0 +1,5 @@
+version:                v0.4.11
+libasherah-arm64.so:    bc044b74453fc8fceca564fb127c9f2748aeac107791bd24c680ced1fcb7b816
+libasherah-x64.so:      82f10505ef11fba2c8e027668d9b5c89584f73eb1e53a9f5ff21d5705ecffb3a
+libasherah-arm64.dylib: 0b843d002212722c442c990d84e6ceac73c78e1663260be8c3f759a9a283b14a
+libasherah-x64.dylib:   fd0592ed4cdfbc7b3a2534b540c22301a9669c6c37dfb3d28f600ccc9ba975f8

data/ext/asherah/extconf.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+require 'mkmf'
+create_makefile('asherah/asherah')
+
+require_relative 'native_file'
+NativeFile.download

data/ext/asherah/native_file.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+require 'open-uri'
+require 'fileutils'
+require 'digest'
+require 'yaml'
+require 'cobhan'
+
+# Downloads native file and verifies checksum
+class NativeFile
+  LIB_NAME = 'libasherah'
+  ROOT_DIR = File.expand_path('../../', __dir__)
+  CHECKSUMS_FILE = File.expand_path('checksums.yml', __dir__)
+  CHECKSUMS = YAML.load_file(CHECKSUMS_FILE)
+  VERSION = CHECKSUMS.fetch('version')
+  RETRIES = 3
+  RETRY_DELAY = 1
+
+  class << self
+    def download(
+      file_name: Class.new.extend(Cobhan).library_file_name(LIB_NAME),
+      dir: File.join(ROOT_DIR, 'lib/asherah/native')
+    )
+      file_path = File.join(dir, file_name)
+      if File.exist?(file_path)
+        puts "#{file_path} already exists ... skipping download"
+        return
+      end
+
+      checksum = CHECKSUMS.fetch(file_name) do
+        abort "Unsupported platform #{RUBY_PLATFORM}"
+      end
+
+      content = download_content(file_name)
+
+      sha256 = Digest::SHA256.hexdigest(content)
+      abort "Could not verify checksum of #{file_name}" if sha256 != checksum
+
+      FileUtils.mkdir_p(dir)
+      File.binwrite(file_path, content)
+    end
+
+    private
+
+    def download_content(file_name)
+      tries = 0
+
+      begin
+        tries += 1
+        url = "https://github.com/godaddy/asherah-cobhan/releases/download/#{VERSION}/#{file_name}"
+        puts "Downloading #{url}"
+        URI.parse(url).open.read
+      rescue Net::OpenTimeout, Net::ReadTimeout => e
+        if tries <= RETRIES
+          puts "Got #{e.class}... retrying in #{RETRY_DELAY} seconds"
+          sleep RETRY_DELAY
+          retry
+        else
+          raise e
+        end
+      end
+    end
+  end
+end

data/lib/asherah/error.rb

@@ -9,20 +9,22 @@ module Asherah
     GetSessionFailed = Class.new(StandardError)
     EncryptFailed = Class.new(StandardError)
     DecryptFailed = Class.new(StandardError)
+    BadConfig = Class.new(StandardError)
 
     CODES = {
       -100 => NotInitialized,
       -101 => AlreadyInitialized,
       -102 => GetSessionFailed,
       -103 => EncryptFailed,
-      -104 => DecryptFailed
+      -104 => DecryptFailed,
+      -105 => BadConfig
     }.freeze
 
     def self.check_result!(result, message)
       return unless result.negative?
 
       error_class = Error::CODES.fetch(result, StandardError)
-      raise error_class, message
+      raise error_class, "#{message} (#{result})"
     end
   end
 end

data/lib/asherah/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Asherah
-  VERSION = '0.1.0.beta.2'
+  VERSION = '0.4.1'
 end

data/lib/asherah.rb

@@ -3,9 +3,6 @@
 require_relative 'asherah/version'
 require 'asherah/config'
 require 'asherah/error'
-require 'asherah/key_meta'
-require 'asherah/data_row_record'
-require 'asherah/envelope_key_record'
 require 'cobhan'
 
 # Asherah is a Ruby wrapper around Asherah Go application-layer encryption SDK.
@@ -15,13 +12,15 @@ module Asherah
   LIB_ROOT_PATH = File.expand_path('asherah/native', __dir__)
   load_library(LIB_ROOT_PATH, 'libasherah', [
     [:SetupJson, [:pointer], :int32],
-    [:Encrypt, [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :int32],
-    [:Decrypt, [:pointer, :pointer, :pointer, :int64, :pointer, :int64, :pointer], :int32],
     [:EncryptToJson, [:pointer, :pointer, :pointer], :int32],
     [:DecryptFromJson, [:pointer, :pointer, :pointer], :int32],
     [:Shutdown, [], :void]
   ].freeze)
 
+  ESTIMATED_ENCRYPTION_OVERHEAD = 48
+  ESTIMATED_ENVELOPE_OVERHEAD = 185
+  BASE64_OVERHEAD = 1.34
+
   class << self
     # Configures Asherah
     #
@@ -31,6 +30,7 @@ module Asherah
       config = Config.new
       yield config
       config.validate!
+      @intermediated_key_overhead_bytesize = config.product_id.bytesize + config.service_name.bytesize
 
       config_buffer = string_to_cbuffer(config.to_json)
 
@@ -38,110 +38,65 @@ module Asherah
       Error.check_result!(result, 'SetupJson failed')
     end
 
-    # Encrypts data for a given partition_id and returns DataRowRecord
+    # Encrypts data for a given partition_id and returns DataRowRecord in JSON format.
     #
-    # @param partition_id [String]
-    # @param data [String]
-    # @return [DataRowRecord]
-    def encrypt(partition_id, data)
-      partition_id_buffer = string_to_cbuffer(partition_id)
-      data_buffer = string_to_cbuffer(data)
-      output_encrypted_data_buffer = allocate_cbuffer(data.length + 256)
-      output_encrypted_key_buffer = allocate_cbuffer(256)
-      output_created_buffer = int_to_buffer(0)
-      output_parent_key_id_buffer = allocate_cbuffer(256)
-      output_parent_key_created_buffer = int_to_buffer(0)
-
-      result = Encrypt(
-        partition_id_buffer,
-        data_buffer,
-        output_encrypted_data_buffer,
-        output_encrypted_key_buffer,
-        output_created_buffer,
-        output_parent_key_id_buffer,
-        output_parent_key_created_buffer
-      )
-      Error.check_result!(result, 'Encrypt failed')
-
-      parent_key_meta = KeyMeta.new(
-        id: cbuffer_to_string(output_parent_key_id_buffer),
-        created: buffer_to_int(output_parent_key_created_buffer)
-      )
-      envelope_key_record = EnvelopeKeyRecord.new(
-        encrypted_key: cbuffer_to_string(output_encrypted_key_buffer),
-        created: buffer_to_int(output_created_buffer),
-        parent_key_meta: parent_key_meta
-      )
-
-      DataRowRecord.new(
-        data: cbuffer_to_string(output_encrypted_data_buffer),
-        key: envelope_key_record
-      )
-    end
-
-    # Decrypts a data_row_record for a partition_id and returns decrypted data
+    # DataRowRecord contains the encrypted key and data, as well as the information
+    # required to decrypt the key encryption key. This object data should be stored
+    # in your data persistence as it's required to decrypt data.
     #
-    # @param partition_id [String]
-    # @param data_row_record [DataRowRecord]
-    # @return [String], Decrypted data
-    def decrypt(partition_id, data_row_record)
-      partition_id_buffer = string_to_cbuffer(partition_id)
-      encrypted_data_buffer = string_to_cbuffer(data_row_record.data)
-      encrypted_key_buffer = string_to_cbuffer(data_row_record.key.encrypted_key)
-      created = data_row_record.key.created
-      parent_key_id_buffer = string_to_cbuffer(data_row_record.key.parent_key_meta.id)
-      parent_key_created = data_row_record.key.parent_key_meta.created
-
-      output_data_buffer = allocate_cbuffer(encrypted_data_buffer.size + 256)
-
-      result = Decrypt(
-        partition_id_buffer,
-        encrypted_data_buffer,
-        encrypted_key_buffer,
-        created,
-        parent_key_id_buffer,
-        parent_key_created,
-        output_data_buffer
-      )
-      Error.check_result!(result, 'Decrypt failed')
-
-      cbuffer_to_string(output_data_buffer)
-    end
-
-    def shutdown
-      Shutdown()
-    end
-
-    # Encrypts data for a given partition_id and returns DataRowRecord in JSON format
+    # EnvelopeKeyRecord represents an encrypted key and is the data structure used
+    # to persist the key in the key table. It also contains the meta data
+    # of the key used to encrypt it.
+    #
+    # KeyMeta contains the `id` and `created` timestamp for an encryption key.
     #
     # @param partition_id [String]
     # @param data [String]
     # @return [String], DataRowRecord in JSON format
-    def encrypt_to_json(partition_id, data)
+    def encrypt(partition_id, data)
       partition_id_buffer = string_to_cbuffer(partition_id)
       data_buffer = string_to_cbuffer(data)
-      output_buffer = allocate_cbuffer(data.length + 256)
+      estimated_buffer_bytesize = estimate_buffer(data.bytesize, partition_id.bytesize)
+      output_buffer = allocate_cbuffer(estimated_buffer_bytesize)
 
       result = EncryptToJson(partition_id_buffer, data_buffer, output_buffer)
       Error.check_result!(result, 'EncryptToJson failed')
 
       cbuffer_to_string(output_buffer)
+    ensure
+      [partition_id_buffer, data_buffer, output_buffer].map(&:free)
     end
 
-    # Decrypts a DataRowRecord in JSON format for a partition_id and returns decrypted data
+    # Decrypts a DataRowRecord in JSON format for a partition_id and returns decrypted data.
     #
     # @param partition_id [String]
     # @param json [String], DataRowRecord in JSON format
     # @return [String], Decrypted data
-    def decrypt_from_json(partition_id, json)
+    def decrypt(partition_id, json)
       partition_id_buffer = string_to_cbuffer(partition_id)
       data_buffer = string_to_cbuffer(json)
-      output_buffer = allocate_cbuffer(json.length + 256)
+      output_buffer = allocate_cbuffer(json.bytesize)
 
       result = DecryptFromJson(partition_id_buffer, data_buffer, output_buffer)
       Error.check_result!(result, 'DecryptFromJson failed')
 
       cbuffer_to_string(output_buffer)
+    ensure
+      [partition_id_buffer, data_buffer, output_buffer].map(&:free)
+    end
+
+    # Stop the Asherah instance
+    def shutdown
+      Shutdown()
+    end
+
+    private
+
+    def estimate_buffer(data_bytesize, partition_bytesize)
+      ESTIMATED_ENVELOPE_OVERHEAD +
+        @intermediated_key_overhead_bytesize +
+        partition_bytesize +
+        ((data_bytesize + ESTIMATED_ENCRYPTION_OVERHEAD) * BASE64_OVERHEAD)
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: asherah
 version: !ruby/object:Gem::Version
-  version: 0.1.0.beta.2
+  version: 0.4.1
 platform: aarch64-linux
 authors:
 - GoDaddy
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-03-14 00:00:00.000000000 Z
+date: 2022-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cobhan
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.2
+        version: 0.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.2
+        version: 0.2.0
 - !ruby/object:Gem::Dependency
   name: dotenv
   requirement: !ruby/object:Gem::Requirement
@@ -100,7 +100,8 @@ description: |
 email:
 - oss@godaddy.com
 executables: []
-extensions: []
+extensions:
+- ext/asherah/extconf.rb
 extra_rdoc_files: []
 files:
 - ".rspec"
@@ -115,12 +116,12 @@ files:
 - Rakefile
 - SECURITY.md
 - asherah.gemspec
+- ext/asherah/checksums.yml
+- ext/asherah/extconf.rb
+- ext/asherah/native_file.rb
 - lib/asherah.rb
 - lib/asherah/config.rb
-- lib/asherah/data_row_record.rb
-- lib/asherah/envelope_key_record.rb
 - lib/asherah/error.rb
-- lib/asherah/key_meta.rb
 - lib/asherah/native/libasherah-arm64.so
 - lib/asherah/version.rb
 homepage: https://github.com/godaddy/asherah-ruby
@@ -142,9 +143,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.3.7
 signing_key: 

data/lib/asherah/data_row_record.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-module Asherah
-  # DataRowRecord contains the encrypted key and data, as well as the information
-  # required to decrypt the key encryption key. This object data should be stored
-  # in your data persistence as it's required to decrypt data.
-  class DataRowRecord
-    attr_reader :data, :key
-
-    # Initializes a new DataRowRecord
-    #
-    # @param data [String]
-    # @param key [EnvelopeKeyRecord]
-    # @return DataRowRecord
-    def initialize(data:, key:)
-      @data = data
-      @key = key
-    end
-  end
-end

data/lib/asherah/envelope_key_record.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Asherah
-  # EnvelopeKeyRecord represents an encrypted key and is the data structure used
-  # to persist the key in the key table. It also contains the meta data
-  # of the key used to encrypt it.
-  class EnvelopeKeyRecord
-    attr_reader :encrypted_key, :created, :parent_key_meta
-
-    # Initializes a new EnvelopeKeyRecord
-    #
-    # @param encrypted_key [String]
-    # @param created [Integer]
-    # @param parent_key_meta [KeyMeta]
-    # @return EnvelopeKeyRecord
-    def initialize(encrypted_key:, created:, parent_key_meta:)
-      @encrypted_key = encrypted_key
-      @created = created
-      @parent_key_meta = parent_key_meta
-    end
-  end
-end

data/lib/asherah/key_meta.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-module Asherah
-  # KeyMeta contains the `id` and `created` timestamp for an encryption key.
-  class KeyMeta
-    attr_reader :id, :created
-
-    # Initializes a new KeyMeta
-    #
-    # @param id [String]
-    # @param created [Integer]
-    # @return KeyMeta
-    def initialize(id:, created:)
-      @id = id
-      @created = created
-    end
-  end
-end