enquo-core 0.8.0.1.gff74b4f-x86_64-linux → 0.8.0.5.gdc04874-x86_64-linux

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e96584ab8a8bee97716e269d29f11e6f428c607d88ec4674510538021aff5ae4
-  data.tar.gz: 75ed79996fbf26041fd3be3bae1a0e786568b233865a1013a6c559d8a79d7f30
+  metadata.gz: 816d52a4c9ede05cf9b0caa05fa75009ea9f3cdbecdc5812011e6f6d2f1b723c
+  data.tar.gz: 07dd05d23b984c816a726b349d89213175904bae24f9646c49e776914ac1f9e6
 SHA512:
-  metadata.gz: 7e15b35fbc5477dff9841e7fe7e0150900f2027f9d169673d91e91ae1656bc858a1180a091728402b8caa457bcae2adc337440329fc49956f4c569189fcdc2e2
-  data.tar.gz: b178aee4e3cb1b62aacd906c0307ed239cb4b30c70094e6152aaed7d77ae7d80d2998e616628f936e9b7e89132dcb7ec07e4e8f4482f68b7eb4467771bc57fde
+  metadata.gz: 9e114a4d18e5bf297027ed08906dec17ae537dbbdc2313c2b9828ea933fe6e86b874d0baaee7254448ecd188fe00b5ff9fd4fdd397adbc8cf5ed569ff2a5d293
+  data.tar.gz: 3c911fb3bac62b8ee5a4289bad23e2eddf595c332d2c51c4f5bc606e67863d54c5df6e723972a255cfdfd89c93f91a25c84acca86a9aa951d6f194870972d1fe

data/ext/enquo/Cargo.lock

@@ -228,17 +228,17 @@ dependencies = [
 
 [[package]]
 name = "cretrit"
-version = "0.4.1"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0b424f56a53c945d026954e4b431c9d8bd3cd8c431574c8f4b77f59e860c366a"
+checksum = "e4ba460081834719b3cfc064384b7ba19c0292f8833c55169a5177d995f1b4a8"
 dependencies = [
  "aes",
  "cmac",
- "hmac",
  "num",
  "rand",
  "rand_chacha",
- "sha2",
+ "serde",
+ "serde_bytes",
  "thiserror",
  "zeroize",
 ]
@@ -368,7 +368,6 @@ version = "0.0.0"
 dependencies = [
  "enquo-core",
  "hex",
- "lazy_static",
  "magnus",
  "serde_json",
 ]
@@ -380,12 +379,10 @@ dependencies = [
  "aes-gcm-siv",
  "ciborium",
  "cretrit",
- "hmac",
  "rand_chacha",
  "serde",
  "serde_bytes",
  "serde_with",
- "sha2",
  "thiserror",
  "unicode-normalization",
 ]
@@ -441,15 +438,6 @@ version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
 
-[[package]]
-name = "hmac"
-version = "0.12.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
-dependencies = [
- "digest",
-]
-
 [[package]]
 name = "iana-time-zone"
 version = "0.1.54"
@@ -898,17 +886,6 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "sha2"
-version = "0.10.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cf9db03534dff993187064c4e0c05a5708d2a9728ace9a8959b77bedf415dac5"
-dependencies = [
- "cfg-if",
- "cpufeatures",
- "digest",
-]
-
 [[package]]
 name = "shell-words"
 version = "1.1.0"

data/ext/enquo/Cargo.toml

@@ -1,11 +1,17 @@
 [package]
 name = "enquo"
+description = "Rust dynamic library for Ruby enquo-core"
+license = "MIT"
+repository = "https://github.com/enquo/enquo-core"
+homepage = "https://enquo.org"
+readme = "../../../README.md"
+keywords = ["encryption", "search", "query", "ore", "ruby"]
+categories = ["algorithms", "cryptography"]
 version = "0.0.0"
 edition = "2021"
 
 [dependencies]
 enquo-core = { path = "../../../rust" }
-lazy_static = "1.0"
 serde_json = "1.0"
 magnus = "0.5"
 hex = "0.4"

data/ext/enquo/src/field.rs

@@ -1,4 +1,10 @@
-use enquo_core::{Boolean, Date, Error, Text, I64};
+//! Everything related to `Enquo::Field`
+//!
+
+use enquo_core::{
+    datatype::{Boolean, Date, Text, I64},
+    Error,
+};
 use magnus::{
     class, eval, exception, function, method,
     prelude::*,
@@ -7,10 +13,11 @@ use magnus::{
 };
 use std::ops::Deref;
 
-use crate::maybe_raise;
+use crate::{maybe_raise, string_to_bytes};
 
+/// Wrapper struct for the `enquo_core` `Field` struct
 #[magnus::wrap(class = "Enquo::Field")]
-pub struct Field(pub enquo_core::Field);
+pub(crate) struct Field(pub(crate) enquo_core::Field);
 
 impl Deref for Field {
     type Target = enquo_core::Field;
@@ -20,17 +27,32 @@ impl Deref for Field {
     }
 }
 
+/// The results of parsing all the various options that can be passed when encrypting a value
 struct EncryptOpts<T>
 where
     T: TryConvert,
 {
+    /// The value to be encrypted
     input: T,
+    /// The encryption context
     context: Vec<u8>,
+    /// Whether the ciphertext should be created with unsafe parts included
     unsafe_ok: bool,
+    /// Whether the ciphertext should have all querying portions removed
     no_query: bool,
+    /// (Text only) how long to make the ordering code
     order_prefix_length: Option<u8>,
 }
 
+/// Convert *actual* Ruby booleans into Rust `bool`
+///
+/// Magnus supports converting into a Rust `bool`, but it takes Ruby's extremely laissez-faire
+/// approach, where basically everything is `true` unless it's strictly defined as `false`
+/// (basically just `false` and `nil`).
+///
+/// I, on the other hand, want to accept only *actual booleans* when encrypting a bool, so... here
+/// we are.
+///
 fn strict_bool(value: Option<magnus::Value>, e: &str) -> Result<Option<bool>, magnus::Error> {
     match value {
         None => Ok(None),
@@ -49,6 +71,11 @@ fn strict_bool(value: Option<magnus::Value>, e: &str) -> Result<Option<bool>, ma
     }
 }
 
+/// Convert *actual* Ruby Integers into Rust integer types
+///
+/// Magnus will accept various floaty-type things and truncate them into integers, which we really,
+/// absolutely, do not want.
+///
 fn strict_int<T: TryConvert>(
     value: Option<magnus::Value>,
     e: &str,
@@ -68,6 +95,9 @@ fn strict_int<T: TryConvert>(
     }
 }
 
+/// Transmogrify the range of options that can be passed to an encrypt function into a more
+/// appealing structure
+///
 fn parse_encrypt_args<T>(args: &[magnus::Value]) -> Result<EncryptOpts<T>, magnus::Error>
 where
     T: TryConvert,
@@ -96,14 +126,14 @@ where
 
     Ok(EncryptOpts::<T> {
         input,
-        // Safe because we immediately copy away the value
-        context: unsafe { context_str.as_slice().to_vec() },
+        context: string_to_bytes(context_str),
         unsafe_ok,
         no_query,
         order_prefix_length,
     })
 }
 
+#[allow(clippy::missing_docs_in_private_items)] // I think the names speak for themselves, really
 impl Field {
     fn key_id(&self) -> Result<String, magnus::Error> {
         maybe_raise(self.0.key_id().map(hex::encode), None)
@@ -116,7 +146,12 @@ impl Field {
             Some(opts.input),
             "Enquo::Field#encrypt_boolean can only encrypt booleans",
         )?
-        .expect("CAN'T HAPPEN: got None from strict_bool(Some(opts.input)) !!!");
+        .ok_or_else(|| {
+            magnus::Error::new(
+                exception::runtime_error(),
+                "CAN'T HAPPEN: got None from strict_bool(Some(opts.input))",
+            )
+        })?;
 
         let mut res = maybe_raise(
             if opts.unsafe_ok {
@@ -137,6 +172,7 @@ impl Field {
         )
     }
 
+    #[allow(clippy::needless_pass_by_value)] // Magnus is not friends with &str args
     fn decrypt_boolean(&self, ciphertext: String, context: String) -> Result<bool, magnus::Error> {
         let ct: Boolean = maybe_raise(
             serde_json::from_str(&ciphertext),
@@ -183,6 +219,7 @@ impl Field {
         )
     }
 
+    #[allow(clippy::needless_pass_by_value)] // Magnus is not friends with &str args
     fn decrypt_i64(&self, ciphertext: String, context: String) -> Result<i64, magnus::Error> {
         let ct: I64 = maybe_raise(
             serde_json::from_str(&ciphertext),
@@ -229,6 +266,7 @@ impl Field {
         )
     }
 
+    #[allow(clippy::needless_pass_by_value)] // Magnus is not friends with &str args
     fn decrypt_date(
         &self,
         ciphertext: String,
@@ -290,6 +328,7 @@ impl Field {
         )
     }
 
+    #[allow(clippy::needless_pass_by_value)] // Magnus is not friends with &str args
     fn decrypt_text(&self, ciphertext: String, context: String) -> Result<String, magnus::Error> {
         let ct: Text = maybe_raise(
             serde_json::from_str(&ciphertext),
@@ -308,7 +347,8 @@ impl Field {
     }
 }
 
-pub fn init(base: &RModule) -> Result<(), magnus::Error> {
+/// Create the Field class and setup all its methods
+pub(crate) fn init(base: RModule) -> Result<(), magnus::Error> {
     let class = base.define_class("Field", class::object())?;
 
     class.define_singleton_method(

data/ext/enquo/src/lib.rs

@@ -1,18 +1,28 @@
+//! Ruby extension for enquo-core
+//!
+//!
+
+// magnus::init spews an error that I *cannot*, for the life of me, figure out how to suppress, so
+// we'll just have to suppress it globally and remember to write docs where appropriate
+#![allow(missing_docs)]
+
 mod field;
 mod root;
 mod root_key;
 
+/// Tell Ruby to initialise everything
 #[magnus::init]
 fn init() -> Result<(), magnus::Error> {
     let base_mod = magnus::define_module("Enquo")?;
 
-    root::init(&base_mod)?;
-    root_key::init(&base_mod)?;
-    field::init(&base_mod)?;
+    root::init(base_mod)?;
+    root_key::init(base_mod)?;
+    field::init(base_mod)?;
 
     Ok(())
 }
 
+/// Dig up the Enquo exception class
 fn enquo_exception() -> Result<magnus::ExceptionClass, magnus::Error> {
     magnus::ExceptionClass::from_value(magnus::eval("::Enquo::Error")?).ok_or_else(|| {
         magnus::Error::new(
@@ -22,6 +32,8 @@ fn enquo_exception() -> Result<magnus::ExceptionClass, magnus::Error> {
     })
 }
 
+/// Check if the value passed in is an error, and if so, turn it into something that Magnus will
+/// recognise as an Enquo exception to be raised.
 fn maybe_raise<T, E: std::error::Error>(
     r: Result<T, E>,
     s: Option<&str>,
@@ -38,3 +50,16 @@ fn maybe_raise<T, E: std::error::Error>(
         )
     })
 }
+
+/// Turn an `RString`'s contents into a Vec<u8>
+///
+/// Useful when the string's contents aren't UTF-8 text, or we just want to muck around with it in
+/// some low-levelish way.  Strange that Magnus doesn't seem to have a safe function already to do
+/// this.
+fn string_to_bytes(s: magnus::RString) -> Vec<u8> {
+    #[allow(unsafe_code)]
+    // SAFETY: we don't let Ruby GC while we hold the ref
+    unsafe {
+        s.as_slice().to_owned()
+    }
+}

data/ext/enquo/src/root.rs

@@ -1,8 +1,13 @@
+//! The home of the `Enquo::Root` class
+//!
+
+use enquo_core::KeyProvider;
 use magnus::{class, function, method, prelude::*, RModule};
-use std::ops::Deref;
+use std::{ops::Deref, sync::Arc};
 
 use crate::{field::Field, maybe_raise, root_key::RootKey};
 
+/// Wrapper struct for the enquo_core struct of the same name
 #[magnus::wrap(class = "Enquo::Root")]
 struct Root(enquo_core::Root);
 
@@ -15,13 +20,16 @@ impl Deref for Root {
 }
 
 impl Root {
+    /// Create a new root from a root key
     fn new(k: &RootKey) -> Result<Self, magnus::Error> {
         Ok(Self(maybe_raise(
-            enquo_core::Root::new(k.deref().clone()),
+            enquo_core::Root::new(Arc::<dyn KeyProvider>::clone(&**k)),
             None,
         )?))
     }
 
+    /// Spawn a new `Enquo::Field`
+    #[allow(clippy::needless_pass_by_value)] // Magnus is not friends with &str args
     fn field(&self, relation: String, name: String) -> Result<Field, magnus::Error> {
         Ok(Field(maybe_raise(
             self.0.field(relation.as_bytes(), name.as_bytes()),
@@ -30,7 +38,8 @@ impl Root {
     }
 }
 
-pub fn init(base: &RModule) -> Result<(), magnus::Error> {
+/// Wire up everything for `Enquo::Root`
+pub(crate) fn init(base: RModule) -> Result<(), magnus::Error> {
     let class = base.define_class("Root", class::object())?;
 
     class.define_singleton_method("new", function!(Root::new, 1))?;

data/ext/enquo/src/root_key.rs

@@ -1,10 +1,16 @@
+//! The `Enquo::RootKey` Ruby module
+//!
+
 use enquo_core::{key_provider, key_provider::KeyProvider};
 use magnus::{class, encoding, exception, function, prelude::*, RModule};
 use std::ops::Deref;
 use std::sync::Arc;
 
+use crate::{maybe_raise, string_to_bytes};
+
+/// The key provided to the Root from which all other keys are derived
 #[magnus::wrap(class = "Enquo::RootKey")]
-pub struct RootKey(Arc<dyn KeyProvider>);
+pub(crate) struct RootKey(Arc<dyn KeyProvider>);
 
 impl Deref for RootKey {
     type Target = Arc<dyn KeyProvider>;
@@ -14,12 +20,13 @@ impl Deref for RootKey {
     }
 }
 
+/// Creates a `RootKey::Static` instance from the key provided
 fn new_static_root_key(k_str: magnus::RString) -> Result<RootKey, magnus::Error> {
     let encindex = k_str.enc_get();
 
     let k: &[u8] = &if encindex == encoding::Index::ascii8bit() {
         if k_str.len() == 32 {
-            Ok(unsafe { (*k_str.as_slice()).to_vec() })
+            Ok(string_to_bytes(k_str))
         } else {
             Err(magnus::Error::new(
                 exception::arg_error(),
@@ -28,14 +35,12 @@ fn new_static_root_key(k_str: magnus::RString) -> Result<RootKey, magnus::Error>
         }
     } else if encindex == encoding::Index::utf8() || encindex == encoding::Index::usascii() {
         if k_str.len() == 64 {
-            Ok(unsafe {
-                hex::decode(k_str.as_slice()).map_err(|e| {
-                    magnus::Error::new(
-                        exception::arg_error(),
-                        format!("hex key must only contain valid hex characters: {e}"),
-                    )
-                })?
-            })
+            Ok(hex::decode(string_to_bytes(k_str)).map_err(|e| {
+                magnus::Error::new(
+                    exception::arg_error(),
+                    format!("hex key must only contain valid hex characters: {e}"),
+                )
+            })?)
         } else {
             Err(magnus::Error::new(
                 exception::arg_error(),
@@ -52,10 +57,17 @@ fn new_static_root_key(k_str: magnus::RString) -> Result<RootKey, magnus::Error>
         ))
     }?;
 
-    Ok(RootKey(Arc::new(key_provider::Static::new(k))))
+    let mut key: [u8; 32] = Default::default();
+    key.copy_from_slice(k);
+
+    Ok(RootKey(Arc::new(maybe_raise(
+        key_provider::Static::new(&key),
+        None,
+    )?)))
 }
 
-pub fn init(base: &RModule) -> Result<(), magnus::Error> {
+/// Create the `Enquo::RootKey` class and wire in its methods
+pub(crate) fn init(base: RModule) -> Result<(), magnus::Error> {
     let base_class = base.define_class("RootKey", class::object())?;
 
     {

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: enquo-core
 version: !ruby/object:Gem::Version
-  version: 0.8.0.1.gff74b4f
+  version: 0.8.0.5.gdc04874
 platform: x86_64-linux
 authors:
 - Matt Palmer
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-05-04 00:00:00.000000000 Z
+date: 2023-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler