attr_keyring 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +9 -1
  3. data/README.md +16 -1
  4. data/attr_keyring.gemspec +1 -0
  5. data/lib/attr_keyring/active_record.rb +23 -6
  6. data/lib/attr_keyring/version.rb +1 -1
  7. metadata +15 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3a7c2700c18142c251312d06c17ee3313fc570aeb1b163d25614db6d9cd75455
4
- data.tar.gz: 68a9b8eda34be0e99bc8001fe13af68d1ab5dcd70b3aeb6a97d8422bcab75b5d
3
+ metadata.gz: caf27704434485775f0d328115de5a7803784efea398278d2ab091f90812fe69
4
+ data.tar.gz: 52ee0ed25266480a59444793108e5839d5c09064f50f8280bfe5a056ce827046
5
5
  SHA512:
6
- metadata.gz: 42775a257403349c7c64b8ec5720cc0985400478252db31c9a15d7cedf572f67ea14802f95552368bcad15ec2fce568b26c1cd3988661e3d40311c811e630288
7
- data.tar.gz: 6b672080b7eef29da9f5b99b1eb51a6878781b25fa046c762970abfc54ab7e2a8a7c6cc75fdee59f9ecb3b02a095b7847cb7c55dd1c7d528709c7246a48bed53
6
+ metadata.gz: 6eb5b417fdb67fd63d72d7cb263f26269192658d8b92b498a168163321cd5be68734244494161755911082b509f6cd16b340d253d8b88208b0586831a7c471de
7
+ data.tar.gz: 68bb5d48c931766027d4e6541044263f16c117d3628577a0a9bf79bddeace82dc25773d8d8b0b387ab24a39c7a58f01e94a6376a74740f0b5f53faaf01e7832d
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- attr_keyring (0.1.0)
4
+ attr_keyring (0.1.1)
5
5
  activerecord
6
6
 
7
7
  GEM
@@ -24,9 +24,11 @@ GEM
24
24
  byebug (10.0.2)
25
25
  coderay (1.1.2)
26
26
  concurrent-ruby (1.1.3)
27
+ docile (1.3.1)
27
28
  i18n (1.1.1)
28
29
  concurrent-ruby (~> 1.0)
29
30
  jaro_winkler (1.5.1)
31
+ json (2.1.0)
30
32
  method_source (0.9.2)
31
33
  minitest (5.11.3)
32
34
  minitest-utils (0.4.4)
@@ -60,6 +62,11 @@ GEM
60
62
  ruby-progressbar (~> 1.7)
61
63
  unicode-display_width (~> 1.4.0)
62
64
  ruby-progressbar (1.10.0)
65
+ simplecov (0.16.1)
66
+ docile (~> 1.1)
67
+ json (>= 1.8, < 3)
68
+ simplecov-html (~> 0.10.0)
69
+ simplecov-html (0.10.2)
63
70
  slop (3.6.0)
64
71
  sqlite3 (1.3.13)
65
72
  thread_safe (0.3.6)
@@ -77,6 +84,7 @@ DEPENDENCIES
77
84
  pry-meta
78
85
  rake
79
86
  rubocop
87
+ simplecov
80
88
  sqlite3
81
89
 
82
90
  BUNDLED WITH
data/README.md CHANGED
@@ -53,7 +53,22 @@ Keys are managed through a keyring--a short JSON document describing your encryp
53
53
 
54
54
  The `id` is used to track which key encrypted which piece of data; a key with a larger id is assumed to be newer. The value is the actual bytes of the encryption key.
55
55
 
56
- You can dynamically load
56
+ #### Dynamically loading keyring
57
+
58
+ If you're using Rails 5.2+, you can use credentials to define your keyring. Your `credentials.yml` must be define like the following:
59
+
60
+ ```yaml
61
+ user_keyring:
62
+ 1: "PV8+EHgJlHfsVVVstJHgEo+3OCSn4iJDzqJs55U650Q="
63
+ 2: "0HyJ15am4haRsCyiFCxDdlKwl3G5yPNKTUbadpaIfPI="
64
+ ```
65
+
66
+ Then you can setup your model by using `attr_keyring Rails.application.credentials.user_keyring`.
67
+
68
+ Other possibilities (e.g. the keyring file is provided by configuration management):
69
+
70
+ - `attr_keyring YAML.load_file(keyring_file)`
71
+ - `attr_keyring JSON.parse(File.read(keyring_file))`.
57
72
 
58
73
  ### Model Setup
59
74
 
data/attr_keyring.gemspec CHANGED
@@ -26,5 +26,6 @@ Gem::Specification.new do |spec|
26
26
  spec.add_development_dependency "pry-meta"
27
27
  spec.add_development_dependency "rake"
28
28
  spec.add_development_dependency "rubocop"
29
+ spec.add_development_dependency "simplecov"
29
30
  spec.add_development_dependency "sqlite3"
30
31
  end
data/lib/attr_keyring/active_record.rb CHANGED
@@ -16,23 +16,42 @@ module AttrKeyring
16
16
 
17
17
  def define_attr_encrypt_writer(attribute)
18
18
  define_method("#{attribute}=") do |value|
19
- keyring_id = public_send(keyring_column_name)
19
+ return attr_reset_column(attribute) if value.nil?
20
+
21
+ stored_keyring_id = public_send(keyring_column_name)
22
+ keyring_id = stored_keyring_id || keyring.current_key&.id
20
23
  encrypted_value = keyring.encrypt(value, keyring_id)
21
24
 
25
+ public_send("#{keyring_column_name}=", keyring_id) unless stored_keyring_id
22
26
  public_send("encrypted_#{attribute}=", encrypted_value)
23
- public_send("#{keyring_column_name}=", keyring_id || keyring.current_key.id) unless keyring_id
27
+ attr_encrypt_digest(attribute, value)
24
28
  end
25
29
  end
26
30
 
27
31
  def define_attr_encrypt_reader(attribute)
28
32
  define_method(attribute) do
33
+ encrypted_value = public_send("encrypted_#{attribute}")
34
+
35
+ return unless encrypted_value
36
+
29
37
  keyring_id = public_send(keyring_column_name)
30
- keyring.decrypt(public_send("encrypted_#{attribute}"), keyring_id)
38
+ keyring.decrypt(encrypted_value, keyring_id)
31
39
  end
32
40
  end
33
41
  end
34
42
 
35
43
  module InstanceMethods
44
+ private def attr_reset_column(attribute)
45
+ public_send("encrypted_#{attribute}=", nil)
46
+ public_send("#{attribute}_digest=", nil)
47
+ nil
48
+ end
49
+
50
+ private def attr_encrypt_digest(attribute, value)
51
+ digest_column = "#{attribute}_digest"
52
+ public_send("#{digest_column}=", Digest::SHA256.hexdigest(value)) if respond_to?(digest_column)
53
+ end
54
+
36
55
  private def migrate_to_latest_encryption_key
37
56
  keyring_id = keyring.current_key.id
38
57
 
@@ -41,9 +60,7 @@ module AttrKeyring
41
60
  encrypted_value = keyring.encrypt(value, keyring_id)
42
61
 
43
62
  public_send("encrypted_#{attribute}=", encrypted_value)
44
-
45
- digest_column = "#{attribute}_digest"
46
- public_send("#{digest_column}=", Digest::SHA256.hexdigest(value)) if respond_to?(digest_column)
63
+ attr_encrypt_digest(attribute, value)
47
64
  end
48
65
 
49
66
  public_send("#{keyring_column_name}=", keyring_id)
data/lib/attr_keyring/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AttrKeyring
2
- VERSION = "0.1.0".freeze
2
+ VERSION = "0.1.1".freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: attr_keyring
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nando Vieira
@@ -94,6 +94,20 @@ dependencies:
94
94
  - - ">="
95
95
  - !ruby/object:Gem::Version
96
96
  version: '0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: simplecov
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
97
111
  - !ruby/object:Gem::Dependency
98
112
  name: sqlite3
99
113
  requirement: !ruby/object:Gem::Requirement