attr_keyring 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3a7c2700c18142c251312d06c17ee3313fc570aeb1b163d25614db6d9cd75455
4
- data.tar.gz: 68a9b8eda34be0e99bc8001fe13af68d1ab5dcd70b3aeb6a97d8422bcab75b5d
3
+ metadata.gz: caf27704434485775f0d328115de5a7803784efea398278d2ab091f90812fe69
4
+ data.tar.gz: 52ee0ed25266480a59444793108e5839d5c09064f50f8280bfe5a056ce827046
5
5
  SHA512:
6
- metadata.gz: 42775a257403349c7c64b8ec5720cc0985400478252db31c9a15d7cedf572f67ea14802f95552368bcad15ec2fce568b26c1cd3988661e3d40311c811e630288
7
- data.tar.gz: 6b672080b7eef29da9f5b99b1eb51a6878781b25fa046c762970abfc54ab7e2a8a7c6cc75fdee59f9ecb3b02a095b7847cb7c55dd1c7d528709c7246a48bed53
6
+ metadata.gz: 6eb5b417fdb67fd63d72d7cb263f26269192658d8b92b498a168163321cd5be68734244494161755911082b509f6cd16b340d253d8b88208b0586831a7c471de
7
+ data.tar.gz: 68bb5d48c931766027d4e6541044263f16c117d3628577a0a9bf79bddeace82dc25773d8d8b0b387ab24a39c7a58f01e94a6376a74740f0b5f53faaf01e7832d
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- attr_keyring (0.1.0)
4
+ attr_keyring (0.1.1)
5
5
  activerecord
6
6
 
7
7
  GEM
@@ -24,9 +24,11 @@ GEM
24
24
  byebug (10.0.2)
25
25
  coderay (1.1.2)
26
26
  concurrent-ruby (1.1.3)
27
+ docile (1.3.1)
27
28
  i18n (1.1.1)
28
29
  concurrent-ruby (~> 1.0)
29
30
  jaro_winkler (1.5.1)
31
+ json (2.1.0)
30
32
  method_source (0.9.2)
31
33
  minitest (5.11.3)
32
34
  minitest-utils (0.4.4)
@@ -60,6 +62,11 @@ GEM
60
62
  ruby-progressbar (~> 1.7)
61
63
  unicode-display_width (~> 1.4.0)
62
64
  ruby-progressbar (1.10.0)
65
+ simplecov (0.16.1)
66
+ docile (~> 1.1)
67
+ json (>= 1.8, < 3)
68
+ simplecov-html (~> 0.10.0)
69
+ simplecov-html (0.10.2)
63
70
  slop (3.6.0)
64
71
  sqlite3 (1.3.13)
65
72
  thread_safe (0.3.6)
@@ -77,6 +84,7 @@ DEPENDENCIES
77
84
  pry-meta
78
85
  rake
79
86
  rubocop
87
+ simplecov
80
88
  sqlite3
81
89
 
82
90
  BUNDLED WITH
data/README.md CHANGED
@@ -53,7 +53,22 @@ Keys are managed through a keyring--a short JSON document describing your encryp
53
53
 
54
54
  The `id` is used to track which key encrypted which piece of data; a key with a larger id is assumed to be newer. The value is the actual bytes of the encryption key.
55
55
 
56
- You can dynamically load
56
+ #### Dynamically loading keyring
57
+
58
+ If you're using Rails 5.2+, you can use credentials to define your keyring. Your `credentials.yml` must be define like the following:
59
+
60
+ ```yaml
61
+ user_keyring:
62
+ 1: "PV8+EHgJlHfsVVVstJHgEo+3OCSn4iJDzqJs55U650Q="
63
+ 2: "0HyJ15am4haRsCyiFCxDdlKwl3G5yPNKTUbadpaIfPI="
64
+ ```
65
+
66
+ Then you can setup your model by using `attr_keyring Rails.application.credentials.user_keyring`.
67
+
68
+ Other possibilities (e.g. the keyring file is provided by configuration management):
69
+
70
+ - `attr_keyring YAML.load_file(keyring_file)`
71
+ - `attr_keyring JSON.parse(File.read(keyring_file))`.
57
72
 
58
73
  ### Model Setup
59
74
 
data/attr_keyring.gemspec CHANGED
@@ -26,5 +26,6 @@ Gem::Specification.new do |spec|
26
26
  spec.add_development_dependency "pry-meta"
27
27
  spec.add_development_dependency "rake"
28
28
  spec.add_development_dependency "rubocop"
29
+ spec.add_development_dependency "simplecov"
29
30
  spec.add_development_dependency "sqlite3"
30
31
  end
@@ -16,23 +16,42 @@ module AttrKeyring
16
16
 
17
17
  def define_attr_encrypt_writer(attribute)
18
18
  define_method("#{attribute}=") do |value|
19
- keyring_id = public_send(keyring_column_name)
19
+ return attr_reset_column(attribute) if value.nil?
20
+
21
+ stored_keyring_id = public_send(keyring_column_name)
22
+ keyring_id = stored_keyring_id || keyring.current_key&.id
20
23
  encrypted_value = keyring.encrypt(value, keyring_id)
21
24
 
25
+ public_send("#{keyring_column_name}=", keyring_id) unless stored_keyring_id
22
26
  public_send("encrypted_#{attribute}=", encrypted_value)
23
- public_send("#{keyring_column_name}=", keyring_id || keyring.current_key.id) unless keyring_id
27
+ attr_encrypt_digest(attribute, value)
24
28
  end
25
29
  end
26
30
 
27
31
  def define_attr_encrypt_reader(attribute)
28
32
  define_method(attribute) do
33
+ encrypted_value = public_send("encrypted_#{attribute}")
34
+
35
+ return unless encrypted_value
36
+
29
37
  keyring_id = public_send(keyring_column_name)
30
- keyring.decrypt(public_send("encrypted_#{attribute}"), keyring_id)
38
+ keyring.decrypt(encrypted_value, keyring_id)
31
39
  end
32
40
  end
33
41
  end
34
42
 
35
43
  module InstanceMethods
44
+ private def attr_reset_column(attribute)
45
+ public_send("encrypted_#{attribute}=", nil)
46
+ public_send("#{attribute}_digest=", nil)
47
+ nil
48
+ end
49
+
50
+ private def attr_encrypt_digest(attribute, value)
51
+ digest_column = "#{attribute}_digest"
52
+ public_send("#{digest_column}=", Digest::SHA256.hexdigest(value)) if respond_to?(digest_column)
53
+ end
54
+
36
55
  private def migrate_to_latest_encryption_key
37
56
  keyring_id = keyring.current_key.id
38
57
 
@@ -41,9 +60,7 @@ module AttrKeyring
41
60
  encrypted_value = keyring.encrypt(value, keyring_id)
42
61
 
43
62
  public_send("encrypted_#{attribute}=", encrypted_value)
44
-
45
- digest_column = "#{attribute}_digest"
46
- public_send("#{digest_column}=", Digest::SHA256.hexdigest(value)) if respond_to?(digest_column)
63
+ attr_encrypt_digest(attribute, value)
47
64
  end
48
65
 
49
66
  public_send("#{keyring_column_name}=", keyring_id)
@@ -1,3 +1,3 @@
1
1
  module AttrKeyring
2
- VERSION = "0.1.0".freeze
2
+ VERSION = "0.1.1".freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: attr_keyring
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nando Vieira
@@ -94,6 +94,20 @@ dependencies:
94
94
  - - ">="
95
95
  - !ruby/object:Gem::Version
96
96
  version: '0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: simplecov
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
97
111
  - !ruby/object:Gem::Dependency
98
112
  name: sqlite3
99
113
  requirement: !ruby/object:Gem::Requirement