encryption_activator 0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG +1 -0
- data/Manifest +6 -0
- data/README.md +39 -0
- data/Rakefile +8 -0
- data/encryption_activator.gemspec +30 -0
- data/lib/encryption_activator.rb +42 -0
- data/test/test_all.rb +36 -0
- metadata +61 -0
data/CHANGELOG
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
v0.1. Proof of concept
|
data/Manifest
ADDED
data/README.md
ADDED
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
|
|
2
|
+
## Encryption Activator
|
|
3
|
+
|
|
4
|
+
This gem lets you encrypt fields in your Rails app's database, and by
|
|
5
|
+
default, raise an exception if you try to access any of the fields, until
|
|
6
|
+
you call the prompt method which will ask for the encryption key.
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
## Examples
|
|
10
|
+
|
|
11
|
+
gem 'encryption_activator'
|
|
12
|
+
|
|
13
|
+
EncryptionActivator.key # raises EncryptionActivator::KeyNotSetException
|
|
14
|
+
EncryptionActivator.prompt # prompts for key at the terminal
|
|
15
|
+
EncryptionActivator.key # => returns key
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
## Use with Rails: attr_encrypted
|
|
19
|
+
|
|
20
|
+
### Key-less mode
|
|
21
|
+
|
|
22
|
+
Put this in eg. config/initializers/activerecord_attr_encrypted.rb :
|
|
23
|
+
|
|
24
|
+
ActiveRecord::Base.attr_encrypted_options.merge!(
|
|
25
|
+
key: EncryptionActivator.keyproc,
|
|
26
|
+
encode: true
|
|
27
|
+
)
|
|
28
|
+
|
|
29
|
+
Your app will work without the key being set, as long as you don't try to
|
|
30
|
+
read any of the encrypted fields.
|
|
31
|
+
|
|
32
|
+
### Activate encrypted mode
|
|
33
|
+
|
|
34
|
+
Somewhere in your worker process or
|
|
35
|
+
startup thread, you call this:
|
|
36
|
+
|
|
37
|
+
EncryptionActivator.prompt
|
|
38
|
+
|
|
39
|
+
After this, the app can read and write the encrypted fields.
|
data/Rakefile
ADDED
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
|
|
3
|
+
Gem::Specification.new do |s|
|
|
4
|
+
s.name = "encryption_activator"
|
|
5
|
+
s.version = "0.1"
|
|
6
|
+
|
|
7
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
|
8
|
+
s.authors = ["Andrew Snow"]
|
|
9
|
+
s.date = "2013-02-18"
|
|
10
|
+
s.description = "Ruby gem to prompt for password at run time for attr_encrypted"
|
|
11
|
+
s.email = "andrew@modulus.org"
|
|
12
|
+
s.extra_rdoc_files = ["CHANGELOG", "README.md", "lib/encryption_activator.rb"]
|
|
13
|
+
s.files = ["CHANGELOG", "README.md", "Rakefile", "lib/encryption_activator.rb", "test/test_all.rb", "Manifest", "encryption_activator.gemspec"]
|
|
14
|
+
s.homepage = "https://github.com/andys/encryption_activator"
|
|
15
|
+
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Encryption_activator", "--main", "README.md"]
|
|
16
|
+
s.require_paths = ["lib"]
|
|
17
|
+
s.rubyforge_project = "encryption_activator"
|
|
18
|
+
s.rubygems_version = "1.8.25"
|
|
19
|
+
s.summary = "Ruby gem to prompt for password at run time for attr_encrypted"
|
|
20
|
+
s.test_files = ["test/test_all.rb"]
|
|
21
|
+
|
|
22
|
+
if s.respond_to? :specification_version then
|
|
23
|
+
s.specification_version = 3
|
|
24
|
+
|
|
25
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
|
26
|
+
else
|
|
27
|
+
end
|
|
28
|
+
else
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
require 'io/console'
|
|
2
|
+
|
|
3
|
+
module EncryptionActivator
|
|
4
|
+
|
|
5
|
+
class KeyNotSetException < Exception ; end
|
|
6
|
+
|
|
7
|
+
class << self
|
|
8
|
+
attr_writer :key
|
|
9
|
+
|
|
10
|
+
def prompt(tty=STDIN)
|
|
11
|
+
if tty.tty?
|
|
12
|
+
attempt1 = nil
|
|
13
|
+
3.times do
|
|
14
|
+
$stderr.print "Enter key: "
|
|
15
|
+
attempt1 = tty.noecho(&:gets).chomp
|
|
16
|
+
if attempt1.length < 20
|
|
17
|
+
$stderr.puts "not long enough, minimum 20 chars"
|
|
18
|
+
next
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
$stderr.print "\n Confirm: "
|
|
22
|
+
attempt2 = tty.noecho(&:gets).chomp
|
|
23
|
+
|
|
24
|
+
if attempt1 == attempt2
|
|
25
|
+
self.key = attempt1
|
|
26
|
+
break
|
|
27
|
+
end
|
|
28
|
+
$stderr.puts "did not match, try again"
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def keyproc
|
|
34
|
+
lambda {|*opts| @key || raise(EncryptionActivator::KeyNotSetException.new("Key not set!")) }
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def key
|
|
38
|
+
keyproc.call
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
data/test/test_all.rb
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
require 'minitest/autorun'
|
|
2
|
+
require 'pty'
|
|
3
|
+
require "#{File.dirname(__FILE__)}/../lib/encryption_activator"
|
|
4
|
+
|
|
5
|
+
class TestEncryptionActivator < MiniTest::Unit::TestCase
|
|
6
|
+
|
|
7
|
+
def setup
|
|
8
|
+
EncryptionActivator.key = nil
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def test_key_entry_good
|
|
12
|
+
k = 'flibbleflibbleflibble'
|
|
13
|
+
PTY.open do |m, s|
|
|
14
|
+
2.times { s.puts(k) }
|
|
15
|
+
EncryptionActivator.prompt(m)
|
|
16
|
+
end
|
|
17
|
+
assert_equal k, EncryptionActivator.key
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def test_key_entry_blank
|
|
21
|
+
PTY.open do |m, s|
|
|
22
|
+
Thread.new { loop { s.puts("") } }
|
|
23
|
+
EncryptionActivator.prompt(m)
|
|
24
|
+
end
|
|
25
|
+
assert_raises(EncryptionActivator::KeyNotSetException) { EncryptionActivator.key }
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def test_keyproc_nokey
|
|
29
|
+
assert_raises(EncryptionActivator::KeyNotSetException) { EncryptionActivator.key }
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def test_keyprocx
|
|
33
|
+
EncryptionActivator.key = 'flibble'
|
|
34
|
+
assert_equal 'flibble', EncryptionActivator.key
|
|
35
|
+
end
|
|
36
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: encryption_activator
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: '0.1'
|
|
5
|
+
prerelease:
|
|
6
|
+
platform: ruby
|
|
7
|
+
authors:
|
|
8
|
+
- Andrew Snow
|
|
9
|
+
autorequire:
|
|
10
|
+
bindir: bin
|
|
11
|
+
cert_chain: []
|
|
12
|
+
date: 2013-02-18 00:00:00.000000000 Z
|
|
13
|
+
dependencies: []
|
|
14
|
+
description: Ruby gem to prompt for password at run time for attr_encrypted
|
|
15
|
+
email: andrew@modulus.org
|
|
16
|
+
executables: []
|
|
17
|
+
extensions: []
|
|
18
|
+
extra_rdoc_files:
|
|
19
|
+
- CHANGELOG
|
|
20
|
+
- README.md
|
|
21
|
+
- lib/encryption_activator.rb
|
|
22
|
+
files:
|
|
23
|
+
- CHANGELOG
|
|
24
|
+
- README.md
|
|
25
|
+
- Rakefile
|
|
26
|
+
- lib/encryption_activator.rb
|
|
27
|
+
- test/test_all.rb
|
|
28
|
+
- Manifest
|
|
29
|
+
- encryption_activator.gemspec
|
|
30
|
+
homepage: https://github.com/andys/encryption_activator
|
|
31
|
+
licenses: []
|
|
32
|
+
post_install_message:
|
|
33
|
+
rdoc_options:
|
|
34
|
+
- --line-numbers
|
|
35
|
+
- --inline-source
|
|
36
|
+
- --title
|
|
37
|
+
- Encryption_activator
|
|
38
|
+
- --main
|
|
39
|
+
- README.md
|
|
40
|
+
require_paths:
|
|
41
|
+
- lib
|
|
42
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
43
|
+
none: false
|
|
44
|
+
requirements:
|
|
45
|
+
- - ! '>='
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
49
|
+
none: false
|
|
50
|
+
requirements:
|
|
51
|
+
- - ! '>='
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: '1.2'
|
|
54
|
+
requirements: []
|
|
55
|
+
rubyforge_project: encryption_activator
|
|
56
|
+
rubygems_version: 1.8.25
|
|
57
|
+
signing_key:
|
|
58
|
+
specification_version: 3
|
|
59
|
+
summary: Ruby gem to prompt for password at run time for attr_encrypted
|
|
60
|
+
test_files:
|
|
61
|
+
- test/test_all.rb
|