crypt_keeper 0.17.0 → 0.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bebe9201328a264bc331e557bfb7b29eda6f8cec
-  data.tar.gz: f429009d3af1a7a09e8a3a4e45f21211994491c8
+  metadata.gz: ad20b829cfe76208db3c0bc6cf992a278bbd9659
+  data.tar.gz: 15c42c4227ed3505c4eb0af0c511d81b258ba937
 SHA512:
-  metadata.gz: 16879b1ba1a690e850e5f1a26fb0d3f9db237b926acaf1dfdfab4d490da7723e2a7d079223d626a293916661ed1c63c29673a71a2d318482e99ecceb02b8c379
-  data.tar.gz: 52a28a7ba7a2a3ed75fc9194bc5d42cb1fff57249aab11681c0288b90f3babbe6e4340c05320ea07cbe62402fe252454c33b36361ed09a3758eb32ede731e680
+  metadata.gz: df0c80648cd1bf39b88b81b5fd2e5b6fb404d01bbf529452453ab1bbd4c1654b578f274fc35a82f36d66014c62804c88363c2762af6383127e8ecc437c8b02ff
+  data.tar.gz: aa457783481ed45731f0d1191907044a4904ec702365c6b9325e7219678329c86632ccf20e16cc2f9e7ff9008218741114d2a3fe0f8de57eea72baaf0c6baf64

data/README.md

@@ -47,6 +47,35 @@ expected behavior, and has its use cases. An example would be migrating from
 one type of encryption to another. Using `update_column` would allow you to
 update the content without going through the current encryptor.
 
+## Encodings
+
+You can force an encoding on the plaintext before encryption and after decryption by using the `encoding` option. This is useful when dealing with multibyte strings:
+
+```ruby
+class MyModel < ActiveRecord::Base
+  crypt_keeper :field, :other_field, :encryptor => :aes_new, :key => 'super_good_password', salt: 'salt', :encoding => 'UTF-8'
+end
+
+model = MyModel.new(field: 'Tromsø')
+model.save! #=> Your data is now encrypted
+model.field #=> 'Tromsø'
+model.field.encoding #=> #<Encoding:UTF-8>
+```
+
+## Adding encryption to an existing table
+
+If you are working with an existing table you would like to encrypt, you must use the `MyExistingModel.encrypt_table!` class method.
+
+```ruby
+class MyExistingModel < ActiveRecord::Base
+  crypt_keeper :field, :other_field, :encryptor => :aes_new, :key => 'super_good_password', salt: 'salt'
+end
+
+MyExistingModel.encrypt_table!
+```
+
+Running `encrypt_table!` will encrypt all rows in the database using the encryption method specificed by the `crypt_keeper` line in your model.
+
 ## Supported Available Encryptors
 
 There are four supported encryptors: `aes_new`, `mysql_aes_new`, `postgresql_pgp`, `postgres_pgp_public_key`.

data/gemfiles/activerecord_3_1.gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: /Users/justin/work/jmazzi/crypt_keeper
   specs:
-    crypt_keeper (0.16.0.pre)
+    crypt_keeper (0.17.0)
       activerecord (>= 3.1, < 4.2)
       activesupport (>= 3.1, < 4.2)
       aes (~> 0.5.0)
@@ -26,7 +26,7 @@ GEM
       bundler
       rake
     arel (2.2.3)
-    armor (0.0.2)
+    armor (0.0.3)
     builder (3.0.4)
     coderay (1.0.9)
     coveralls (0.7.0)

data/gemfiles/activerecord_3_2.gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: /Users/justin/work/jmazzi/crypt_keeper
   specs:
-    crypt_keeper (0.16.0.pre)
+    crypt_keeper (0.17.0)
       activerecord (>= 3.1, < 4.2)
       activesupport (>= 3.1, < 4.2)
       aes (~> 0.5.0)
@@ -26,7 +26,7 @@ GEM
       bundler
       rake
     arel (3.0.2)
-    armor (0.0.2)
+    armor (0.0.3)
     builder (3.0.4)
     coderay (1.0.9)
     coveralls (0.7.0)

data/gemfiles/activerecord_4_0.gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: /Users/justin/work/jmazzi/crypt_keeper
   specs:
-    crypt_keeper (0.16.0.pre)
+    crypt_keeper (0.17.0)
       activerecord (>= 3.1, < 4.2)
       activesupport (>= 3.1, < 4.2)
       aes (~> 0.5.0)
@@ -30,7 +30,7 @@ GEM
       bundler
       rake
     arel (4.0.0)
-    armor (0.0.2)
+    armor (0.0.3)
     atomic (1.1.14)
     builder (3.1.4)
     coderay (1.0.9)

data/gemfiles/activerecord_4_1.gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: /Users/justin/work/jmazzi/crypt_keeper
   specs:
-    crypt_keeper (0.16.0.pre)
+    crypt_keeper (0.17.0)
       activerecord (>= 3.1, < 4.2)
       activesupport (>= 3.1, < 4.2)
       aes (~> 0.5.0)

data/lib/crypt_keeper/model.rb

@@ -80,6 +80,22 @@ module CryptKeeper
         end
       end
 
+      # Public: Encrypt a table for the first time.
+      def encrypt_table!
+        enc       = encryptor_klass.new(crypt_keeper_options)
+        tmp_table = Class.new(ActiveRecord::Base).tap { |c| c.table_name = self.table_name }
+
+        transaction do
+          tmp_table.find_each do |r|
+            crypt_keeper_fields.each do |field|
+              r.send("#{field}=", enc.encrypt(r[field])) if r[field].present?
+            end
+
+            r.save!
+          end
+        end
+      end
+
       private
 
       # Private: The encryptor class

data/lib/crypt_keeper/version.rb

@@ -1,3 +1,3 @@
 module CryptKeeper
-  VERSION = "0.17.0"
+  VERSION = "0.18.0"
 end

data/spec/model_spec.rb

@@ -112,5 +112,20 @@ module CryptKeeper
         expect(record.storage.encoding.name).to eql('UTF-8')
       end
     end
+
+    context "Initial Table Encryption" do
+      before do
+        SensitiveData.crypt_keeper :storage, key: 'tool', salt: 'salt', encryptor: :aes_new, encoding: 'utf-8'
+        SensitiveData.delete_all
+        c = Class.new(ActiveRecord::Base).tap {|c| c.table_name = 'sensitive_data' }
+        5.times { |i|  c.create! storage: "testing#{i}" }
+      end
+
+      it "encrypts the table" do
+        expect { SensitiveData.first(5) }.to raise_error(OpenSSL::Cipher::CipherError)
+        SensitiveData.encrypt_table!
+        expect { SensitiveData.first(5) }.not_to raise_error
+      end
+    end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: crypt_keeper
 version: !ruby/object:Gem::Version
-  version: 0.17.0
+  version: 0.18.0
 platform: ruby
 authors:
 - Justin Mazzi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-01 00:00:00.000000000 Z
+date: 2014-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord