cryptonite 0.0.4 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 61b63389dfd44213ac19433d8410d60b9929adc0
-  data.tar.gz: 92b6e2b12c1587e944dae4697094c58d6ae0e633
+  metadata.gz: f702ef8016f18189a7874c4bf8dc927465620aaa
+  data.tar.gz: 8e53c002975cb9d83266b29c90d93bc39f395f2b
 SHA512:
-  metadata.gz: e8f067fbb753372ae450dc63f318adb03230b3c6253d543fa279e335b6f856de4d2b9f43c0701004d153192b5f2ab68da1cf16133b7fa4338287d952671a4817
-  data.tar.gz: 30f171edf9098386760dc322a9398342ab48e035d22ad13b5de712a3a5fccca33e180a6be40efdaf3153c2cbdc045d10daf68ad6a596cff85c0ea83db48c3d3a
+  metadata.gz: 7917a42f42863c853e9cfc2c5aa8efe94b60960872d787332759ee719545b7b678acdc1d53eeb3b83e422a1e9ade109663598b93c27c9db53324a21a0200bc57
+  data.tar.gz: aa4615f0259f2e0b9b3498eec6b65fb802c8d1610f8ae399d58b75adb0eedd292466294fb636a7c2698b116c0d8ac0695f0a6f64daacdd37d73c1fc8afc2ca0c

data/.rubocop.yml

@@ -0,0 +1,63 @@
+AllCops:
+  RunRailsCops: true
+  Exclude:
+    # Rubocop's default
+    - 'vendor/**/*'
+    # To ensure smooth `rake rails:update`, we exclude some of the Rails' generated files
+    # please add new Rails' generated files to this list after running `rake rails:update` (if any)
+    # please add your exclude specific for this project after this section
+    - 'bin/**/*'
+    - 'config/boot.rb'
+    - 'config/application.rb'
+    - 'config/environment.rb'
+    - 'config/environments/development.rb'
+    - 'config/environments/production.rb'
+    - 'config/environments/test.rb'
+    - 'config/initializers/assets.rb'
+    - 'config/initializers/backtrace_silencers.rb'
+    - 'config/initializers/cookies_serializer.rb'
+    - 'config/initializers/filter_parameter_logging.rb'
+    - 'config/initializers/inflections.rb'
+    - 'config/initializers/mime_types.rb'
+    - 'config/initializers/session_store.rb'
+    - 'config/initializers/wrap_parameters.rb'
+    - 'db/schema.rb'
+    - 'script/**/*'
+    # Common generated files (projects independent)
+    - 'config/unicorn.rb'
+    - 'config/initializers/devise.rb'
+    # Add your exclude files specific to this project here
+    - 'config/initializers/maps.rb'
+
+Style/AlignParameters:
+  Enabled: true
+  EnforcedStyle: with_fixed_indentation
+
+Style/Documentation:
+  Enabled: false
+
+# If the project still supporting ruby 1.8, uncomment the following lines to force Rubocop
+# to use old hash_rockets syntax, if left commented, Rubocop will force the newer ruby19 syntax
+# Style/HashSyntax:
+#   EnforcedStyle: hash_rockets
+
+Style/SingleSpaceBeforeFirstArg:
+  Enabled: false
+
+##################### Metrics ##################################
+
+Metrics/LineLength:
+  Max: 120
+  AllowURI: true
+
+Metrics/MethodLength:
+  CountComments: false
+  Exclude:
+    - 'db/migrate/*'
+
+
+# Project specific settings
+
+Style/BlockComments:
+  Exclude:
+    - 'spec/spec_helper.rb'

data/.travis.yml

@@ -1,3 +1,4 @@
+sudo: false
 language: ruby
 cache:
   - bundler
@@ -5,3 +6,5 @@ rvm:
   - 2.1.4
   - 2.0.0
   - 1.9.3
+before_script:
+  - bundle exec rubocop -D

data/README.md

@@ -46,6 +46,35 @@ ActiveRecord methods that operate massively on records do not use the
 serialization features and so encryption / decryption does not take place
 there. This is by design.
 
+*Note: Currently the independency on private key is not fully implemented.*
+
+### Migration Helpers
+
+In order to facilitate migration two module methods have been implemented that
+operate independently from the ActiveRecord models. In a migration file the
+`Cryptonite.encrypt_model_attributes` may be used to facilitate upwards
+migration and `Cryptonite.decrypt_model_attributes` for downwards migration.
+The parameters is the ActiveRecord model class and the exact same parameters as
+the `attr_encrypted` method, e.g.
+
+    class ChangeSecretInUsers < ActiveRecord::Migration
+      def up
+        change_column :users, :secret, :text, limit: 4096
+    
+        say_with_time "encrypt_user_secrets" do
+          Cryptonite.encrypt_model_attributes(User, :secret, keypair: 'private_key.pem', private_key_password: 'test')
+        end
+      end
+    
+      def down
+        say_with_time "decrypt_user_secrets" do
+          Cryptonite.decrypt_model_attributes(User, :secret, keypair: 'private_key.pem', private_key_password: 'test')
+        end
+    
+        change_column :users, :secret, :string
+      end
+    end
+
 ## Key Generation
 
 Generate a key pair:

data/Rakefile

@@ -1,6 +1,6 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/cryptonite.gemspec

@@ -4,24 +4,25 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'cryptonite/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "cryptonite"
+  spec.name          = 'cryptonite'
   spec.version       = Cryptonite::VERSION
-  spec.authors       = ["GaggleAMP"]
-  spec.email         = ["info@gaggleamp.com"]
-  spec.summary       = %q{Enables the encryption of specific ActiveRecord attributes.}
-  spec.description   = %q{Enables the encryption of specific ActiveRecord attributes.}
-  spec.homepage      = "https://github.com/GaggleAMP/cryptonite"
-  spec.license       = "MIT"
+  spec.authors       = ['GaggleAMP']
+  spec.email         = ['info@gaggleamp.com']
+  spec.summary       = 'Enables the encryption of specific ActiveRecord attributes.'
+  spec.description   = 'Enables the encryption of specific ActiveRecord attributes.'
+  spec.homepage      = 'https://github.com/GaggleAMP/cryptonite'
+  spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0")
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ["lib"]
+  spec.executables   = spec.files.grep(/^bin\//) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(/^(test|spec|features)\//)
+  spec.require_paths = ['lib']
 
-  spec.add_development_dependency "bundler", "~> 1.6"
-  spec.add_development_dependency "rake"
-  spec.add_development_dependency "rspec", "~> 3.1"
-  spec.add_development_dependency "sqlite3"
-  spec.add_dependency "activerecord",  ">= 4.0", "< 4.2"
-  spec.add_dependency "activesupport", ">= 4.0", "< 4.2"
+  spec.add_development_dependency 'bundler', '~> 1.6'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec', '~> 3.1'
+  spec.add_development_dependency 'sqlite3'
+  spec.add_development_dependency 'rubocop'
+  spec.add_dependency 'activerecord',  '>= 4.0', '< 4.2'
+  spec.add_dependency 'activesupport', '>= 4.0', '< 4.2'
 end

data/lib/cryptonite.rb

@@ -1,7 +1,7 @@
 require 'cryptonite/version'
 
-require 'openssl'
-require 'base64'
+require 'cryptonite/coder'
+require 'cryptonite/key_extractor'
 
 require 'active_support/concern'
 require 'active_support/lazy_load_hooks'
@@ -18,75 +18,77 @@ module Cryptonite
   end
 
   module ClassMethods
+    include Cryptonite::KeyExtractor
+
     # Attributes listed as encrypted will be transparently encrypted and
     # decrypted in database operations.
     def attr_encrypted(*attributes)
       options = attributes.extract_options!
 
-      @public_key = get_rsa_key(options[:public_key] || options[:key_pair] || ENV['PUBLIC_KEY'])
-      @private_key = get_rsa_key(options[:private_key] || options[:key_pair] || ENV['PRIVATE_KEY'], options[:private_key_password] || ENV['PRIVATE_KEY_PASSWORD'])
+      public_key = extract_public_key(options)
+      private_key = extract_private_key(options)
 
-      for attribute in attributes do
-        serialize attribute, Coder.new(@private_key || @public_key)
-      end
+      serialize_attributes_with_coder(attributes, private_key || public_key)
 
-      self._attr_encrypted = Set.new(attributes.map { |a| a.to_s }) + (self._attr_encrypted || [])
+      self._attr_encrypted = Set.new(attributes.map(&:to_s)) + (_attr_encrypted || [])
     end
 
     # Returns an array of all the attributes that have been specified as encrypted.
     def encrypted_attributes
-      self._attr_encrypted
+      _attr_encrypted
     end
 
-  private
-    # Retrives an RSA key with multiple ways.
-    def get_rsa_key(key, password = nil)
-      return nil unless key
+    private
 
-      if key.is_a?(Proc)
-        key = key.call
+    # Serializes all attributes with encryption coder.
+    def serialize_attributes_with_coder(attributes, key)
+      attributes.each do |attribute|
+        serialize attribute, Coder.new(key)
       end
+    end
+  end
 
-      if key.is_a?(Symbol)
-        key = @instance.send(key)
-      end
+  module_function
 
-      return key if key.is_a?(::OpenSSL::PKey::RSA)
+  # Encrypts attributes of a specific model. This method is indended for migration purposes. It takes the same arguments
+  # as the `attr_encrypted` class method.
+  def encrypt_model_attributes(model, *attributes) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
+    fail ArgumentError, "ActiveRecord::Base expected, got #{model.inspect}" unless model <= ActiveRecord::Base
 
-      if key.respond_to?(:read)
-        key = key.read
-      elsif key !~ /^-+BEGIN .* KEY-+$/
-        key = File.read(key)
-      end
+    options = attributes.extract_options!
+    encrypted_attributes = attributes.map(&:to_s) & model.column_names
+    coder = Coder.new extract_public_key(options)
 
-      if password.nil?
-        ::OpenSSL::PKey::RSA.new(key)
-      else
-        ::OpenSSL::PKey::RSA.new(key, password.to_s)
-      end
+    model.find_each do |record|
+      updated_columns =
+        encrypted_attributes.each_with_object({}) do |attribute, values|
+          values[attribute] = coder.encrypt(record.typecasted_attribute_value attribute)
+        end
+
+      record.update_columns(updated_columns)
     end
   end
 
-  class Coder # :nodoc:
-    def initialize(key)
-      raise ArgumentError unless key.is_a?(::OpenSSL::PKey::RSA)
-      @key = key
-    end
+  # Decrypts attributes of a specific model. This method is indended for migration purposes. It takes the same arguments
+  # as the `attr_encrypted` class method. It requires a private key to decrypt the data.
+  def decrypt_model_attributes(model, *attributes) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
+    fail ArgumentError, "ActiveRecord::Base expected, got #{model.inspect}" unless model <= ActiveRecord::Base
 
-    # Encrypts a value with public key encryption. Keys should be defined in
-    # environment.
-    def encrypt(value)
-      Base64.encode64(@key.public_encrypt(value)) if value
-    end
-    alias :dump :encrypt
+    options = attributes.extract_options!
+    encrypted_attributes = attributes.map(&:to_s) & model.column_names
+    coder = Coder.new extract_private_key(options)
+
+    model.find_each do |record|
+      updated_columns =
+        encrypted_attributes.each_with_object({}) do |attribute, values|
+          values[attribute] = coder.decrypt(record.read_attribute_before_type_cast attribute)
+        end
 
-    # Decrypts a value with public key encryption. Keys should be defined in
-    # environment.
-    def decrypt(value)
-      @key.private_decrypt(Base64.decode64(value)) if value
+      record.update_columns(updated_columns)
     end
-    alias :load :decrypt
   end
+
+  extend KeyExtractor
 end
 
 ActiveSupport.on_load :active_record do

data/lib/cryptonite/coder.rb

@@ -0,0 +1,37 @@
+require 'openssl'
+require 'base64'
+
+module Cryptonite
+  class Coder # :nodoc:
+    HEADER = "Cryptonite #{VERSION}: "
+    BASE64_REGEXP = %r{([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{4}|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}==)}
+    SEMVER_REGEXP = /
+      \bv?(?:0|[1-9][0-9]*)\.(?:0|[1-9][0-9]*)\.
+      (?:0|[1-9][0-9]*)(?:-[\da-z\-]+(?:\.[\da-z\-]+)*)?(?:\+[\da-z\-]+(?:\.[\da-z\-]+)*)?\b
+    /ix
+    REGEXP = /^Cryptonite #{SEMVER_REGEXP}: (?<value>#{BASE64_REGEXP})$/
+
+    def initialize(key)
+      fail ArgumentError unless key.is_a?(::OpenSSL::PKey::RSA)
+      @key = key
+    end
+
+    # Encrypts a value with public key encryption. Keys should be defined in
+    # environment.
+    def encrypt(value)
+      return unless value
+      fail ArgumentError, 'Value is already encrypted' if value.match(REGEXP)
+      HEADER + Base64.strict_encode64(@key.public_encrypt(value))
+    end
+    alias_method :dump, :encrypt
+
+    # Decrypts a value with public key encryption. Keys should be defined in
+    # environment.
+    def decrypt(value)
+      return unless value
+      fail ArgumentError, 'Value is not encrypted' unless value.match(REGEXP)
+      @key.private_decrypt(Base64.strict_decode64(Regexp.last_match(:value)))
+    end
+    alias_method :load, :decrypt
+  end
+end

data/lib/cryptonite/key_extractor.rb

@@ -0,0 +1,50 @@
+module Cryptonite
+  module KeyExtractor # :nodoc:
+    private
+
+    # Extracts public key from options or the environment.
+    def extract_public_key(options)
+      extract_key(options[:public_key] || options[:key_pair] || ENV['PUBLIC_KEY'])
+    end
+
+    # Extracts private key from options or the environment.
+    def extract_private_key(options)
+      extract_key(
+        options[:private_key] || options[:key_pair] || ENV['PRIVATE_KEY'],
+        options[:private_key_password] || ENV['PRIVATE_KEY_PASSWORD']
+      )
+    end
+
+    # Retrives an RSA key with multiple ways.
+    def extract_key(key, password = nil)
+      return nil unless key
+
+      case key
+      when Proc then extract_key_from_proc(key, password)
+      when Symbol then extract_key_from_method(key, password)
+      when ::OpenSSL::PKey::RSA then key
+      else
+        key = retrieve_key_string_from_stream(key)
+        return ::OpenSSL::PKey::RSA.new(key) if password.nil?
+        ::OpenSSL::PKey::RSA.new(key, password.to_s)
+      end
+    end
+
+    # Retrives an RSA key with a `proc` block.
+    def extract_key_from_proc(proc, password = nil)
+      extract_key(proc.call, password)
+    end
+
+    # Retrives an RSA key with a method symbol.
+    def extract_key_from_method(method, password = nil)
+      extract_key(@instance.send(method), password)
+    end
+
+    # Retrives a key string from a stream.
+    def retrieve_key_string_from_stream(stream)
+      return stream.read if stream.respond_to?(:read)
+      return File.read(stream) if stream.to_s !~ /^-+BEGIN .* KEY-+$/
+      stream
+    end
+  end
+end

data/lib/cryptonite/version.rb

@@ -1,3 +1,3 @@
 module Cryptonite
-  VERSION = "0.0.4"
+  VERSION = '0.1.0'
 end

data/spec/cryptonite/coder_spec.rb

@@ -0,0 +1,53 @@
+require 'spec_helper'
+
+require 'cryptonite/coder'
+
+describe Cryptonite::Coder do
+  context 'with private key' do
+    subject do
+      Cryptonite::Coder.new(PRIVATE_FIXTURE_KEY)
+    end
+
+    it 'encrypts a value' do
+      value = SecureRandom.hex(16)
+
+      expect(subject.encrypt value).not_to eq(value)
+    end
+
+    it 'decrypts a value' do
+      value = SecureRandom.hex(16)
+      encrypted_value = Cryptonite::Coder::HEADER + Base64.strict_encode64(PUBLIC_FIXTURE_KEY.public_encrypt(value))
+
+      expect(subject.decrypt encrypted_value).to eq(value)
+    end
+
+    it 'handles nil values' do
+      expect(subject.encrypt nil).to be_nil
+      expect(subject.decrypt nil).to be_nil
+    end
+  end
+
+  context 'with public key only' do
+    subject do
+      Cryptonite::Coder.new(PUBLIC_FIXTURE_KEY)
+    end
+
+    it 'encrypts a value' do
+      value = SecureRandom.hex(16)
+
+      expect(subject.encrypt value).not_to eq(value)
+    end
+
+    it 'cannot decrypt a value' do
+      value = SecureRandom.hex(16)
+      encrypted_value = Cryptonite::Coder::HEADER + Base64.strict_encode64(PUBLIC_FIXTURE_KEY.public_encrypt(value))
+
+      expect { subject.decrypt encrypted_value }.to raise_error(OpenSSL::PKey::RSAError)
+    end
+
+    it 'handles nil values' do
+      expect(subject.encrypt nil).to be_nil
+      expect(subject.decrypt nil).to be_nil
+    end
+  end
+end

data/spec/cryptonite_spec.rb

@@ -12,21 +12,22 @@ describe Cryptonite do
                                               database: ':memory:')
 
     ::ActiveRecord::Schema.define do
-      create_table :sensitive_data, :force => true do |t|
+      create_table :sensitive_data, force: true do |t|
         t.column :secret, :text
+        t.column :another_secret, :text
       end
     end
   end
 
-  subject {
+  subject do
     Class.new(ActiveRecord::Base) do
       def self.table_name
-        "sensitive_data"
-      end    
+        'sensitive_data'
+      end
     end
-  }
+  end
 
-  context "with private key" do
+  context 'with private key' do
     before do
       subject.tap { |obj| obj.attr_encrypted :secret, key_pair: PRIVATE_FIXTURE_KEY }
     end
@@ -35,9 +36,7 @@ describe Cryptonite do
       secret = SecureRandom.hex(16)
 
       subject.new(secret: secret).tap do |instance|
-        expect(
-          instance.instance_variable_get(:@attributes).send(:fetch, 'secret').serialized_value
-        ).not_to eq(secret)
+        expect(instance.typecasted_attribute_value 'secret').not_to eq(secret)
       end
     end
 
@@ -45,23 +44,21 @@ describe Cryptonite do
       secret = SecureRandom.hex(16)
 
       subject.new.tap do |instance|
-        instance.instance_variable_get(:@attributes).send(:fetch, 'secret').value = Base64.encode64(PUBLIC_FIXTURE_KEY.public_encrypt(secret))
+        instance.raw_write_attribute('secret', Cryptonite::Coder.new(PUBLIC_FIXTURE_KEY).encrypt(secret))
 
-        expect(instance.secret).to eq(secret)
+        expect(instance.read_attribute_before_type_cast 'secret').to eq(secret)
       end
     end
 
     it 'handles nil values' do
       subject.new(secret: nil).tap do |instance|
-        expect(
-          instance.instance_variable_get(:@attributes).send(:fetch, 'secret').serialized_value
-        ).to be_nil
+        expect(instance.typecasted_attribute_value 'secret').to be_nil
       end
 
       subject.new.tap do |instance|
-        instance.instance_variable_get(:@attributes).send(:fetch, 'secret').value = nil
+        instance.raw_write_attribute('secret', nil)
 
-        expect(instance.secret).to be_nil
+        expect(instance.read_attribute_before_type_cast 'secret').to be_nil
       end
     end
 
@@ -69,16 +66,13 @@ describe Cryptonite do
       secret = SecureRandom.hex(16)
 
       subject.create(secret: secret).reload.tap do |instance|
-        expect(
-          instance.instance_variable_get(:@attributes).send(:fetch, 'secret').serialized_value
-        ).not_to eq(secret)
-
-        expect(instance.secret).to eq(secret)
+        expect(instance.typecasted_attribute_value 'secret').not_to eq(secret)
+        expect(instance.read_attribute_before_type_cast 'secret').to eq(secret)
       end
     end
   end
 
-  context "with public key only" do
+  context 'with public key only' do
     before do
       subject.tap { |obj| obj.attr_encrypted :secret, public_key: PUBLIC_FIXTURE_KEY }
     end
@@ -87,9 +81,7 @@ describe Cryptonite do
       secret = SecureRandom.hex(16)
 
       subject.new(secret: secret).tap do |instance|
-        expect(
-          instance.instance_variable_get(:@attributes).send(:fetch, 'secret').serialized_value
-        ).not_to eq(secret)
+        expect(instance.typecasted_attribute_value 'secret').not_to eq(secret)
       end
     end
 
@@ -97,24 +89,54 @@ describe Cryptonite do
       secret = SecureRandom.hex(16)
 
       subject.new.tap do |instance|
-        instance.instance_variable_get(:@attributes).send(:fetch, 'secret').value = Base64.encode64(PUBLIC_FIXTURE_KEY.public_encrypt(secret))
+        instance.raw_write_attribute('secret', Cryptonite::Coder.new(PUBLIC_FIXTURE_KEY).encrypt(secret))
 
-        expect{ instance.secret }.to raise_error OpenSSL::PKey::RSAError
+        expect { instance.read_attribute_before_type_cast 'secret' }.to raise_error OpenSSL::PKey::RSAError
       end
     end
 
     it 'handles nil values' do
       subject.new(secret: nil).tap do |instance|
-        expect(
-          instance.instance_variable_get(:@attributes).send(:fetch, 'secret').serialized_value
-        ).to be_nil
+        expect(instance.typecasted_attribute_value 'secret').to be_nil
       end
 
       subject.new.tap do |instance|
-        instance.instance_variable_get(:@attributes).send(:fetch, 'secret').value = nil
+        instance.raw_write_attribute('secret', nil)
 
-        expect(instance.secret).to be_nil
+        expect(instance.read_attribute_before_type_cast 'secret').to be_nil
       end
     end
   end
+
+  context 'during upwards migration' do
+    before do
+      @secret = SecureRandom.hex(16)
+      subject.create(secret: @secret)
+
+      subject.tap { |obj| obj.attr_encrypted :secret, key_pair: PRIVATE_FIXTURE_KEY }
+    end
+
+    it 'encrypts field in database' do
+      expect { subject.last.read_attribute_before_type_cast 'secret' }.to raise_error ArgumentError
+
+      Cryptonite.encrypt_model_attributes(subject, :secret, public_key: PUBLIC_FIXTURE_KEY)
+
+      expect(subject.last.read_attribute_before_type_cast 'secret').to eq(@secret)
+    end
+  end
+
+  context 'during downwards migration' do
+    before do
+      @secret = SecureRandom.hex(16)
+      subject.dup.tap { |obj| obj.attr_encrypted :secret, key_pair: PRIVATE_FIXTURE_KEY }.create(secret: @secret)
+    end
+
+    it 'decrypts field in database' do
+      expect(subject.last.read_attribute 'secret').not_to eq(@secret)
+
+      Cryptonite.decrypt_model_attributes(subject, :secret, key_pair: PRIVATE_FIXTURE_KEY)
+
+      expect(subject.last.read_attribute 'secret').to eq(@secret)
+    end
+  end
 end

data/spec/spec_helper.rb

@@ -88,6 +88,8 @@ RSpec.configure do |config|
 =end
 
   # Configure public key encryption for the Cryptonite concern.
-  ::PUBLIC_FIXTURE_KEY = OpenSSL::PKey::RSA.new(File.read(File.expand_path('../fixtures/keys/public.pem', __FILE__)))
-  ::PRIVATE_FIXTURE_KEY = OpenSSL::PKey::RSA.new(File.read(File.expand_path('../fixtures/keys/private.pem', __FILE__)), 'test')
+  ::PUBLIC_FIXTURE_KEY =
+    OpenSSL::PKey::RSA.new(File.read(File.expand_path('../fixtures/keys/public.pem', __FILE__)))
+  ::PRIVATE_FIXTURE_KEY =
+    OpenSSL::PKey::RSA.new(File.read(File.expand_path('../fixtures/keys/private.pem', __FILE__)), 'test')
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cryptonite
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.1.0
 platform: ruby
 authors:
 - GaggleAMP
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-16 00:00:00.000000000 Z
+date: 2015-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -66,6 +66,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
@@ -115,6 +129,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
 - ".travis.yml"
 - Gemfile
 - LICENSE.txt
@@ -122,7 +137,10 @@ files:
 - Rakefile
 - cryptonite.gemspec
 - lib/cryptonite.rb
+- lib/cryptonite/coder.rb
+- lib/cryptonite/key_extractor.rb
 - lib/cryptonite/version.rb
+- spec/cryptonite/coder_spec.rb
 - spec/cryptonite_spec.rb
 - spec/fixtures/keys/private.pem
 - spec/fixtures/keys/public.pem
@@ -152,6 +170,7 @@ signing_key:
 specification_version: 4
 summary: Enables the encryption of specific ActiveRecord attributes.
 test_files:
+- spec/cryptonite/coder_spec.rb
 - spec/cryptonite_spec.rb
 - spec/fixtures/keys/private.pem
 - spec/fixtures/keys/public.pem