cryptonite 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +18 -9
- data/.rspec +2 -0
- data/.travis.yml +3 -0
- data/LICENSE.txt +1 -1
- data/README.md +32 -9
- data/Rakefile +4 -0
- data/cryptonite.gemspec +11 -7
- data/lib/cryptonite.rb +76 -2
- data/lib/cryptonite/version.rb +1 -1
- data/spec/cryptonite_spec.rb +60 -0
- data/spec/fixtures/keys/private.pem +30 -0
- data/spec/fixtures/keys/public.pem +9 -0
- data/spec/spec_helper.rb +97 -0
- metadata +89 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4dac9dced35c1976a89c1cb778a1d7e596a63f87
|
4
|
+
data.tar.gz: c6eeae2387c3a6489131763f5fef77c030af1cd0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 708efe2ec46234f57701d129edcc380b1d69108ab433a33e364285a278e22d9fe46c23647f70553864575bd214e2bf5253448a295403b021de99f18cdc3bcc9c
|
7
|
+
data.tar.gz: fdc02dc6897557a4e4bedca75594e6d689db844de8c162bb9e6a41217b01e465c3d468cb1f5e5f9660f44111879b7804f5c74663df0d54fc81054c9e24a94450
|
data/.gitignore
CHANGED
@@ -1,14 +1,23 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
1
|
+
*.gem
|
2
|
+
*.rbc
|
3
|
+
.bundle
|
4
|
+
.config
|
5
|
+
.yardoc
|
6
|
+
Gemfile.lock
|
7
|
+
InstalledFiles
|
8
|
+
_yardoc
|
9
|
+
coverage
|
10
|
+
doc/
|
11
|
+
lib/bundler/man
|
12
|
+
pkg
|
13
|
+
rdoc
|
14
|
+
spec/reports
|
15
|
+
test/tmp
|
16
|
+
test/version_tmp
|
17
|
+
tmp
|
10
18
|
*.bundle
|
11
19
|
*.so
|
12
20
|
*.o
|
13
21
|
*.a
|
14
22
|
mkmf.log
|
23
|
+
.env
|
data/.rspec
ADDED
data/.travis.yml
ADDED
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -1,30 +1,53 @@
|
|
1
1
|
# Cryptonite
|
2
2
|
|
3
|
-
|
3
|
+
This gem enables the encryption of specific ActiveRecord attributes using
|
4
|
+
public key encryption. The advantage is that write only operations do not
|
5
|
+
require the presence of the private key and thus front-end machines will not
|
6
|
+
expose encrypted data in the event of a security breach.
|
7
|
+
|
8
|
+
Of course you are as safe as your encryption algorithm and key, so no
|
9
|
+
guarantees there. Moreover, this library acts as a front-end to OpenSSL API of
|
10
|
+
the Ruby standard library, which handles the encryption, and should not be
|
11
|
+
considered as cryptography software.
|
4
12
|
|
5
13
|
## Installation
|
6
14
|
|
7
15
|
Add this line to your application's Gemfile:
|
8
16
|
|
9
|
-
|
10
|
-
gem 'cryptonite'
|
11
|
-
```
|
17
|
+
gem 'cryptonite'
|
12
18
|
|
13
19
|
And then execute:
|
14
20
|
|
15
21
|
$ bundle
|
16
22
|
|
17
|
-
|
23
|
+
## Usage
|
18
24
|
|
19
|
-
|
25
|
+
Cryptonite adds to ActiveRecord the `attr_encrypted` method, which is used to declare
|
26
|
+
the attributes that will be transparently encrypted, e.g.
|
20
27
|
|
21
|
-
|
28
|
+
attr_encrypted :secret, :another_secret
|
29
|
+
|
30
|
+
The library operates by overriding `read_attribute` and `write_attribute`
|
31
|
+
methods, intercepting with the encryption / decryption of the attribute value.
|
32
|
+
|
33
|
+
In order to encrypt the data the library should be provided with the public key
|
34
|
+
path, and respectively in order to decrypt them it requires the private key
|
35
|
+
path along with its password. Currently, those settings are set only in the
|
36
|
+
environment, using the variable names `PUBLIC_KEY_FILE`, `PRIVATE_KEY_FILE` and
|
37
|
+
`PRIVATE_KEY_PASSWORD`.
|
38
|
+
|
39
|
+
If an application does not need to retrieve the encrypted information it is not
|
40
|
+
required for the private key settings to be defined. However, please note that
|
41
|
+
during development the `inspect` method does call the `read_attribute` method
|
42
|
+
and hence it will fail if a private key is not provided.
|
22
43
|
|
23
|
-
|
44
|
+
Moreover, please note that ActiveRecord methods that operate massively on
|
45
|
+
records do not use the `read_attribute` and `write_attribute` methods and so
|
46
|
+
encryption / decryption does not take place there. This is by design.
|
24
47
|
|
25
48
|
## Contributing
|
26
49
|
|
27
|
-
1. Fork it ( https://github.com/
|
50
|
+
1. Fork it ( https://github.com/GaggleAMP/cryptonite/fork )
|
28
51
|
2. Create your feature branch (`git checkout -b my-new-feature`)
|
29
52
|
3. Commit your changes (`git commit -am 'Add some feature'`)
|
30
53
|
4. Push to the branch (`git push origin my-new-feature`)
|
data/Rakefile
CHANGED
data/cryptonite.gemspec
CHANGED
@@ -6,11 +6,11 @@ require 'cryptonite/version'
|
|
6
6
|
Gem::Specification.new do |spec|
|
7
7
|
spec.name = "cryptonite"
|
8
8
|
spec.version = Cryptonite::VERSION
|
9
|
-
spec.authors = ["
|
10
|
-
spec.email = ["
|
11
|
-
spec.summary = %q{
|
12
|
-
spec.description = %q{
|
13
|
-
spec.homepage = ""
|
9
|
+
spec.authors = ["GaggleAMP"]
|
10
|
+
spec.email = ["info@gaggleamp.com"]
|
11
|
+
spec.summary = %q{Enables the encryption of specific ActiveRecord attributes.}
|
12
|
+
spec.description = %q{Enables the encryption of specific ActiveRecord attributes.}
|
13
|
+
spec.homepage = "https://github.com/GaggleAMP/cryptonite"
|
14
14
|
spec.license = "MIT"
|
15
15
|
|
16
16
|
spec.files = `git ls-files -z`.split("\x0")
|
@@ -18,6 +18,10 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
19
|
spec.require_paths = ["lib"]
|
20
20
|
|
21
|
-
spec.add_development_dependency "bundler", "~> 1.
|
22
|
-
spec.add_development_dependency "rake"
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
22
|
+
spec.add_development_dependency "rake"
|
23
|
+
spec.add_development_dependency "rspec", "~> 3.1"
|
24
|
+
spec.add_development_dependency "sqlite3"
|
25
|
+
spec.add_dependency "activerecord", ">= 3.1", "< 4.2"
|
26
|
+
spec.add_dependency "activesupport", ">= 3.1", "< 4.2"
|
23
27
|
end
|
data/lib/cryptonite.rb
CHANGED
@@ -1,5 +1,79 @@
|
|
1
|
-
require
|
1
|
+
require 'cryptonite/version'
|
2
2
|
|
3
|
+
require 'openssl'
|
4
|
+
require 'base64'
|
5
|
+
|
6
|
+
require 'active_support/concern'
|
7
|
+
require 'active_support/lazy_load_hooks'
|
8
|
+
|
9
|
+
# Cryptonite
|
10
|
+
#
|
11
|
+
# Enables the encryption of specific ActiveRecord attributes.
|
3
12
|
module Cryptonite
|
4
|
-
|
13
|
+
extend ActiveSupport::Concern
|
14
|
+
|
15
|
+
PUBLIC_KEY = OpenSSL::PKey::RSA.new(File.read(ENV['PUBLIC_KEY_FILE'])) rescue nil
|
16
|
+
PRIVATE_KEY = OpenSSL::PKey::RSA.new(File.read(ENV['PRIVATE_KEY_FILE']), ENV['PRIVATE_KEY_PASSWORD']) rescue nil
|
17
|
+
|
18
|
+
included do
|
19
|
+
class_attribute :_attr_encrypted, instance_accessor: false
|
20
|
+
self._attr_encrypted = []
|
21
|
+
end
|
22
|
+
|
23
|
+
module ClassMethods
|
24
|
+
# Attributes listed as encrypted will be transparently encrypted and
|
25
|
+
# decrypted in database operations.
|
26
|
+
def attr_encrypted(*attributes)
|
27
|
+
self._attr_encrypted = Set.new(attributes.map { |a| a.to_s }) + (self._attr_encrypted || [])
|
28
|
+
end
|
29
|
+
|
30
|
+
# Returns an array of all the attributes that have been specified as encrypted.
|
31
|
+
def encrypted_attributes
|
32
|
+
self._attr_encrypted
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
# Wrap write_attribute to encrypt value.
|
37
|
+
def write_attribute(attr_name, value)
|
38
|
+
attr_name = attr_name.to_s
|
39
|
+
|
40
|
+
if self.class.encrypted_attributes.include?(attr_name)
|
41
|
+
value = encrypt(value)
|
42
|
+
end unless value.nil?
|
43
|
+
|
44
|
+
super(attr_name, value)
|
45
|
+
end
|
46
|
+
|
47
|
+
# Wrap read_attribute to encrypt value.
|
48
|
+
def read_attribute(attr_name)
|
49
|
+
attr_name = attr_name.to_s
|
50
|
+
|
51
|
+
if self.class.encrypted_attributes.include?(attr_name)
|
52
|
+
value = super(attr_name)
|
53
|
+
decrypt(value) unless value.nil?
|
54
|
+
else
|
55
|
+
super(attr_name)
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
private
|
60
|
+
# Encrypts a value with public key encryption. Keys should be defined in
|
61
|
+
# environment.
|
62
|
+
def encrypt(value)
|
63
|
+
raise ActiveRecord::ActiveRecordError.new("Undefined public key for encrypted attribute") if PUBLIC_KEY.nil?
|
64
|
+
|
65
|
+
Base64.encode64(PUBLIC_KEY.public_encrypt(value))
|
66
|
+
end
|
67
|
+
|
68
|
+
# Decrypts a value with public key encryption. Keys should be defined in
|
69
|
+
# environment.
|
70
|
+
def decrypt(value)
|
71
|
+
raise ActiveRecord::ActiveRecordError.new("Undefined private key for encrypted attribute") if PRIVATE_KEY.nil?
|
72
|
+
|
73
|
+
PRIVATE_KEY.private_decrypt(Base64.decode64(value))
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
ActiveSupport.on_load :active_record do
|
78
|
+
include Cryptonite
|
5
79
|
end
|
data/lib/cryptonite/version.rb
CHANGED
@@ -0,0 +1,60 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
require 'cryptonite'
|
4
|
+
|
5
|
+
require 'active_record'
|
6
|
+
|
7
|
+
describe Cryptonite do
|
8
|
+
before do
|
9
|
+
::ActiveRecord::Base.establish_connection(adapter: 'sqlite3',
|
10
|
+
encoding: 'utf8',
|
11
|
+
reconnect: false,
|
12
|
+
database: ':memory:')
|
13
|
+
|
14
|
+
::ActiveRecord::Schema.define do
|
15
|
+
create_table :sensitive_data, :force => true do |t|
|
16
|
+
t.column :secret, :text
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
subject {
|
22
|
+
Class.new(ActiveRecord::Base) do
|
23
|
+
def self.table_name
|
24
|
+
"sensitive_data"
|
25
|
+
end
|
26
|
+
end.tap { |obj| obj.attr_encrypted :secret }
|
27
|
+
}
|
28
|
+
|
29
|
+
context "with public key only" do
|
30
|
+
before do
|
31
|
+
stub_const('Cryptonite::PRIVATE_KEY', nil)
|
32
|
+
end
|
33
|
+
|
34
|
+
it 'encrypts field in database' do
|
35
|
+
secret = SecureRandom.hex(16)
|
36
|
+
|
37
|
+
subject.new(secret: secret).tap do |instance|
|
38
|
+
expect(
|
39
|
+
instance.instance_variable_get(:@attributes).send(:fetch, 'secret')
|
40
|
+
).not_to eq(secret)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
context "with private key only" do
|
46
|
+
before do
|
47
|
+
stub_const('Cryptonite::PUBLIC_KEY', nil)
|
48
|
+
end
|
49
|
+
|
50
|
+
it 'decrypts field in database' do
|
51
|
+
secret = SecureRandom.hex(16)
|
52
|
+
|
53
|
+
subject.new.tap do |instance|
|
54
|
+
instance.instance_variable_get(:@attributes).send(:store, 'secret', Base64.encode64(PUBLIC_FIXTURE_KEY.public_encrypt(secret)))
|
55
|
+
|
56
|
+
expect(instance.secret).to eq(secret)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: DES-EDE3-CBC,CC86888BC71B7C3E
|
4
|
+
|
5
|
+
u41zNI2NvN5NS8kr1gS5a5zFP8yIZLXicLn4jMeeGZYpSbzUqef8c6EGrhNloZbL
|
6
|
+
dIVynfpupUGkeDJJuhnkxr3RdXEXqUvJyzjrAeTUNEOK6oxohNRH8Gf3IvRYDrp5
|
7
|
+
peuPrU3nAJ0qtkifb/Ag+WZZSDLLDqsvlk3SL5j5bhlBE2sUIvKS/coFW0PqA4GK
|
8
|
+
Wk327Dizn+WtjjhsPG+e13m7X2nYyTSLyjNF2yFZJgug0cDbfRoTy7yWd3iQXyff
|
9
|
+
WNutT2LOGAZFsyaEcr1t/h2iBYuNg3+uL/uoCp/0IbNXAE6OmuhCYSu9Q/8ax9Ql
|
10
|
+
DDcqmcNfdEpf9aLED1rxziKlsVPKbX5jzx1BBM3XDKTn9ezBP+SK8E+ktRN7xO8Z
|
11
|
+
Ky9Ok6G9TQfZXZ2bSdzajk575KDRxQwKNt1AAE0ZpzP7UNIFxDwPLP5EoXY2HBvD
|
12
|
+
gbB8iJLHMQBYv/z1HsJQsKX4SU8wUjvXoI6YRDxrjMIGQTsrH0VTT3PSB1kOtame
|
13
|
+
lF5wX9oV+pJAr9mCh3H3jSZgJs5vG/VE1zuY+jRXS4wEghOpWbDykJj8QPpTVRcx
|
14
|
+
26m4D4F0DQbivBFHo6zjbs7clQHF4QakUWD5M7ZkhCzyP77q6BE6yboZHaVnx6n3
|
15
|
+
+xh4BO8Z+NFxjV4fE/BWE3h9Jc42AcBiY6po657Q2N0jT0kPHhyvScJNNLF6tnNw
|
16
|
+
lwsixoZcg1RdKJkgJrCxnfNI8XOHki4jyNMZ/0rgXVfe5CS+lWNHlOhjUOfi8lrR
|
17
|
+
u5vKnxr4H5kIcv++bWspPyntJiZ/EYiPs46Od0NjpEXiuGTGBpzIWHRgUNM+SM0v
|
18
|
+
aElSd3NJew5FlpoxV/Tz89iOySCd8lPZHC0F6Q08nMk5twR+UmZjCP8VSkr+vRh/
|
19
|
+
6hHtr+LbBlxMymhuWW1ZumQ3Zd2zRx9Jqnm8qhg4/mmACR5W5Rig0MjHXIQzREx+
|
20
|
+
MzxLTz1Zu/3FElXGmnP62t9OIFVCcmG4WNcxjF+yC6D6+VVJg5+fL8Wi2Vsv47WO
|
21
|
+
fbzp0B5qvR7MPdn6JkEJwUVAdkop5J2n+fL3TlX377csmAUg5mXq1mFxlQT/Ok+X
|
22
|
+
o8s/upMFMjd1xxIJPBNfZqYSKth/iI8AO6awFsuSYo56tnLJUDnww6HdhPwW4WC6
|
23
|
+
21hUSO961Xepv+5LCcXRMWuyfiGVR63i2rhjcVvzkyWIjQL5Bz/EL8t+PsfJNn7b
|
24
|
+
ZoWfWKJNRzBHSsz0oPj40PcAPjMqXQdLlKiH0SDLHpPv6igOBeLU/JLhDIfBy8nS
|
25
|
+
zs2WXMrMxrs3dnP8YPo0iH21GA2zATDQ/62N3WqEzo1Ehd1UudGf7tLO4U52fd96
|
26
|
+
56nC5F7oF+nSGVur7LFafkL/nhz4sFSLU4GuyMRW5H/4x8GSeHKwxgO/tk/E3BiE
|
27
|
+
vCYQ//sRmsCNosKoeAcDMIdk5nVE3RKN6kmZOCIebAsR5dnhXuvsYRP4YDkxbui1
|
28
|
+
U6yTa6Ztp7eqZ3k3YWNCbqkpWPOicyOZRqFC2O+BO6XyEjeasOgdCKqijjjtw1VH
|
29
|
+
StweYx8qHQ8+R4fZIP/1tqTSd2V78V+PuDrNvbPIEMPxqm02UpQrRg==
|
30
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,9 @@
|
|
1
|
+
-----BEGIN PUBLIC KEY-----
|
2
|
+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AXcleAUhp/OL33Pjjys
|
3
|
+
AM+G1jL5K5kGTipi5Nsx5LH5gDv5zPaoyqavLJ25ottM42y5XpUoXiPgMpja8Jv8
|
4
|
+
O8AQRPvjsmmOEhtN1bXcmW8iD+iBxN589tzM2D0gzwtG3GAjxW7hfoyCIU+Dv5td
|
5
|
+
pQ2gM9PkoOxTyOXM2GXY473CBQeyZidCF8u3xUm+mkbfU/O0zsn5xJA3kvzxIU3a
|
6
|
+
w9WkxzGIcRLPxFg9PCXh86IwgBSVmLNvh7E3feD/ownSOrEYoYuYtCo45scHx385
|
7
|
+
Nu1TmBp4D6OsMoGqT7h0vY5RFg6AOIOTkSfJ9/3tzw9uCay+6Fzzvj0XtqXGW38k
|
8
|
+
EQIDAQAB
|
9
|
+
-----END PUBLIC KEY-----
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
2
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
3
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause this
|
4
|
+
# file to always be loaded, without a need to explicitly require it in any files.
|
5
|
+
#
|
6
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
7
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
8
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
9
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
10
|
+
# a separate helper file that requires the additional dependencies and performs
|
11
|
+
# the additional setup, and require it from the spec files that actually need it.
|
12
|
+
#
|
13
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
14
|
+
# users commonly want.
|
15
|
+
#
|
16
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
17
|
+
RSpec.configure do |config|
|
18
|
+
# rspec-expectations config goes here. You can use an alternate
|
19
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
20
|
+
# assertions if you prefer.
|
21
|
+
config.expect_with :rspec do |expectations|
|
22
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
23
|
+
# and `failure_message` of custom matchers include text for helper methods
|
24
|
+
# defined using `chain`, e.g.:
|
25
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
26
|
+
# # => "be bigger than 2 and smaller than 4"
|
27
|
+
# ...rather than:
|
28
|
+
# # => "be bigger than 2"
|
29
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
30
|
+
end
|
31
|
+
|
32
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
33
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
34
|
+
config.mock_with :rspec do |mocks|
|
35
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
36
|
+
# a real object. This is generally recommended, and will default to
|
37
|
+
# `true` in RSpec 4.
|
38
|
+
mocks.verify_partial_doubles = true
|
39
|
+
end
|
40
|
+
|
41
|
+
# The settings below are suggested to provide a good initial experience
|
42
|
+
# with RSpec, but feel free to customize to your heart's content.
|
43
|
+
=begin
|
44
|
+
# These two settings work together to allow you to limit a spec run
|
45
|
+
# to individual examples or groups you care about by tagging them with
|
46
|
+
# `:focus` metadata. When nothing is tagged with `:focus`, all examples
|
47
|
+
# get run.
|
48
|
+
config.filter_run :focus
|
49
|
+
config.run_all_when_everything_filtered = true
|
50
|
+
|
51
|
+
# Limits the available syntax to the non-monkey patched syntax that is recommended.
|
52
|
+
# For more details, see:
|
53
|
+
# - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
|
54
|
+
# - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
|
55
|
+
# - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
|
56
|
+
config.disable_monkey_patching!
|
57
|
+
|
58
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
59
|
+
# be too noisy due to issues in dependencies.
|
60
|
+
config.warnings = true
|
61
|
+
|
62
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
63
|
+
# file, and it's useful to allow more verbose output when running an
|
64
|
+
# individual spec file.
|
65
|
+
if config.files_to_run.one?
|
66
|
+
# Use the documentation formatter for detailed output,
|
67
|
+
# unless a formatter has already been configured
|
68
|
+
# (e.g. via a command-line flag).
|
69
|
+
config.default_formatter = 'doc'
|
70
|
+
end
|
71
|
+
|
72
|
+
# Print the 10 slowest examples and example groups at the
|
73
|
+
# end of the spec run, to help surface which specs are running
|
74
|
+
# particularly slow.
|
75
|
+
config.profile_examples = 10
|
76
|
+
|
77
|
+
# Run specs in random order to surface order dependencies. If you find an
|
78
|
+
# order dependency and want to debug it, you can fix the order by providing
|
79
|
+
# the seed, which is printed after each run.
|
80
|
+
# --seed 1234
|
81
|
+
config.order = :random
|
82
|
+
|
83
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
84
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
85
|
+
# test failures related to randomization by passing the same `--seed` value
|
86
|
+
# as the one that triggered the failure.
|
87
|
+
Kernel.srand config.seed
|
88
|
+
=end
|
89
|
+
|
90
|
+
# Configure public key encryption for the EncryptedAttributes concern.
|
91
|
+
::PUBLIC_FIXTURE_KEY = OpenSSL::PKey::RSA.new(File.read(File.expand_path('../fixtures/keys/public.pem', __FILE__)))
|
92
|
+
::PRIVATE_FIXTURE_KEY = OpenSSL::PKey::RSA.new(File.read(File.expand_path('../fixtures/keys/private.pem', __FILE__)), 'test')
|
93
|
+
config.before do
|
94
|
+
stub_const('Cryptonite::PUBLIC_KEY', PUBLIC_FIXTURE_KEY)
|
95
|
+
stub_const('Cryptonite::PRIVATE_KEY', PRIVATE_FIXTURE_KEY)
|
96
|
+
end
|
97
|
+
end
|
metadata
CHANGED
@@ -1,10 +1,10 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cryptonite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- GaggleAMP
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
@@ -16,36 +16,106 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '1.
|
19
|
+
version: '1.6'
|
20
20
|
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '1.
|
26
|
+
version: '1.6'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
30
44
|
requirements:
|
31
45
|
- - "~>"
|
32
46
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
47
|
+
version: '3.1'
|
34
48
|
type: :development
|
35
49
|
prerelease: false
|
36
50
|
version_requirements: !ruby/object:Gem::Requirement
|
37
51
|
requirements:
|
38
52
|
- - "~>"
|
39
53
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
41
|
-
|
54
|
+
version: '3.1'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: sqlite3
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: activerecord
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '3.1'
|
76
|
+
- - "<"
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: '4.2'
|
79
|
+
type: :runtime
|
80
|
+
prerelease: false
|
81
|
+
version_requirements: !ruby/object:Gem::Requirement
|
82
|
+
requirements:
|
83
|
+
- - ">="
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: '3.1'
|
86
|
+
- - "<"
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: '4.2'
|
89
|
+
- !ruby/object:Gem::Dependency
|
90
|
+
name: activesupport
|
91
|
+
requirement: !ruby/object:Gem::Requirement
|
92
|
+
requirements:
|
93
|
+
- - ">="
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '3.1'
|
96
|
+
- - "<"
|
97
|
+
- !ruby/object:Gem::Version
|
98
|
+
version: '4.2'
|
99
|
+
type: :runtime
|
100
|
+
prerelease: false
|
101
|
+
version_requirements: !ruby/object:Gem::Requirement
|
102
|
+
requirements:
|
103
|
+
- - ">="
|
104
|
+
- !ruby/object:Gem::Version
|
105
|
+
version: '3.1'
|
106
|
+
- - "<"
|
107
|
+
- !ruby/object:Gem::Version
|
108
|
+
version: '4.2'
|
109
|
+
description: Enables the encryption of specific ActiveRecord attributes.
|
42
110
|
email:
|
43
|
-
-
|
111
|
+
- info@gaggleamp.com
|
44
112
|
executables: []
|
45
113
|
extensions: []
|
46
114
|
extra_rdoc_files: []
|
47
115
|
files:
|
48
116
|
- ".gitignore"
|
117
|
+
- ".rspec"
|
118
|
+
- ".travis.yml"
|
49
119
|
- Gemfile
|
50
120
|
- LICENSE.txt
|
51
121
|
- README.md
|
@@ -53,7 +123,11 @@ files:
|
|
53
123
|
- cryptonite.gemspec
|
54
124
|
- lib/cryptonite.rb
|
55
125
|
- lib/cryptonite/version.rb
|
56
|
-
|
126
|
+
- spec/cryptonite_spec.rb
|
127
|
+
- spec/fixtures/keys/private.pem
|
128
|
+
- spec/fixtures/keys/public.pem
|
129
|
+
- spec/spec_helper.rb
|
130
|
+
homepage: https://github.com/GaggleAMP/cryptonite
|
57
131
|
licenses:
|
58
132
|
- MIT
|
59
133
|
metadata: {}
|
@@ -76,5 +150,9 @@ rubyforge_project:
|
|
76
150
|
rubygems_version: 2.4.2
|
77
151
|
signing_key:
|
78
152
|
specification_version: 4
|
79
|
-
summary:
|
80
|
-
test_files:
|
153
|
+
summary: Enables the encryption of specific ActiveRecord attributes.
|
154
|
+
test_files:
|
155
|
+
- spec/cryptonite_spec.rb
|
156
|
+
- spec/fixtures/keys/private.pem
|
157
|
+
- spec/fixtures/keys/public.pem
|
158
|
+
- spec/spec_helper.rb
|