blind_index 1.0.1 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 93b1688db3ff1410b5e56fcf3fae01d76cfcb073df3647abb6582fffbb05d148
-  data.tar.gz: 3b0b3dff637c2eab2b7b4d5811b413166cd23503dec1d6081fb5bfee7533ce99
+  metadata.gz: f6749c94ee9432d60e3095e77a3948f480c345b793555dadf5b25261247e406b
+  data.tar.gz: e29eb3a994de26b1f67cb31a16bbaef66742aea0cf366ea5830247421c30a5b0
 SHA512:
-  metadata.gz: fcae62db34e27e82885d6fb200b6d3549bc14d9c7c1ddedf9d59aa32a7f9691010aa641379318fbb20706823b258328013ba7eb3cc2b6e63242ae4addcdc7a0e
-  data.tar.gz: 45a07059d4d78d2a9f814db37d9a80fe37603e78603207b65f80a812bce6e18c818ebb0c3fc7e6b8439203eec4398a81a9db7b32bfaa7061865244841050ad2c
+  metadata.gz: 4a195bd440c17774dcaf46196c34f2965a78ef7a95499501534fba3161cafc82af085a0046f9bc5e422e7b38476040c389ae3440cf0589db190cd9240f4c6521
+  data.tar.gz: b1ba60817538b3fda557a392e136a2a61c80341332f16821a36e60b8f573659574fbfe36d85969f7730b172451de5e0c5a369d6a4a11c0e65608cfe369229c37

data/CHANGELOG.md

@@ -1,8 +1,34 @@
-## 1.0.1
+## 2.1.0 (2020-07-06)
+
+- Improved performance of uniqueness validations
+- Fixed deprecation warnings in Ruby 2.7 with Mongoid
+
+## 2.0.2 (2020-06-01)
+
+- Improved error message for bad key length
+- Fixed `backfill` method with relations for Mongoid
+
+## 2.0.1 (2020-02-14)
+
+- Added `BlindIndex.backfill` method
+
+## 2.0.0 (2019-02-10)
+
+- Blind indexes are updated immediately instead of in a `before_validation` callback
+- Better Lockbox integration - no need to generate a separate key
+- The `argon2` gem has been replaced with `argon2-kdf` for less dependencies and Windows support
+- Removed deprecated `compute_email_bidx`
+
+## 1.0.2 (2019-12-26)
+
+- Fixed `OpenSSL::KDF` error on some platforms
+- Fixed deprecation warnings in Ruby 2.7
+
+## 1.0.1 (2019-08-16)
 
 - Added support for Mongoid
 
-## 1.0.0
+## 1.0.0 (2019-07-08)
 
 - Added support for master key
 - Added support for Argon2id
@@ -15,56 +41,56 @@ Breaking changes
 - Removed `encrypted_` prefix from columns
 - Changed default encoding to Base64 strict
 
-## 0.3.5
+## 0.3.5 (2019-05-28)
 
 - Added support for hex keys
 - Added `generate_key` method
 - Fixed querying with array values
 
-## 0.3.4
+## 0.3.4 (2018-12-16)
 
 - Added `size` option
 - Added sanity checks for Argon2 cost parameters
 - Fixed ActiveRecord callback issues introduced in 0.3.3
 
-## 0.3.3
+## 0.3.3 (2018-11-12)
 
 - Added support for string keys in finders
 
-## 0.3.2
+## 0.3.2 (2018-06-18)
 
 - Added support for dynamic finders
 - Added support for inherited models
 
-## 0.3.1
+## 0.3.1 (2018-06-04)
 
 - Added scrypt and Argon2 algorithms
 - Added `cost` option
 
-## 0.3.0
+## 0.3.0 (2018-06-03)
 
 - Enforce secure key generation
 - Added `encode` option
 - Added `default_options` method
 
-## 0.2.1
+## 0.2.1 (2018-05-26)
 
 - Added class method to compute blind index
 - Fixed issue with cached statements
 
-## 0.2.0
+## 0.2.0 (2018-05-11)
 
 - Added support for ActiveRecord 4.2
 - Improved validation support when multiple blind indexes
 - Fixed `nil` handling
 
-## 0.1.1
+## 0.1.1 (2018-04-09)
 
 - Added support for ActiveRecord 5.2
 - Added `callback` option
 - Added support for `key` proc
 - Fixed error inheritance
 
-## 0.1.0
+## 0.1.0 (2017-12-17)
 
 - First release

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2017-2019 Andrew Kane
+Copyright (c) 2017-2020 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -16,7 +16,7 @@ We use [this approach](https://paragonie.com/blog/2017/05/building-searchable-en
 
 An important consideration in searchable encryption is leakage, which is information an attacker can gain. Blind indexing leaks that rows have the same value. If you use this for a field like last name, an attacker can use frequency analysis to predict the values. In an active attack where an attacker can control the input values, they can learn which other values in the database match.
 
-Here’s a [great article](https://blog.cryptographyengineering.com/2019/02/11/attack-of-the-week-searchable-encryption-and-the-ever-expanding-leakage-function/) on leakage in searchable encryption. Blind indexing has the same leakage as deterministic encryption.
+Here’s a [great article](https://blog.cryptographyengineering.com/2019/02/11/attack-of-the-week-searchable-encryption-and-the-ever-expanding-leakage-function/) on leakage in searchable encryption. Blind indexing has the same leakage as [deterministic encryption](#alternatives).
 
 ## Installation
 
@@ -26,38 +26,14 @@ Add this line to your application’s Gemfile:
 gem 'blind_index'
 ```
 
-On Windows, also add:
+## Prep
 
-```ruby
-gem 'argon2', git: 'https://github.com/technion/ruby-argon2.git', submodules: true
-```
+Your model should already be set up with Lockbox or attr_encrypted. The examples are for a `User` model with `encrypts :email` or `attr_encrypted :email`. See the full examples for [Lockbox](https://ankane.org/securing-user-emails-lockbox) and [attr_encrypted](https://ankane.org/securing-user-emails-in-rails) if needed.
 
-Until `argon2 > 2.0.2` is released.
+Also, if you use attr_encrypted, [generate a key](#key-generation).
 
 ## Getting Started
 
-> Note: Your model should already be set up with Lockbox or attr_encrypted. The examples are for a `User` model with `encrypts :email` or `attr_encrypted :email`. See the full examples for [Lockbox](https://ankane.org/securing-user-emails-lockbox) and [attr_encrypted](https://ankane.org/securing-user-emails-in-rails) if needed.
-
-First, generate a key
-
-```ruby
-BlindIndex.generate_key
-```
-
-Store the key with your other secrets. This is typically Rails credentials or an environment variable ([dotenv](https://github.com/bkeepers/dotenv) is great for this). Be sure to use different keys in development and production. Keys don’t need to be hex-encoded, but it’s often easier to store them this way.
-
-Set the following environment variable with your key (you can use this one in development)
-
-```sh
-BLIND_INDEX_MASTER_KEY=ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
-```
-
-or create `config/initializers/blind_index.rb` with something like
-
-```ruby
-BlindIndex.master_key = Rails.application.credentials.blind_index_master_key
-```
-
 Create a migration to add a column for the blind index
 
 ```ruby
@@ -84,10 +60,7 @@ end
 Backfill existing records
 
 ```ruby
-User.unscoped.where(email_bidx: nil).find_each do |user|
-  user.compute_email_bidx
-  user.save(validate: false)
-end
+BlindIndex.backfill(User)
 ```
 
 And query away
@@ -96,9 +69,19 @@ And query away
 User.where(email: "test@example.org")
 ```
 
+## Expressions
+
+You can apply expressions to attributes before indexing and searching. This gives you the the ability to perform case-insensitive searches and more.
+
+```ruby
+class User < ApplicationRecord
+  blind_index :email, expression: ->(v) { v.downcase }
+end
+```
+
 ## Validations
 
-To prevent duplicates, use:
+You can use blind indexes for uniqueness validations.
 
 ```ruby
 class User < ApplicationRecord
@@ -106,15 +89,27 @@ class User < ApplicationRecord
 end
 ```
 
-We also recommend adding a unique index to the blind index column through a database migration.
+We recommend adding a unique index to the blind index column through a database migration.
 
-## Expressions
+```ruby
+add_index :users, :email_bidx, unique: true
+```
 
-You can apply expressions to attributes before indexing and searching. This gives you the the ability to perform case-insensitive searches and more.
+For `allow_blank: true`, use:
+
+```ruby
+class User < ApplicationRecord
+  blind_index :email, expression: ->(v) { v.presence }
+  validates :email, uniqueness: {allow_blank: true}
+end
+```
+
+For `case_sensitive: false`, use:
 
 ```ruby
 class User < ApplicationRecord
   blind_index :email, expression: ->(v) { v.downcase }
+  validates :email, uniqueness: true # for best performance, leave out {case_sensitive: false}
 end
 ```
 
@@ -139,10 +134,7 @@ end
 Backfill existing records
 
 ```ruby
-User.unscoped.where(email_ci_bidx: nil).find_each do |user|
-  user.compute_email_ci_bidx
-  user.save(validate: false)
-end
+BlindIndex.backfill(User, columns: [:email_ci_bidx])
 ```
 
 And query away
@@ -169,18 +161,34 @@ You can also use virtual attributes to index data from multiple columns:
 ```ruby
 class User < ApplicationRecord
   attribute :initials, :string
+  blind_index :initials
 
-  # must come before the blind_index method so it runs first
   before_validation :set_initials, if: -> { changes.key?(:first_name) || changes.key?(:last_name) }
 
-  blind_index :initials
-
   def set_initials
     self.initials = "#{first_name[0]}#{last_name[0]}"
   end
 end
 ```
 
+## Migrating Data
+
+If you’re encrypting a column and adding a blind index at the same time, use the `migrating` option.
+
+```ruby
+class User < ApplicationRecord
+  blind_index :email, migrating: true
+end
+```
+
+This allows you to backfill records while still querying the unencrypted field.
+
+```ruby
+BlindIndex.backfill(User)
+```
+
+Once that completes, you can remove the `migrating` option.
+
 ## Key Rotation
 
 To rotate keys without downtime, add a new column:
@@ -201,10 +209,7 @@ end
 This will keep the new column synced going forward. Next, backfill the data:
 
 ```ruby
-User.unscoped.where(email_bidx_v2: nil).find_each do |user|
-  user.compute_rotated_email_bidx
-  user.save(validate: false)
-end
+BlindIndex.backfill(User, columns: [:email_bidx_v2])
 ```
 
 Then update your model
@@ -260,6 +265,30 @@ class User
 end
 ```
 
+## Key Generation
+
+This is optional for Lockbox, as its master key is used by default.
+
+Generate a key with:
+
+```ruby
+BlindIndex.generate_key
+```
+
+Store the key with your other secrets. This is typically Rails credentials or an environment variable ([dotenv](https://github.com/bkeepers/dotenv) is great for this). Be sure to use different keys in development and production. Keys don’t need to be hex-encoded, but it’s often easier to store them this way.
+
+Set the following environment variable with your key (you can use this one in development)
+
+```sh
+BLIND_INDEX_MASTER_KEY=ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+```
+
+or create `config/initializers/blind_index.rb` with something like
+
+```ruby
+BlindIndex.master_key = Rails.application.credentials.blind_index_master_key
+```
+
 ## Reference
 
 Set default options in an initializer with:
@@ -294,10 +323,21 @@ end
 
 ## Alternatives
 
-One alternative to blind indexing is to use a deterministic encryption scheme, like [AES-SIV](https://github.com/miscreant/miscreant). In this approach, the encrypted data will be the same for matches.
+One alternative to blind indexing is to use a deterministic encryption scheme, like [AES-SIV](https://github.com/miscreant/miscreant). In this approach, the encrypted data will be the same for matches. We recommend blind indexing over deterministic encryption because:
+
+1. You can keep encryption consistent for all fields (both searchable and non-searchable)
+2. Blind indexing supports expressions
 
 ## Upgrading
 
+### 2.0.0
+
+2.0.0 brings a number of improvements.
+
+- Blind indexes are updated immediately instead of in a `before_validation` callback
+- Better Lockbox integration - no need to generate a separate key
+- There’s a new gem for Argon2 that has no dependencies and (officially) supports Windows
+
 ### 1.0.0
 
 1.0.0 brings a number of improvements. Here are a few to be aware of:
@@ -335,7 +375,7 @@ And add to your model
 
 ```ruby
 class User < ApplicationRecord
-  blind_index :email, key: ENV["USER_EMAIL_BLIND_INDEX_KEY"], legacy: true, rotate: true
+  blind_index :email, key: ENV["USER_EMAIL_BLIND_INDEX_KEY"], legacy: true, rotate: {}
 end
 ```
 
@@ -416,5 +456,7 @@ To get started with development and testing:
 git clone https://github.com/ankane/blind_index.git
 cd blind_index
 bundle install
-rake test
+bundle exec rake test
 ```
+
+For security issues, send an email to the address on [this page](https://github.com/ankane).

data/lib/blind_index.rb

@@ -1,9 +1,10 @@
 # dependencies
 require "active_support"
 require "openssl"
-require "argon2"
+require "argon2/kdf"
 
 # modules
+require "blind_index/backfill"
 require "blind_index/key_generator"
 require "blind_index/model"
 require "blind_index/version"
@@ -18,7 +19,7 @@ module BlindIndex
   self.default_options = {}
 
   def self.master_key
-    @master_key ||= ENV["BLIND_INDEX_MASTER_KEY"]
+    @master_key ||= ENV["BLIND_INDEX_MASTER_KEY"] || (defined?(Lockbox.master_key) && Lockbox.master_key)
   end
 
   def self.generate_bidx(value, key:, **options)
@@ -64,7 +65,7 @@ module BlindIndex
           # use same bounds as rbnacl
           raise BlindIndex::Error, "m must be between 3 and 22" if m < 3 || m > 22
 
-          [Argon2::Engine.hash_argon2id(value, key, t, m, size)].pack("H*")
+          Argon2::KDF.argon2id(value, salt: key, t: t, m: m, p: 1, length: size)
         when :pbkdf2_sha256
           iterations = cost_options[:iterations] || options[:iterations] || (options[:slow] ? 100000 : 10000)
           OpenSSL::PKCS5.pbkdf2_hmac(value, key, iterations, size, "sha256")
@@ -78,7 +79,7 @@ module BlindIndex
           # use same bounds as rbnacl
           raise BlindIndex::Error, "m must be between 3 and 22" if m < 3 || m > 22
 
-          [Argon2::Engine.hash_argon2i(value, key, t, m, size)].pack("H*")
+          Argon2::KDF.argon2i(value, salt: key, t: t, m: m, p: 1, length: size)
         when :scrypt
           n = cost_options[:n] || 4096
           r = cost_options[:r] || 8
@@ -116,29 +117,28 @@ module BlindIndex
     key
   end
 
-  def self.decode_key(key)
+  def self.decode_key(key, name: "Key")
     # decode hex key
     if key.encoding != Encoding::BINARY && key =~ /\A[0-9a-f]{64}\z/i
       key = [key].pack("H*")
     end
 
-    raise BlindIndex::Error, "Key must use binary encoding" if key.encoding != Encoding::BINARY
-    raise BlindIndex::Error, "Key must be 32 bytes" if key.bytesize != 32
+    raise BlindIndex::Error, "#{name} must be 32 bytes (64 hex digits)" if key.bytesize != 32
+    raise BlindIndex::Error, "#{name} must use binary encoding" if key.encoding != Encoding::BINARY
 
     key
   end
+
+  def self.backfill(relation, columns: nil, batch_size: 1000)
+    Backfill.new(relation, columns: columns, batch_size: batch_size).perform
+  end
 end
 
 ActiveSupport.on_load(:active_record) do
   require "blind_index/extensions"
   extend BlindIndex::Model
 
-  if defined?(ActiveRecord::TableMetadata)
-    ActiveRecord::TableMetadata.prepend(BlindIndex::Extensions::TableMetadata)
-  else
-    ActiveRecord::PredicateBuilder.singleton_class.prepend(BlindIndex::Extensions::PredicateBuilder)
-  end
-
+  ActiveRecord::TableMetadata.prepend(BlindIndex::Extensions::TableMetadata)
   ActiveRecord::DynamicMatchers::Method.prepend(BlindIndex::Extensions::DynamicMatchers)
 
   unless ActiveRecord::VERSION::STRING.start_with?("5.1.")

data/lib/blind_index/backfill.rb

@@ -0,0 +1,113 @@
+module BlindIndex
+  class Backfill
+    attr_reader :blind_indexes
+
+    def initialize(relation, batch_size:, columns:)
+      @relation = relation
+      @transaction = @relation.respond_to?(:transaction)
+      @batch_size = batch_size
+      @blind_indexes = @relation.blind_indexes
+      filter_columns!(columns) if columns
+    end
+
+    def perform
+      each_batch do |records|
+        backfill_records(records)
+      end
+    end
+
+    private
+
+    # modify in-place
+    def filter_columns!(columns)
+      columns = Array(columns).map(&:to_s)
+      blind_indexes.select! { |_, v| columns.include?(v[:bidx_attribute]) }
+      bad_columns = columns - blind_indexes.map { |_, v| v[:bidx_attribute] }
+      raise ArgumentError, "Bad column: #{bad_columns.first}" if bad_columns.any?
+    end
+
+    def build_relation
+      # build relation
+      relation = @relation
+
+      if defined?(ActiveRecord::Base) && relation.is_a?(ActiveRecord::Base)
+        relation = relation.unscoped
+      end
+
+      # convert from possible class to ActiveRecord::Relation or Mongoid::Criteria
+      relation = relation.all
+
+      attributes = blind_indexes.map { |_, v| v[:bidx_attribute] }
+
+      if defined?(ActiveRecord::Relation) && relation.is_a?(ActiveRecord::Relation)
+        base_relation = relation.unscoped
+        or_relation = relation.unscoped
+
+        attributes.each_with_index do |attribute, i|
+          or_relation =
+            if i == 0
+              base_relation.where(attribute => nil)
+            else
+              or_relation.or(base_relation.where(attribute => nil))
+            end
+        end
+
+        relation.merge(or_relation)
+      else
+        relation.merge(relation.unscoped.or(attributes.map { |a| {a => nil} }))
+      end
+    end
+
+    def each_batch
+      relation = build_relation
+
+      if relation.respond_to?(:find_in_batches)
+        relation.find_in_batches(batch_size: @batch_size) do |records|
+          yield records
+        end
+      else
+        # https://github.com/karmi/tire/blob/master/lib/tire/model/import.rb
+        # use cursor for Mongoid
+        records = []
+        relation.all.each do |record|
+          records << record
+          if records.length == @batch_size
+            yield records
+            records = []
+          end
+        end
+        yield records if records.any?
+      end
+    end
+
+    def backfill_records(records)
+      # do expensive blind index computation outside of transaction
+      records.each do |record|
+        blind_indexes.each do |k, v|
+          record.send("compute_#{k}_bidx") if !record.send(v[:bidx_attribute])
+        end
+      end
+
+      # don't need to save records that went from nil => nil
+      records.select! { |r| r.changed? }
+
+      if records.any?
+        with_transaction do
+          records.each do |record|
+            record.save!(validate: false)
+          end
+        end
+      end
+    end
+
+    def with_transaction
+      if @transaction
+        @relation.transaction do
+          yield
+        end
+      else
+        yield
+      end
+    end
+  end
+end

data/lib/blind_index/extensions.rb

@@ -1,6 +1,5 @@
 module BlindIndex
   module Extensions
-    # ActiveRecord 5.0+
     module TableMetadata
       def resolve_column_aliases(hash)
         new_hash = super
@@ -10,9 +9,9 @@ module BlindIndex
               value = new_hash.delete(key)
               new_hash[bi[:bidx_attribute]] =
                 if value.is_a?(Array)
-                  value.map { |v| BlindIndex.generate_bidx(v, bi) }
+                  value.map { |v| BlindIndex.generate_bidx(v, **bi) }
                 else
-                  BlindIndex.generate_bidx(value, bi)
+                  BlindIndex.generate_bidx(value, **bi)
                 end
             end
           end
@@ -29,42 +28,19 @@ module BlindIndex
       end
     end
 
-    # ActiveRecord 4.2
-    module PredicateBuilder
-      def resolve_column_aliases(klass, hash)
-        new_hash = super
-        if has_blind_indexes?(klass)
-          hash.each do |key, _|
-            if key.respond_to?(:to_sym) && (bi = klass.blind_indexes[key.to_sym]) && !new_hash[key].is_a?(ActiveRecord::StatementCache::Substitute)
-              value = new_hash.delete(key)
-              new_hash[bi[:bidx_attribute]] =
-                if value.is_a?(Array)
-                  value.map { |v| BlindIndex.generate_bidx(v, bi) }
-                else
-                  BlindIndex.generate_bidx(value, bi)
-                end
-            end
-          end
-        end
-        new_hash
-      end
-
-      @@blind_index_cache = {}
-
-      # memoize for performance
-      def has_blind_indexes?(klass)
-        if @@blind_index_cache[klass].nil?
-          @@blind_index_cache[klass] = klass.respond_to?(:blind_indexes)
+    module UniquenessValidator
+      def validate_each(record, attribute, value)
+        klass = record.class
+        if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
+          value = record.read_attribute_for_validation(bi[:bidx_attribute])
         end
-        @@blind_index_cache[klass]
+        super(record, attribute, value)
       end
-    end
 
-    module UniquenessValidator
+      # change attribute name here instead of validate_each for better error message
       if ActiveRecord::VERSION::STRING >= "5.2"
         def build_relation(klass, attribute, value)
           if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
-            value = BlindIndex.generate_bidx(value, bi)
             attribute = bi[:bidx_attribute]
           end
           super(klass, attribute, value)
@@ -72,7 +48,6 @@ module BlindIndex
       else
         def build_relation(klass, table, attribute, value)
           if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
-            value = BlindIndex.generate_bidx(value, bi)
             attribute = bi[:bidx_attribute]
           end
           super(klass, table, attribute, value)

data/lib/blind_index/key_generator.rb

@@ -11,7 +11,7 @@ module BlindIndex
       raise ArgumentError, "Missing field for key generation" if bidx_attribute.to_s.empty?
 
       c = "\x7E"*32
-      root_key = hkdf(BlindIndex.decode_key(@master_key), salt: table.to_s, info: "#{c}#{bidx_attribute}", length: 32, hash: "sha384")
+      root_key = hkdf(BlindIndex.decode_key(@master_key, name: "Master key"), salt: table.to_s, info: "#{c}#{bidx_attribute}", length: 32, hash: "sha384")
       hash_hmac("sha256", pack([table, bidx_attribute, bidx_attribute]), root_key)
     end
 
@@ -22,7 +22,7 @@ module BlindIndex
     end
 
     def hkdf(ikm, salt:, info:, length:, hash:)
-      if OpenSSL::KDF.respond_to?(:hkdf)
+      if defined?(OpenSSL::KDF.hkdf)
         return OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: length, hash: hash)
       end
 

data/lib/blind_index/model.rb

@@ -61,28 +61,33 @@ module BlindIndex
           )
 
           define_singleton_method class_method_name do |value|
-            BlindIndex.generate_bidx(value, blind_indexes[name])
-          end
-
-          define_singleton_method method_name do |value|
-            ActiveSupport::Deprecation.warn("Use #{class_method_name} instead")
-            send(class_method_name, value)
+            BlindIndex.generate_bidx(value, **blind_indexes[name])
           end
 
           define_method method_name do
-            self.send("#{bidx_attribute}=", self.class.send(class_method_name, send(attribute)))
+            send("#{bidx_attribute}=", self.class.send(class_method_name, send(attribute)))
           end
 
           if callback
-            if defined?(ActiveRecord) && self < ActiveRecord::Base
-              # Active Record
-              # prevent deprecation warnings
-              before_validation method_name, if: -> { changes.key?(attribute.to_s) }
-            else
-              # Mongoid
-              # Lockbox only supports attribute_changed?
-              before_validation method_name, if: -> { send("#{attribute}_changed?") }
+            activerecord = defined?(ActiveRecord) && self < ActiveRecord::Base
+
+            # TODO reuse module
+            m = Module.new do
+              define_method "#{attribute}=" do |value|
+                result = super(value)
+                send(method_name)
+                result
+              end
+
+              unless activerecord
+                define_method "reset_#{attribute}!" do
+                  result = super()
+                  send(method_name)
+                  result
+                end
+              end
             end
+            prepend m
           end
 
           # use include so user can override
@@ -90,14 +95,14 @@ module BlindIndex
         end
       end
     end
-  end
 
-  module InstanceMethods
-    def read_attribute_for_validation(key)
-      if (bi = self.class.blind_indexes[key])
-        send(bi[:attribute])
-      else
-        super
+    module InstanceMethods
+      def read_attribute_for_validation(key)
+        if (bi = self.class.blind_indexes[key])
+          send(bi[:attribute])
+        else
+          super
+        end
       end
     end
   end

data/lib/blind_index/mongoid.rb

@@ -26,9 +26,9 @@ module BlindIndex
 
               criterion[bidx_key] =
                 if value.is_a?(Array)
-                  value.map { |v| BlindIndex.generate_bidx(v, bi) }
+                  value.map { |v| BlindIndex.generate_bidx(v, **bi) }
                 else
-                  BlindIndex.generate_bidx(value, bi)
+                  BlindIndex.generate_bidx(value, **bi)
                 end
             end
           end
@@ -39,9 +39,18 @@ module BlindIndex
     end
 
     module UniquenessValidator
+      def validate_each(record, attribute, value)
+        klass = record.class
+        if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
+          value = record.read_attribute_for_validation(bi[:bidx_attribute])
+        end
+        super(record, attribute, value)
+      end
+
+      # change attribute name here instead of validate_each for better error message
       def create_criteria(base, document, attribute, value)
-        if base.respond_to?(:blind_indexes) && (bi = base.blind_indexes[attribute])
-          value = BlindIndex.generate_bidx(value, bi)
+        klass = document.class
+        if klass.respond_to?(:blind_indexes) && (bi = klass.blind_indexes[attribute])
           attribute = bi[:bidx_attribute]
         end
         super(base, document, attribute, value)

data/lib/blind_index/version.rb

@@ -1,3 +1,3 @@
 module BlindIndex
-  VERSION = "1.0.1"
+  VERSION = "2.1.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blind_index
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 2.1.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-16 00:00:00.000000000 Z
+date: 2020-07-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -25,19 +25,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '5'
 - !ruby/object:Gem::Dependency
-  name: argon2
+  name: argon2-kdf
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 0.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 0.1.1
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -174,6 +174,7 @@ files:
 - LICENSE.txt
 - README.md
 - lib/blind_index.rb
+- lib/blind_index/backfill.rb
 - lib/blind_index/extensions.rb
 - lib/blind_index/key_generator.rb
 - lib/blind_index/model.rb
@@ -198,7 +199,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Securely search encrypted database fields