encrypt_attr 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 7d7a8ac4f58ba91632d01b7380b19c5c5f16bfce
4
+ data.tar.gz: f6b3c3b8d5ee257415283fd5865e6be0e215b328
5
+ SHA512:
6
+ metadata.gz: 98ca694d0fafbfa8a42ccb317c1cf39109869a1e1c7f0c1c1ece4a6e0d1769a3cb92b92d3307e233ae34595f58bcafabe126bc5c9ead60ae05ad38af264415cb
7
+ data.tar.gz: 4b26149a8078efce5c4b56b79413f1ebe077c7742244701a6de97b8021886f80edaacca7025965a9d8548ee5d9d9d9000de5cf98c1335f567f9d5a2f04280374
data/.gitignore ADDED
@@ -0,0 +1,9 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
data/.travis.yml ADDED
@@ -0,0 +1,11 @@
1
+ language: ruby
2
+ cache: bundler
3
+ sudo: false
4
+ rvm:
5
+ - '2.0'
6
+ - '2.1'
7
+ - '2.2'
8
+ addons:
9
+ code_climate:
10
+ repo_token:
11
+ secure: "4vr2TYLMkquEL3/7mnnmE9diuQ98ug3iNw3eXB69JCC5OIW8DGRlL20/44+dh6xEImkkvp6bKQQrikvYTMpqrDi4MeAYFHzAWw2p7Oc+A5bGERamByTakM0wyl9ypnwHGzpleBoHShk7TP/Dpl6w25ME1QPb67qF8uPeeIQJQzE="
data/CHANGELOG.md ADDED
@@ -0,0 +1,5 @@
1
+ # Changelog
2
+
3
+ ## v0.1.0
4
+
5
+ - Initial release.
@@ -0,0 +1,13 @@
1
+ # Contributor Code of Conduct
2
+
3
+ As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
4
+
5
+ We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, age, or religion.
6
+
7
+ Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
8
+
9
+ Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.
10
+
11
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers.
12
+
13
+ This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)
data/Gemfile ADDED
@@ -0,0 +1,2 @@
1
+ source 'https://rubygems.org'
2
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2015 Nando Vieira
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,146 @@
1
+ # EncryptAttr
2
+
3
+ [![Build Status](https://travis-ci.org/fnando/encrypt_attr.svg)](https://travis-ci.org/fnando/encrypt_attr)
4
+ [![Code Climate](https://codeclimate.com/github/fnando/encrypt_attr/badges/gpa.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
5
+ [![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
6
+
7
+ Encrypt attributes using AES-256-CBC (or your custom encryption algorithm). Works with and without ActiveRecord.
8
+
9
+ ## Installation
10
+
11
+ Add this line to your application's Gemfile:
12
+
13
+ ```ruby
14
+ gem 'encrypt_attr'
15
+ ```
16
+
17
+ And then execute:
18
+
19
+ $ bundle
20
+
21
+ Or install it yourself as:
22
+
23
+ $ gem install encrypt_attr
24
+
25
+ ## Usage
26
+
27
+ The most basic usage is including the `EncryptAttr` module.
28
+
29
+ ```ruby
30
+ class User
31
+ include EncryptAttr
32
+ attr_accessor :encrypted_api_key
33
+ encrypt_attr :api_key
34
+ end
35
+ ```
36
+
37
+ The `encrypt_attr` method has some aliases, so you can also use any of these:
38
+
39
+ - `attr_encrypt`
40
+ - `attr_encrypted`
41
+ - `attr_vault`
42
+ - `encrypt_attr`
43
+ - `encrypt_attribute`
44
+ - `encrypted_attr`
45
+ - `encrypted_attribute`
46
+
47
+ This assumes that you have a `encrypted_api_key` attribute. By default, the value is encrypted using a global secret token. You can set a custom token by setting `EncryptAttr.secret_token`; you have that use 100 characters or more (e.g. `$ openssl rand -hex 50`).
48
+
49
+ ```ruby
50
+ EncryptAttr.secret_token = 'abc123'
51
+ ```
52
+
53
+ You can also set the secret token per attribute basis.
54
+
55
+ ```ruby
56
+ class User
57
+ include EncryptAttr
58
+ attr_accessor :encrypted_api_key
59
+ encrypt_attr :api_key, secret: USER_SECRET_TOKEN
60
+ end
61
+ ```
62
+
63
+ To access the decrypted value, just use the method with the same name.
64
+
65
+ ```ruby
66
+ user = User.new
67
+ user.api_key = 'abc123'
68
+ user.api_key #=> abc123
69
+ user.encrypted_api_key #=> UcnhbnAl1Rmvt1mkG0m1FA...
70
+
71
+ user.api_key = 'newsecret'
72
+ user.api_key #=> newsecret
73
+ user.encrypted_api_key #=> JgH5dFGl8HnJNEloXZ6qSg...
74
+ ```
75
+
76
+ You encrypt multiple attributes at once.
77
+
78
+ ```ruby
79
+ class User
80
+ include EncryptAttr
81
+ attr_accessor :encrypted_api_key
82
+ encrypt_attr :api_key, :api_client_id
83
+ end
84
+ ```
85
+
86
+ ### ActiveRecord integration
87
+
88
+ You can also use encrypted attributes with ActiveRecord. If ActiveRecord is available, it's included automatically. You can also manually include `EncryptAttr::Base` or require `encrypt_attr/activerecord`.
89
+
90
+ ```ruby
91
+ class User < ActiveRecord::Base
92
+ encrypt_attr :api_key
93
+ end
94
+ ```
95
+
96
+ The usage is pretty much the same, and you can set a secret for each attribute. The example above will require a column name `encrypted_api_key`.
97
+
98
+ ```ruby
99
+ class AddEncryptedApiKeyToUsers < ActiveRecord::Base
100
+ def change
101
+ add_column :users, :encrypted_api_key, :text, null: false
102
+ end
103
+ end
104
+ ```
105
+
106
+ ### Using a custom encryption
107
+
108
+ You can define your encryption engine by defining an object that responds to `encrypt(secret_token, value)` and `decrypt(secret_token, value)`. Here's an example:
109
+
110
+ ```ruby
111
+ module ReverseEncryptor
112
+ def self.encrypt(secret_token, value)
113
+ value.to_s.reverse
114
+ end
115
+
116
+ def self.decrypt(secret_token, value)
117
+ value.to_s.reverse
118
+ end
119
+ end
120
+
121
+ EncryptAttr.encryptor = ReverseEncryptor
122
+
123
+ class User
124
+ include EncryptAttr
125
+ attr_accessor :encrypted_api_key
126
+ attr_encrypted :api_key
127
+ end
128
+
129
+ user = User.new
130
+ user.api_key = 'API_KEY'
131
+ user.encrypted_api_key #=> 'YEK_IPA'
132
+ ```
133
+
134
+ ## Development
135
+
136
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `bin/console` for an interactive prompt that will allow you to experiment.
137
+
138
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release` to create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
139
+
140
+ ## Contributing
141
+
142
+ 1. Fork it ( https://github.com/fnando/encrypt_attr/fork )
143
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
144
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
145
+ 4. Push to the branch (`git push origin my-new-feature`)
146
+ 5. Create a new Pull Request
data/Rakefile ADDED
@@ -0,0 +1,11 @@
1
+ require 'bundler/gem_tasks'
2
+ require 'rake/testtask'
3
+
4
+ Rake::TestTask.new(:spec) do |t|
5
+ t.libs << 'spec'
6
+ t.libs << 'lib'
7
+ t.test_files = FileList['spec/**/*_spec.rb']
8
+ end
9
+
10
+ task :default => :spec
11
+
@@ -0,0 +1,26 @@
1
+ require './lib/encrypt_attr/version'
2
+
3
+ Gem::Specification.new do |spec|
4
+ spec.name = 'encrypt_attr'
5
+ spec.version = EncryptAttr::VERSION
6
+ spec.authors = ['Nando Vieira']
7
+ spec.email = ['fnando.vieira@gmail.com']
8
+ spec.summary = 'Encrypt attributes using AES-256-CBC (or your custom encryption algorithm). Works with and without ActiveRecord.'
9
+ spec.description = spec.summary
10
+ spec.homepage = 'http://rubygems.org/gems/encrypt_attr'
11
+ spec.license = 'MIT'
12
+
13
+ spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
14
+ spec.bindir = 'exe'
15
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
16
+ spec.require_paths = ['lib']
17
+
18
+ spec.add_development_dependency 'bundler'
19
+ spec.add_development_dependency 'rake'
20
+ spec.add_development_dependency 'minitest'
21
+ spec.add_development_dependency 'minitest-reporters'
22
+ spec.add_development_dependency 'sqlite3'
23
+ spec.add_development_dependency 'activerecord'
24
+ spec.add_development_dependency 'pry-meta'
25
+ spec.add_development_dependency 'codeclimate-test-reporter'
26
+ end
@@ -0,0 +1,19 @@
1
+ require 'forwardable'
2
+
3
+ module EncryptAttr
4
+ require 'encrypt_attr/version'
5
+ require 'encrypt_attr/encryptor'
6
+ require 'encrypt_attr/base'
7
+ require 'encrypt_attr/active_record' if defined?(ActiveRecord)
8
+
9
+ class << self
10
+ extend Forwardable
11
+ def_delegators Base, :secret_token, :secret_token=,
12
+ :encryptor, :encryptor=,
13
+ :validate_secret_token
14
+ end
15
+
16
+ def self.included(target)
17
+ target.send :include, Base
18
+ end
19
+ end
@@ -0,0 +1,2 @@
1
+ require 'encrypt_attr'
2
+ ActiveRecord::Base.send :include, EncryptAttr::Base
@@ -0,0 +1,69 @@
1
+ module EncryptAttr
2
+ module Base
3
+ def self.included(target)
4
+ target.extend(ClassMethods)
5
+ end
6
+
7
+ class << self
8
+ # Define the object that will encrypt/decrypt values.
9
+ # By default, it's EncryptAttr::Encryptor
10
+ attr_accessor :encryptor
11
+ end
12
+
13
+ def self.secret_token
14
+ @secret_token
15
+ end
16
+
17
+ def self.secret_token=(secret_token)
18
+ validate_secret_token(secret_token.to_s)
19
+ @secret_token = secret_token.to_s
20
+ end
21
+
22
+ def self.validate_secret_token(secret_token)
23
+ if secret_token.size < 100
24
+ offending_line = caller
25
+ .reject {|entry| entry.include?(__dir__) || entry.include?('forwardable.rb') }
26
+ .first[/^(.*?:\d+)/, 1]
27
+ warn "[encrypt_attribute] secret token must have at least 100 characters (called from #{offending_line})"
28
+ end
29
+ end
30
+
31
+ # Set initial token value to empty string.
32
+ # Cannot assign through writer method because of size warning.
33
+ @secret_token = ''
34
+
35
+ # Set initial encryptor engine.
36
+ self.encryptor = Encryptor
37
+
38
+ module ClassMethods
39
+ def encrypt_attr(*args, secret_token: EncryptAttr.secret_token)
40
+ EncryptAttr.validate_secret_token(secret_token)
41
+
42
+ args.each do |attribute|
43
+ define_encrypted_attribute(attribute, secret_token)
44
+ end
45
+ end
46
+ alias_method :attr_encrypt, :encrypt_attr
47
+ alias_method :attr_encrypted, :encrypt_attr
48
+ alias_method :attr_vault, :encrypt_attr
49
+ alias_method :encrypt_attr, :encrypt_attr
50
+ alias_method :encrypt_attribute, :encrypt_attr
51
+ alias_method :encrypted_attr, :encrypt_attr
52
+ alias_method :encrypted_attribute, :encrypt_attr
53
+
54
+ private
55
+
56
+ def define_encrypted_attribute(attribute, secret_token)
57
+ define_method attribute do
58
+ instance_variable_get("@#{attribute}")
59
+ end
60
+
61
+ define_method "#{attribute}=" do |value|
62
+ instance_variable_set("@#{attribute}", value)
63
+ send("encrypted_#{attribute}=", nil)
64
+ send("encrypted_#{attribute}=", EncryptAttr.encryptor.encrypt(secret_token, value)) if value
65
+ end
66
+ end
67
+ end
68
+ end
69
+ end
@@ -0,0 +1,45 @@
1
+ require 'digest/sha2'
2
+ require 'base64'
3
+ require 'openssl'
4
+
5
+ module EncryptAttr
6
+ class Encryptor
7
+ def self.encrypt(secret_token, value)
8
+ new(secret_token).encrypt(value)
9
+ end
10
+
11
+ def self.decrypt(secret_token, value)
12
+ new(secret_token).decrypt(value)
13
+ end
14
+
15
+ # Set the encryptor's secret token.
16
+ attr_reader :secret_token
17
+
18
+ def initialize(secret_token)
19
+ @secret_token = secret_token
20
+ end
21
+
22
+ def encrypt(value)
23
+ encode cipher(:encrypt, value)
24
+ end
25
+
26
+ def decrypt(value)
27
+ cipher(:decrypt, decode(value))
28
+ end
29
+
30
+ def cipher(mode, value)
31
+ cipher = OpenSSL::Cipher.new('AES-256-CBC').public_send(mode)
32
+ cipher.key = Digest::SHA256.digest(secret_token)
33
+ cipher.iv = Digest::SHA256.digest(secret_token)
34
+ cipher.update(value) + cipher.final
35
+ end
36
+
37
+ def encode(value)
38
+ Base64.encode64(value).chomp
39
+ end
40
+
41
+ def decode(value)
42
+ Base64.decode64(value)
43
+ end
44
+ end
45
+ end
@@ -0,0 +1,3 @@
1
+ module EncryptAttr
2
+ VERSION = '0.1.0'
3
+ end
metadata ADDED
@@ -0,0 +1,172 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: encrypt_attr
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Nando Vieira
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2015-03-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: minitest
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: minitest-reporters
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: sqlite3
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: activerecord
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: pry-meta
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: codeclimate-test-reporter
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ description: Encrypt attributes using AES-256-CBC (or your custom encryption algorithm).
126
+ Works with and without ActiveRecord.
127
+ email:
128
+ - fnando.vieira@gmail.com
129
+ executables: []
130
+ extensions: []
131
+ extra_rdoc_files: []
132
+ files:
133
+ - ".gitignore"
134
+ - ".travis.yml"
135
+ - CHANGELOG.md
136
+ - CODE_OF_CONDUCT.md
137
+ - Gemfile
138
+ - LICENSE.txt
139
+ - README.md
140
+ - Rakefile
141
+ - encrypt_attr.gemspec
142
+ - lib/encrypt_attr.rb
143
+ - lib/encrypt_attr/active_record.rb
144
+ - lib/encrypt_attr/base.rb
145
+ - lib/encrypt_attr/encryptor.rb
146
+ - lib/encrypt_attr/version.rb
147
+ homepage: http://rubygems.org/gems/encrypt_attr
148
+ licenses:
149
+ - MIT
150
+ metadata: {}
151
+ post_install_message:
152
+ rdoc_options: []
153
+ require_paths:
154
+ - lib
155
+ required_ruby_version: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ required_rubygems_version: !ruby/object:Gem::Requirement
161
+ requirements:
162
+ - - ">="
163
+ - !ruby/object:Gem::Version
164
+ version: '0'
165
+ requirements: []
166
+ rubyforge_project:
167
+ rubygems_version: 2.4.6
168
+ signing_key:
169
+ specification_version: 4
170
+ summary: Encrypt attributes using AES-256-CBC (or your custom encryption algorithm).
171
+ Works with and without ActiveRecord.
172
+ test_files: []