RubyGems - attr_vault - Versions diffs - 0.1.2 → 0.2.0 - Mend

attr_vault 0.1.2 → 0.2.0

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 86139c030cc0889d40ee3b40db69fe0b8b66beee
-  data.tar.gz: cadcf1eabcf1dc445edc9d8d423f66ff6cb58242
+  metadata.gz: 679c27532f9ed523f12ffad0a4ac79b7d70b95a3
+  data.tar.gz: 6fb6564391b43997048851d9ab6a706c98b9ee27
 SHA512:
-  metadata.gz: 4758d09746a415b03c7b2e187419501f78a3815b67a918e810c35b7cf6d90319f9fdcf32ce100bf8b48b25453a5831c11b8d98c446c80caef47b6cd5d9d07a14
-  data.tar.gz: bfca3f4fc0f177d8e4244e6e778b7f4d3a4599b9aab9a0f68e225e8ba4bfd22388938d75869a49ef31cc724160340aafb563c8309b2018976c723f094515bc7d
+  metadata.gz: 4904567a0e64825c0396ffe7bfe4a6e5915b267ba083091d0e383cbc6226c07e9fa0952d24a231588da7ec1f9243cd2b0e01ec7b4ce73ae4bb490958f22ba2bd
+  data.tar.gz: 2979e267a1e776842472f9a8d86fb6125c549ef1fe08c9546b49869309f8afcdbcb62a8288e92ab443fbd10fc94921d547cbe6a5773c5d5eb737301766c71a8c

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,9 @@
 PATH
   remote: .
   specs:
-    attr_vault (0.1.2)
+    attr_vault (0.2.0)
+      pg (~> 0.18.3)
+      sequel (~> 4.13)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -32,16 +32,98 @@ encrypted with which key, making it easy to age out keys when needed
 ### Keyring
-Keys are managed through a keyring--a short JSON document containing
-information about your encryption keys. The keyring must be a JSON
-array of objects with the fields `id`, `created_at`, and `value`. A
-keyring must have at least one key.
+Keys are managed through a keyring--a short JSON document describing
+your encryption keys. The keyring must be a JSON object mapping
+numeric ids of the keys to the key values. A keyring must have at
+least one key. For example:
+```json
+{
+  "1": "PV8+EHgJlHfsVVVstJHgEo+3OCSn4iJDzqJs55U650Q=",
+  "2": "0HyJ15am4haRsCyiFCxDdlKwl3G5yPNKTUbadpaIfPI="
+}
+```
+The `id` is used to track which key encrypted which piece of data; a
+key with a larger id is assumed to be newer. The `value` is the actual
+bytes of the encryption key, used for encryption and verification: see
+below.
+#### Legacy keyrings
+A legacy keyring format is also supported for backwards
+compatibility. The keyring must be a JSON array of objects with the
+fields `id`, `created_at`, and `value`, and also must have at least
+one key:
+```json
+[
+  {
+    "id": "1380e471-038e-459a-801d-10e7988ee6a3",
+    "created_at": "2016-02-04 01:55:00+00",
+    "value": "PV8+EHgJlHfsVVVstJHgEo+3OCSn4iJDzqJs55U650Q="
+  }
+]
+```
+The `id` must be a uuid. The `created_at` must be an ISO-8601
+timestamp indicating the age of a key relative to the other keys. The
+`value` is the same structure as for a normal keyring.
+#### Legacy keyring migration
+You can migrate from legacy keyrings to the new format via the
+following process:
+Add a new key_id column:
-The `id` can be numeric or a uuid. The `created_at` must be an
-ISO-8601 timestamp indicating the age of a key relative to the other
-keys. The `value` is the actual bytes of the encryption key, used for
-encryption and verification: see below.
+```ruby
+Sequel.migration do
+  change do
+    alter_table(:diary_entries) do
+      add_column :new_key_id, :integer
+    end
+  end
+end
+```
+Devise new numeric ids for all in-use keys (based on their
+`created_at` dates), and link the ids with sql like the following:
+```sql
+WITH key_map(new_key_id, old_key_id) AS (
+  VALUES (1, 'first-uuid'),
+         (2, 'next-uuid'),
+         (3, '...')
+)
+UPDATE
+  diary_entries
+SET
+  diary_entries.new_key_id = key_map.new_key_id
+FROM
+  key_map
+WHERE
+  diary_entries.key_id = key_map.old_key_id
+```
+Rename the new column to be used as the main key id and drop the old
+id column:
+```ruby
+Sequel.migration do
+  change do
+    alter_table(:diary_entries) do
+      rename_column :key_id, :old_key_id
+      rename_column :new_key_id, :key_id
+	  set_column_not_null :key_id
+      drop_column :old_key_id, :integer
+    end
+  end
+end
+```
+Then change the keyring in your application to use the new numeric
+ids.
 ### Encryption and verification
@@ -83,7 +165,7 @@ Postgres, where binary data is stored in `bytea` columns:
 Sequel.migration do
   change do
     alter_table(:diary_entries) do
-      add_column :key_id, :uuid
+      add_column :key_id, :integer
       add_column :secret_stuff, :bytea
     end
   end
@@ -174,9 +256,10 @@ It's safe to use the same name as the name of the encrypted attribute.
 Because AttrVault uses a keyring, with access to multiple keys at
 once, key rotation is fairly straightforward: if you add a key to the
-keyring with a more recent `created_at` than any other key, that key
-will automatically be used for encryption. Any keys that are no longer
-in use can be removed from the keyring.
+keyring with a higher id than any other key (or more recent
+`created_at` for the legacy keyring format), that key will
+automatically be used for encryption. Any keys that are no longer in
+use can be removed from the keyring.
 To check if an existing key with id 123 is still in use, run:

data/attr_vault.gemspec CHANGED Viewed

@@ -15,7 +15,8 @@ Gem::Specification.new do |gem|
   gem.version       = AttrVault::VERSION
   gem.license       = "MIT"
+  gem.add_runtime_dependency "pg", '~> 0.18.3'
+  gem.add_runtime_dependency "sequel", '~> 4.13'
   gem.add_development_dependency "rspec", '~> 3.0'
-  gem.add_development_dependency "pg", '~> 0.18.3'
-  gem.add_development_dependency "sequel", '~> 4.13'
 end

data/lib/attr_vault/keyring.rb CHANGED Viewed

@@ -2,15 +2,19 @@ module AttrVault
   class Key
     attr_reader :id, :value, :created_at
-    def initialize(id, value, created_at)
+    def initialize(id, value, created_at=nil)
       if id.nil?
         raise InvalidKey, "key id required"
       end
       if value.nil?
         raise InvalidKey, "key value required"
       end
-      if created_at.nil?
-        raise InvalidKey, "key created_at required"
+      begin
+        id = Integer(id)
+      rescue
+        if created_at.nil?
+          raise InvalidKey, "key created_at required"
+        end
       end
       @id = id
@@ -33,15 +37,20 @@ module AttrVault
     def self.load(keyring_data)
       keyring = Keyring.new
       begin
-        candidate_keys = JSON.parse(keyring_data)
-        unless candidate_keys.respond_to? :each
-          raise InvalidKeyring, "does not respond to each"
-        end
-        candidate_keys.each_with_index do |k|
-          created_at = unless k["created_at"].nil?
-                         Time.parse(k["created_at"])
-                       end
-          keyring.add_key(Key.new(k["id"], k["value"], created_at || Time.now))
+        candidate_keys = JSON.parse(keyring_data, symbolize_names: true)
+        case candidate_keys
+        when Array
+          candidate_keys.each do |k|
+            created_at = Time.parse(k[:created_at]) if k.has_key?(:created_at)
+            keyring.add_key(Key.new(k[:id], k[:value], created_at || Time.now))
+          end
+        when Hash
+          candidate_keys.each do |key_id, key|
+            keyring.add_key(Key.new(key_id.to_s, key))
+          end
+        else
+          raise InvalidKeyring, "Invalid JSON structure"
         end
       rescue StandardError => e
         raise InvalidKeyring, e.message
@@ -87,7 +96,14 @@ module AttrVault
     end
     def to_json
-      @keys.to_json
+      if @keys.all? { |k| k.created_at.nil? }
+        @keys.each_with_object({}) do |k,obj|
+          obj[k.id] = k.value
+        end.to_json
+      else
+        # Assume we are dealing with a legacy keyring
+        @keys.to_json
+      end
     end
   end
 end

data/lib/attr_vault/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AttrVault
-  VERSION = "0.1.2"
+  VERSION = "0.2.0"
 end

data/spec/attr_vault_spec.rb CHANGED Viewed

@@ -2,447 +2,489 @@ require 'spec_helper'
 require 'json'
 describe AttrVault do
-  context "with a single encrypted column" do
-    let(:key_id)   { '80a8571b-dc8a-44da-9b89-caee87e41ce2' }
-    let(:key_data) do
-      [ { id: key_id,
-          value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-          created_at: Time.now } ].to_json
-    end
-    let(:item) do
-      k = key_data
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret
-      end
-    end
-    context "with a new object" do
-      it "does not affect other attributes" do
-        not_secret = 'jimi hendrix was rather talented'
-        s = item.create(not_secret: not_secret)
-        s.reload
-        expect(s.not_secret).to eq(not_secret)
-        expect(s.this.where(not_secret: not_secret).count).to eq 1
+  [ [ 'numeric', :items, [ 1, 2 ] ],
+    [ 'uuid', :items_legacy,
+      [ 'bf72f2ca-b478-4abf-a077-8eb7e071810f',
+        '5a8d7477-6604-4801-9f1d-d4f412890cc3' ] ] ].each do |desc, table, key_ids|
+    describe "with #{desc} key ids" do
+      let(:key_values) do
+        [ 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
+          'hUL1orBBRckZOuSuptRXYMV9lx5Qp54zwFUVwpwTpdk=' ]
       end
-      it "encrypts non-empty values" do
-        secret = 'lady gaga? also rather talented'
-        s = item.create(secret: secret)
-        s.reload
-        expect(s.secret).to eq(secret)
-        s.columns.each do |col|
-          expect(s.this.where(Sequel.cast(Sequel.cast(col, :text), :bytea) => secret).count).to eq 0
+      def make_keyring(key_ids)
+        paired = key_ids.zip(key_values)
+        if key_ids.all? { |id| id.is_a? Integer }
+          Hash[paired]
+        else
+          result = []
+          paired.each_with_index do |(id,val), i|
+            result << { id: id, created_at: Time.now + (i * 60), value: val }
+          end
+          result
         end
       end
-      it "stores empty values as empty" do
-        secret = ''
-        s = item.create(secret: secret)
-        s.reload
-        expect(s.secret).to eq('')
-        expect(s.secret_encrypted).to eq('')
-      end
-      it "stores nil values as nil" do
-        s = item.create(secret: nil)
-        s.reload
-        expect(s.secret).to be_nil
-        expect(s.secret_encrypted).to be_nil
-      end
+      let(:key1_id) { key_ids.first }
+      let(:key2_id) { key_ids.fetch(1) }
+      let(:key_id)  { key1_id }
-      it "sets fields to empty that were previously not empty" do
-        s = item.create(secret: 'joyce hatto')
-        s.reload
-        s.update(secret: '')
-        s.reload
-        expect(s.secret).to eq ''
-        expect(s.secret_encrypted).not_to be_nil
+      let(:old_keyring) do
+        make_keyring(key_ids.take(1))
       end
-      it "avoids updating existing values when those do not change" do
-        the_secret = "I'm not saying it was aliens..."
-        s = item.create(secret: the_secret)
-        s.reload
-        s.secret = the_secret
-        expect(s.save_changes).to be_nil
-      end
-      it "stores the key id" do
-        secret = 'it was professor plum with the wrench in the library'
-        s = item.create(secret: secret)
-        s.reload
-        expect(s.key_id).to eq(key_id)
-      end
-    end
-    context "with an existing object" do
-      it "does not affect other attributes" do
-        not_secret = 'soylent is not especially tasty'
-        s = item.create
-        s.update(not_secret: not_secret)
-        s.reload
-        expect(s.not_secret).to eq(not_secret)
-        expect(s.this.where(not_secret: not_secret).count).to eq 1
+      let(:new_keyring) do
+        make_keyring(key_ids)
       end
+      let(:keyring) { old_keyring }
-      it "encrypts non-empty values" do
-        secret = 'soylent green is made of people'
-        s = item.create
-        s.update(secret: secret)
-        s.reload
-        expect(s.secret).to eq(secret)
-        s.columns.each do |col|
-          expect(s.this.where(Sequel.cast(Sequel.cast(col, :text), :bytea) => secret).count).to eq 0
+      let(:key1) do
+        if keyring.is_a?(Hash)
+          keyring[key1_id]
+        else
+          keyring.find { |k| k[:id] == key1_id }
         end
       end
-      it "stores empty values as empty" do
-        s = item.create(secret: "darth vader is luke's father")
-        s.update(secret: '')
-        s.reload
-        expect(s.secret).to eq('')
-        expect(s.secret_encrypted).to eq('')
-      end
-      it "leaves nil values as nil" do
-        s = item.create(secret: "dr. crowe was dead all along")
-        s.update(secret: nil)
-        s.reload
-        expect(s.secret).to be_nil
-        expect(s.secret_encrypted).to be_nil
-      end
-      it "stores the key id" do
-        secret = 'animal style'
-        s = item.create
-        s.update(secret: secret)
-        s.reload
-        expect(s.key_id).to eq(key_id)
-      end
-      it "reads a never-set encrypted field as nil" do
-        s = item.create
-        expect(s.secret).to be_nil
-      end
-      it "avoids updating existing values when those do not change" do
-        the_secret = "Satoshi Nakamoto"
-        s = item.create
-        s.update(secret: the_secret)
-        s.secret = the_secret
-        expect(s.save_changes).to be_nil
+      let(:key2) do
+        if keyring.is_a?(Hash)
+          keyring[key2_id]
+        else
+          keyring.find { |k| k[:id] == key2_id }
+        end
       end
+      let(:key) { key1 }
+      context "with a single encrypted column" do
+        let(:item) do
+          k = keyring.to_json
+          t = table
+          Class.new(Sequel::Model(t)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret
+          end
+        end
-      it "reads the correct value for a dirty field before the object is saved" do
-        s = item.create
-        secret = 'mcmurphy is lobotomized =('
-        s.secret = secret
-        expect(s.secret).to eq secret
-      end
-    end
-  end
+        context "with a new object" do
+          it "does not affect other attributes" do
+            not_secret = 'jimi hendrix was rather talented'
+            s = item.create(not_secret: not_secret)
+            s.reload
+            expect(s.not_secret).to eq(not_secret)
+            expect(s.this.where(not_secret: not_secret).count).to eq 1
+          end
+          it "encrypts non-empty values" do
+            secret = 'lady gaga? also rather talented'
+            s = item.create(secret: secret)
+            s.reload
+            expect(s.secret).to eq(secret)
+            s.columns.each do |col|
+              expect(s.this.where(Sequel.cast(Sequel.cast(col, :text), :bytea) => secret).count).to eq 0
+            end
+          end
+          it "stores empty values as empty" do
+            secret = ''
+            s = item.create(secret: secret)
+            s.reload
+            expect(s.secret).to eq('')
+            expect(s.secret_encrypted).to eq('')
+          end
+          it "stores nil values as nil" do
+            s = item.create(secret: nil)
+            s.reload
+            expect(s.secret).to be_nil
+            expect(s.secret_encrypted).to be_nil
+          end
+          it "sets fields to empty that were previously not empty" do
+            s = item.create(secret: 'joyce hatto')
+            s.reload
+            s.update(secret: '')
+            s.reload
+            expect(s.secret).to eq ''
+            expect(s.secret_encrypted).not_to be_nil
+          end
+          it "avoids updating existing values when those do not change" do
+            the_secret = "I'm not saying it was aliens..."
+            s = item.create(secret: the_secret)
+            s.reload
+            s.secret = the_secret
+            expect(s.save_changes).to be_nil
+          end
+          it "stores the key id" do
+            secret = 'it was professor plum with the wrench in the library'
+            s = item.create(secret: secret)
+            s.reload
+            expect(s.key_id).to eq(key_id)
+          end
+        end
-  context "with multiple encrypted columns" do
-    let(:key_data) do
-      [ { id: '80a8571b-dc8a-44da-9b89-caee87e41ce2',
-          value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-          created_at: Time.now } ].to_json
-    end
-    let(:item) do
-      k = key_data
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret
-        vault_attr :other
+        context "with an existing object" do
+          it "does not affect other attributes" do
+            not_secret = 'soylent is not especially tasty'
+            s = item.create
+            s.update(not_secret: not_secret)
+            s.reload
+            expect(s.not_secret).to eq(not_secret)
+            expect(s.this.where(not_secret: not_secret).count).to eq 1
+          end
+          it "encrypts non-empty values" do
+            secret = 'soylent green is made of people'
+            s = item.create
+            s.update(secret: secret)
+            s.reload
+            expect(s.secret).to eq(secret)
+            s.columns.each do |col|
+              expect(s.this.where(Sequel.cast(Sequel.cast(col, :text), :bytea) => secret).count).to eq 0
+            end
+          end
+          it "stores empty values as empty" do
+            s = item.create(secret: "darth vader is luke's father")
+            s.update(secret: '')
+            s.reload
+            expect(s.secret).to eq('')
+            expect(s.secret_encrypted).to eq('')
+          end
+          it "leaves nil values as nil" do
+            s = item.create(secret: "dr. crowe was dead all along")
+            s.update(secret: nil)
+            s.reload
+            expect(s.secret).to be_nil
+            expect(s.secret_encrypted).to be_nil
+          end
+          it "stores the key id" do
+            secret = 'animal style'
+            s = item.create
+            s.update(secret: secret)
+            s.reload
+            expect(s.key_id).to eq(key_id)
+          end
+          it "reads a never-set encrypted field as nil" do
+            s = item.create
+            expect(s.secret).to be_nil
+          end
+          it "avoids updating existing values when those do not change" do
+            the_secret = "Satoshi Nakamoto"
+            s = item.create
+            s.update(secret: the_secret)
+            s.secret = the_secret
+            expect(s.save_changes).to be_nil
+          end
+          it "reads the correct value for a dirty field before the object is saved" do
+            s = item.create
+            secret = 'mcmurphy is lobotomized =('
+            s.secret = secret
+            expect(s.secret).to eq secret
+          end
+        end
       end
-    end
-    it "does not clobber other attributes" do
-      secret1 = "superman is really mild-mannered reporter clark kent"
-      secret2 = "batman is really millionaire playboy bruce wayne"
-      s = item.create(secret: secret1)
-      s.reload
-      expect(s.secret).to eq secret1
-      s.update(other: secret2)
-      s.reload
-      expect(s.secret).to eq secret1
-      expect(s.other).to eq secret2
-    end
-  end
+      context "with multiple encrypted columns" do
+        let(:key_data) do
+          [ { id: 1,
+              value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=' } ].to_json
+        end
+        let(:item) do
+          k = key_data
+          Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret
+            vault_attr :other
+          end
+        end
-  context "with items encrypted with an older key" do
-    let(:key1_id)  { '80a8571b-dc8a-44da-9b89-caee87e41ce2' }
-    let(:key1) do
-      { id: key1_id,
-        value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-        created_at: Time.new(2014, 1, 1, 0, 0, 0) }
-    end
-    let(:key2_id)  { '0a85781b-d8ac-4a4d-89b9-acee874e1ec2' }
-    let(:key2) do
-      { id: key2_id,
-        value: 'hUL1orBBRckZOuSuptRXYMV9lx5Qp54zwFUVwpwTpdk=',
-        created_at: Time.new(2014, 2, 1, 0, 0, 0) }
-    end
-    let(:partial_keyring) { [key1].to_json }
-    let(:full_keyring)    { [key1, key2].to_json }
-    let(:item1) do
-      k = partial_keyring
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret
-        vault_attr :other
-      end
-    end
-    let(:item2) do
-      k = full_keyring
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret
-        vault_attr :other
+        it "does not clobber other attributes" do
+          secret1 = "superman is really mild-mannered reporter clark kent"
+          secret2 = "batman is really millionaire playboy bruce wayne"
+          s = item.create(secret: secret1)
+          s.reload
+          expect(s.secret).to eq secret1
+          s.update(other: secret2)
+          s.reload
+          expect(s.secret).to eq secret1
+          expect(s.other).to eq secret2
+        end
       end
-    end
-    it "rewrites the items using the current key" do
-      secret1 = 'mrs. doubtfire is really a man'
-      secret2 = 'tootsie? also a man'
-      record = item1.create(secret: secret1)
-      expect(record.key_id).to eq key1_id
-      expect(record.secret).to eq secret1
+      context "with items encrypted with an older key" do
+        let(:key1_id)  { 1 }
+        let(:key1) do
+          { id: key1_id,
+            value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=' }
+        end
+        let(:key2_id)  { 2 }
+        let(:key2) do
+          { id: key2_id,
+            value: 'hUL1orBBRckZOuSuptRXYMV9lx5Qp54zwFUVwpwTpdk=' }
+        end
+        let(:partial_keyring) { [key1].to_json }
+        let(:full_keyring)    { [key1, key2].to_json }
+        let(:item1) do
+          k = partial_keyring
+          Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret
+            vault_attr :other
+          end
+        end
+        let(:item2) do
+          k = full_keyring
+          Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret
+            vault_attr :other
+          end
+        end
-      old_secret_encrypted = record.secret_encrypted
+        it "rewrites the items using the current key" do
+          secret1 = 'mrs. doubtfire is really a man'
+          secret2 = 'tootsie? also a man'
+          record = item1.create(secret: secret1)
+          expect(record.key_id).to eq key1_id
+          expect(record.secret).to eq secret1
-      new_key_record = item2[record.id]
-      new_key_record.update(secret: secret2)
-      new_key_record.reload
+          old_secret_encrypted = record.secret_encrypted
-      expect(new_key_record.key_id).to eq key2_id
-      expect(new_key_record.secret).to eq secret2
-      expect(new_key_record.secret_encrypted).not_to eq old_secret_encrypted
-    end
+          new_key_record = item2[record.id]
+          new_key_record.update(secret: secret2)
+          new_key_record.reload
-    it "rewrites the items using the current key even if they are not updated" do
-      secret1 = 'the planet of the apes is really earth'
-      secret2 = 'the answer is 42'
-      record = item1.create(secret: secret1)
-      expect(record.key_id).to eq key1_id
-      expect(record.secret).to eq secret1
+          expect(new_key_record.key_id).to eq key2_id
+          expect(new_key_record.secret).to eq secret2
+          expect(new_key_record.secret_encrypted).not_to eq old_secret_encrypted
+        end
-      old_secret_encrypted = record.secret_encrypted
+        it "rewrites the items using the current key even if they are not updated" do
+          secret1 = 'the planet of the apes is really earth'
+          secret2 = 'the answer is 42'
+          record = item1.create(secret: secret1)
+          expect(record.key_id).to eq key1_id
+          expect(record.secret).to eq secret1
-      new_key_record = item2[record.id]
-      new_key_record.update(other: secret2)
-      new_key_record.reload
+          old_secret_encrypted = record.secret_encrypted
-      expect(new_key_record.key_id).to eq key2_id
-      expect(new_key_record.secret).to eq secret1
-      expect(new_key_record.secret_encrypted).not_to eq old_secret_encrypted
-      expect(new_key_record.other).to eq secret2
-    end
-  end
+          new_key_record = item2[record.id]
+          new_key_record.update(other: secret2)
+          new_key_record.reload
-  context "with plaintext source fields" do
-    let(:key_id)   { '80a8571b-dc8a-44da-9b89-caee87e41ce2' }
-    let(:key_data) do
-      [ { id: key_id,
-          value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-          created_at: Time.now } ].to_json
-    end
-    let(:item1) do
-      k = key_data
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret
-        vault_attr :other
-      end
-    end
-    let(:item2) do
-      k = key_data
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret, migrate_from_field: :not_secret
-        vault_attr :other, migrate_from_field: :other_not_secret
+          expect(new_key_record.key_id).to eq key2_id
+          expect(new_key_record.secret).to eq secret1
+          expect(new_key_record.secret_encrypted).not_to eq old_secret_encrypted
+          expect(new_key_record.other).to eq secret2
+        end
       end
-    end
-    it "copies a plaintext field to an encrypted field when saving the object" do
-      becomes_secret = 'the location of the lost continent of atlantis'
-      s = item1.create(not_secret: becomes_secret)
-      reloaded = item2[s.id]
-      expect(reloaded.not_secret).to eq becomes_secret
-      reloaded.save
-      reloaded.reload
-      expect(reloaded.not_secret).to be_nil
-      expect(reloaded.secret).to eq becomes_secret
-    end
-    it "supports converting multiple fields" do
-      becomes_secret1 = 'the location of the fountain of youth'
-      becomes_secret2 = 'the location of the lost city of el dorado'
-      s = item1.create(not_secret: becomes_secret1, other_not_secret: becomes_secret2)
-      reloaded = item2[s.id]
-      expect(reloaded.not_secret).to eq becomes_secret1
-      expect(reloaded.other_not_secret).to eq becomes_secret2
-      reloaded.save
-      reloaded.reload
-      expect(reloaded.not_secret).to be_nil
-      expect(reloaded.secret).to eq becomes_secret1
-      expect(reloaded.other_not_secret).to be_nil
-      expect(reloaded.other).to eq becomes_secret2
-    end
+      context "with plaintext source fields" do
+        let(:key_id)   { 1 }
+        let(:key_data) do
+          [ { id: key_id,
+              value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=' } ].to_json
+        end
+        let(:item1) do
+          k = key_data
+          Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret
+            vault_attr :other
+          end
+        end
+        let(:item2) do
+          k = key_data
+          Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret, migrate_from_field: :not_secret
+            vault_attr :other, migrate_from_field: :other_not_secret
+          end
+        end
-    it "nils out the plaintext field and persists the encrypted field on save" do
-      becomes_secret = 'the location of all those socks that disappear from the dryer'
-      new_secret = 'the location of pliny the younger drafts'
-      s = item1.create(not_secret: becomes_secret)
-      reloaded = item2[s.id]
-      expect(reloaded.secret).to eq(becomes_secret)
-      reloaded.secret = new_secret
-      expect(reloaded.secret).to eq(new_secret)
-      reloaded.save
-      expect(reloaded.secret).to eq(new_secret)
-      expect(reloaded.not_secret).to be_nil
-    end
-  end
+        it "copies a plaintext field to an encrypted field when saving the object" do
+          becomes_secret = 'the location of the lost continent of atlantis'
+          s = item1.create(not_secret: becomes_secret)
+          reloaded = item2[s.id]
+          expect(reloaded.not_secret).to eq becomes_secret
+          reloaded.save
+          reloaded.reload
+          expect(reloaded.not_secret).to be_nil
+          expect(reloaded.secret).to eq becomes_secret
+        end
-  context "with renamed database fields" do
-    let(:key_data) do
-      [ { id: '80a8571b-dc8a-44da-9b89-caee87e41ce2',
-          value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-          created_at: Time.now } ].to_json
-    end
+        it "supports converting multiple fields" do
+          becomes_secret1 = 'the location of the fountain of youth'
+          becomes_secret2 = 'the location of the lost city of el dorado'
+          s = item1.create(not_secret: becomes_secret1, other_not_secret: becomes_secret2)
+          reloaded = item2[s.id]
+          expect(reloaded.not_secret).to eq becomes_secret1
+          expect(reloaded.other_not_secret).to eq becomes_secret2
+          reloaded.save
+          reloaded.reload
+          expect(reloaded.not_secret).to be_nil
+          expect(reloaded.secret).to eq becomes_secret1
+          expect(reloaded.other_not_secret).to be_nil
+          expect(reloaded.other).to eq becomes_secret2
+        end
-    it "supports renaming the encrypted field" do
-      k = key_data
-      item = Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :classified_info,
-          encrypted_field: :secret_encrypted
+        it "nils out the plaintext field and persists the encrypted field on save" do
+          becomes_secret = 'the location of all those socks that disappear from the dryer'
+          new_secret = 'the location of pliny the younger drafts'
+          s = item1.create(not_secret: becomes_secret)
+          reloaded = item2[s.id]
+          expect(reloaded.secret).to eq(becomes_secret)
+          reloaded.secret = new_secret
+          expect(reloaded.secret).to eq(new_secret)
+          reloaded.save
+          expect(reloaded.secret).to eq(new_secret)
+          expect(reloaded.not_secret).to be_nil
+        end
       end
-      secret = "we've secretly replaced the fine coffee they usually serve with Folgers Crystals"
-      s = item.create(classified_info: secret)
-      s.reload
-      expect(s.classified_info).to eq secret
-      expect(s.secret_encrypted).not_to eq secret
-    end
+      context "with renamed database fields" do
+        let(:key_data) do
+          [ { id: 1,
+              value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=' } ].to_json
+        end
-    it "supports renaming the key id field" do
-      k = key_data
-      item = Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k, key_field: :alt_key_id
-        vault_attr :secret
-      end
+        it "supports renaming the encrypted field" do
+          k = key_data
+          item = Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :classified_info,
+                       encrypted_field: :secret_encrypted
+          end
+          secret = "we've secretly replaced the fine coffee they usually serve with Folgers Crystals"
+          s = item.create(classified_info: secret)
+          s.reload
+          expect(s.classified_info).to eq secret
+          expect(s.secret_encrypted).not_to eq secret
+        end
-      secret = "up up down down left right left right b a"
-      s = item.create(secret: secret)
-      s.reload
-      expect(s.secret).to eq secret
-      expect(s.secret_encrypted).not_to eq secret
-      expect(s.alt_key_id).not_to be_nil
-      expect(s.key_id).to be_nil
-    end
-  end
+        it "supports renaming the key id field" do
+          k = key_data
+          item = Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k, key_field: :alt_key_id
+            vault_attr :secret
+          end
-  context "with a digest field" do
-    let(:key_id)   { '80a8571b-dc8a-44da-9b89-caee87e41ce2' }
-    let(:key) do
-      [ { id: key_id,
-          value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-          created_at: Time.now } ]
-    end
-    let(:item) do
-      k = key.to_json
-      Class.new(Sequel::Model(:items)) do
-        include AttrVault
-        vault_keyring k
-        vault_attr :secret, digest_field: :secret_digest
-        vault_attr :other, digest_field: :other_digest
+          secret = "up up down down left right left right b a"
+          s = item.create(secret: secret)
+          s.reload
+          expect(s.secret).to eq secret
+          expect(s.secret_encrypted).not_to eq secret
+          expect(s.alt_key_id).not_to be_nil
+          expect(s.key_id).to be_nil
+        end
       end
-    end
-    def test_digest(key, data)
-      OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'),
-        key.first.fetch(:value), data)
-    end
+      context "with a digest field" do
+        let(:key_id)   { 1 }
+        let(:key) do
+          [ { id: key_id,
+              value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=' } ]
+        end
+        let(:item) do
+          k = key.to_json
+          Class.new(Sequel::Model(:items)) do
+            include AttrVault
+            vault_keyring k
+            vault_attr :secret, digest_field: :secret_digest
+            vault_attr :other, digest_field: :other_digest
+          end
+        end
-    def count_matching_digests(item_class, digest_field, secret)
-      item.where({digest_field => item_class.vault_digests(secret)}).count
-    end
+        def test_digest(key, data)
+          OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'),
+                               key.first.fetch(:value), data)
+        end
-    it "records the hmac of the plaintext value" do
-      secret = 'snape kills dumbledore'
-      s = item.create(secret: secret)
-      expect(s.secret_digest).to eq(test_digest(key, secret))
-      expect(count_matching_digests(item, :secret_digest, secret)).to eq(1)
-    end
+        def count_matching_digests(item_class, digest_field, secret)
+          item.where({digest_field => item_class.vault_digests(secret)}).count
+        end
-    it "can record multiple digest fields" do
-      secret = 'joffrey kills ned'
-      other_secret = '"gomer pyle" lawrence kills himself'
-      s = item.create(secret: secret, other: other_secret)
-      expect(s.secret_digest).to eq(test_digest(key, secret))
-      expect(s.other_digest).to eq(test_digest(key, other_secret))
-      # Check vault_digests feature matching against the database.
-      expect(count_matching_digests(item, :secret_digest, secret)).to eq(1)
-      expect(count_matching_digests(item, :other_digest, other_secret)).to eq(1)
-      # Negative tests for mismatched digesting.
-      expect(count_matching_digests(item, :secret_digest, other_secret))
-        .to eq(0)
-      expect(count_matching_digests(item, :other_digest, secret)).to eq(0)
-    end
+        it "records the hmac of the plaintext value" do
+          secret = 'snape kills dumbledore'
+          s = item.create(secret: secret)
+          expect(s.secret_digest).to eq(test_digest(key, secret))
+          expect(count_matching_digests(item, :secret_digest, secret)).to eq(1)
+        end
-    it "records the digest for an empty field" do
-      s = item.create(secret: '', other: '')
-      expect(s.secret_digest).to eq(test_digest(key, ''))
-      expect(s.other_digest).to eq(test_digest(key, ''))
-    end
+        it "can record multiple digest fields" do
+          secret = 'joffrey kills ned'
+          other_secret = '"gomer pyle" lawrence kills himself'
+          s = item.create(secret: secret, other: other_secret)
+          expect(s.secret_digest).to eq(test_digest(key, secret))
+          expect(s.other_digest).to eq(test_digest(key, other_secret))
+          # Check vault_digests feature matching against the database.
+          expect(count_matching_digests(item, :secret_digest, secret)).to eq(1)
+          expect(count_matching_digests(item, :other_digest, other_secret)).to eq(1)
+          # Negative tests for mismatched digesting.
+          expect(count_matching_digests(item, :secret_digest, other_secret))
+            .to eq(0)
+          expect(count_matching_digests(item, :other_digest, secret)).to eq(0)
+        end
-    it "records the digest of a nil field" do
-      s = item.create
-      expect(s.secret_digest).to be_nil
-      expect(s.other_digest).to be_nil
-    end
-  end
-end
+        it "records the digest for an empty field" do
+          s = item.create(secret: '', other: '')
+          expect(s.secret_digest).to eq(test_digest(key, ''))
+          expect(s.other_digest).to eq(test_digest(key, ''))
+        end
-describe "stress test" do
-  let(:key_id)   { '80a8571b-dc8a-44da-9b89-caee87e41ce2' }
-  let(:key_data) do
-    [ { id: key_id,
-        value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=',
-        created_at: Time.now } ].to_json
-  end
-  let(:item) do
-    k = key_data
-    Class.new(Sequel::Model(:items)) do
-      include AttrVault
-      vault_keyring k
-      vault_attr :secret
+        it "records the digest of a nil field" do
+          s = item.create
+          expect(s.secret_digest).to be_nil
+          expect(s.other_digest).to be_nil
+        end
+      end
     end
-  end
-  it "works" do
-    3.times.map do
-      Thread.new do
-        s = item.create(secret: 'that Commander Keen level in DOOM II')
-        1_000.times do
-          new_secret = [ nil, '', 36.times.map { (0..255).to_a.sample.chr }.join('') ].sample
-          s.update(secret: new_secret)
-          s.reload
-          expect(s.secret).to eq new_secret
+    describe "stress test" do
+      let(:key_id)   { 1 }
+      let(:key_data) do
+        [ { id: key_id,
+            value: 'aFJDXs+798G7wgS/nap21LXIpm/Rrr39jIVo2m/cdj8=' } ].to_json
+      end
+      let(:item) do
+        k = key_data
+        Class.new(Sequel::Model(:items)) do
+          include AttrVault
+          vault_keyring k
+          vault_attr :secret
         end
       end
-    end.map(&:join)
+      it "works" do
+        3.times.map do
+          Thread.new do
+            s = item.create(secret: 'that Commander Keen level in DOOM II')
+            1_000.times do
+              new_secret = [ nil, '', 36.times.map { (0..255).to_a.sample.chr }.join('') ].sample
+              s.update(secret: new_secret)
+              s.reload
+              expect(s.secret).to eq new_secret
+            end
+          end
+        end.map(&:join)
+      end
+    end
   end
 end

data/spec/spec_helper.rb CHANGED Viewed

@@ -12,21 +12,36 @@ require 'pg'
 require 'sequel'
 conn = Sequel.connect(ENV['DATABASE_URL'])
-conn.run 'CREATE EXTENSION IF NOT EXISTS "uuid-ossp"'
-conn.run 'DROP TABLE IF EXISTS items'
 conn.run <<-EOF
-    CREATE TABLE items(
-      id serial primary key,
-      key_id uuid,
-      alt_key_id uuid,
-      secret_encrypted bytea,
-      secret_digest bytea,
-      other_encrypted bytea,
-      other_digest bytea,
-      not_secret text,
-      other_not_secret text
-    )
-  EOF
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
+DROP TABLE IF EXISTS items;
+DROP TABLE IF EXISTS items_legacy;
+CREATE TABLE items(
+  id serial primary key,
+  key_id integer,
+  alt_key_id integer,
+  secret_encrypted bytea,
+  secret_digest bytea,
+  other_encrypted bytea,
+  other_digest bytea,
+  not_secret text,
+  other_not_secret text
+);
+CREATE TABLE items_legacy(
+  id serial primary key,
+  key_id uuid,
+  alt_key_id uuid,
+  secret_encrypted bytea,
+  secret_digest bytea,
+  other_encrypted bytea,
+  other_digest bytea,
+  not_secret text,
+  other_not_secret text
+);
+EOF
 RSpec.configure do |config|
   config.run_all_when_everything_filtered = true
@@ -34,6 +49,7 @@ RSpec.configure do |config|
   config.before(:example) do
     conn.run 'TRUNCATE items'
+    conn.run 'TRUNCATE items_legacy'
   end
   # Run specs in random order to surface order dependencies. If you find an

metadata CHANGED Viewed

@@ -1,57 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: attr_vault
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Maciek Sakrejda
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-01-22 00:00:00.000000000 Z
+date: 2016-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: pg
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
+        version: 0.18.3
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 0.18.3
 - !ruby/object:Gem::Dependency
-  name: pg
+  name: sequel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.3
-  type: :development
+        version: '4.13'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.3
+        version: '4.13'
 - !ruby/object:Gem::Dependency
-  name: sequel
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.13'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.13'
+        version: '3.0'
 description: Encryption at rest made easy
 email:
 - m.sakrejda@gmail.com