hash_redactor 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/hash_redactor/hash_redactor.rb +63 -38
- data/lib/hash_redactor/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 21c05c3393cf49eaf7ebd8b45b872724bbb2344c
|
|
4
|
+
data.tar.gz: 11cf069f14be218a178bebb0acb646f0d293b4d1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cfb79ccabcef173c20cdaa045ae685215890df0559276f0915387abaa203088fd834d87d4c0973e8123466de8264fa0482d547b8f969722e90442da2b8e90645
|
|
7
|
+
data.tar.gz: 840f2ce58bec117ec31afebf3bc91f6001eb4647c400d8f2a724caea4349c7da8182dcd9ecb1ee39b66b33c85564f3cd6c7503111835b7ebec3ed4b6e1edf3fe
|
data/CHANGELOG.md
CHANGED
|
@@ -41,27 +41,11 @@ module HashRedactor
|
|
|
41
41
|
when :remove
|
|
42
42
|
nil
|
|
43
43
|
when :digest
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
result[result_key] = Digest::SHA256.base64digest(
|
|
47
|
-
result[hash_key].to_s + options[:digest_salt])
|
|
44
|
+
digest(result, hash_key, options)
|
|
48
45
|
when :encrypt
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
crypt_key = options[:encryption_key]
|
|
52
|
-
iv = SecureRandom.random_bytes(12)
|
|
53
|
-
data_key = ('encrypted_' + hash_key.to_s).to_sym
|
|
54
|
-
iv_key = ('encrypted_' + hash_key.to_s + '_iv').to_sym
|
|
55
|
-
|
|
56
|
-
encrypted_value = EncryptorInterface.encrypt(:data, result[hash_key], iv: iv, key: crypt_key)
|
|
57
|
-
|
|
58
|
-
encrypted_value = [encrypted_value].pack(options[:encode]) if options[:encode]
|
|
59
|
-
iv = [iv].pack(options[:encode_iv]) if options[:encode_iv]
|
|
60
|
-
|
|
61
|
-
result[data_key] = encrypted_value
|
|
62
|
-
result[iv_key] = iv
|
|
46
|
+
encrypt(result, hash_key, options)
|
|
63
47
|
else
|
|
64
|
-
raise "redact called with unknown operation on #{hash_key
|
|
48
|
+
raise "redact called with unknown operation on #{hash_key}: #{how}"
|
|
65
49
|
end
|
|
66
50
|
|
|
67
51
|
result.delete hash_key
|
|
@@ -70,6 +54,38 @@ module HashRedactor
|
|
|
70
54
|
|
|
71
55
|
result
|
|
72
56
|
end
|
|
57
|
+
|
|
58
|
+
def digest(hash, hash_key, options)
|
|
59
|
+
digest_key = hash_key.to_s + '_digest'
|
|
60
|
+
digest_key = digest_key.to_sym if hash_key.is_a? Symbol
|
|
61
|
+
|
|
62
|
+
hash[digest_key] = Digest::SHA256.base64digest(
|
|
63
|
+
hash[hash_key].to_s + options[:digest_salt])
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def encrypt(hash, hash_key, options)
|
|
67
|
+
raise "No encryption key specified. Please pass :encryption_key in options to new or redact" unless options[:encryption_key]
|
|
68
|
+
|
|
69
|
+
data_key = 'encrypted_' + hash_key.to_s
|
|
70
|
+
iv_key = 'encrypted_' + hash_key.to_s + '_iv'
|
|
71
|
+
|
|
72
|
+
if hash_key.is_a? Symbol
|
|
73
|
+
data_key = data_key.to_sym
|
|
74
|
+
iv_key = iv_key.to_sym
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
crypt_key = options[:encryption_key]
|
|
78
|
+
iv = SecureRandom.random_bytes(12)
|
|
79
|
+
|
|
80
|
+
encrypted_value = EncryptorInterface.encrypt(:data,
|
|
81
|
+
hash[hash_key], iv: iv, key: crypt_key)
|
|
82
|
+
|
|
83
|
+
encrypted_value = [encrypted_value].pack(options[:encode]) if options[:encode]
|
|
84
|
+
iv = [iv].pack(options[:encode_iv]) if options[:encode_iv]
|
|
85
|
+
|
|
86
|
+
hash[data_key] = encrypted_value
|
|
87
|
+
hash[iv_key] = iv
|
|
88
|
+
end
|
|
73
89
|
|
|
74
90
|
def decrypt(data, opts = {})
|
|
75
91
|
options = @options.merge opts
|
|
@@ -84,30 +100,39 @@ module HashRedactor
|
|
|
84
100
|
|
|
85
101
|
redact_hash.each do |hash_key,how|
|
|
86
102
|
if (how == :encrypt)
|
|
87
|
-
|
|
88
|
-
|
|
103
|
+
decrypt_value(result, hash_key, options)
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
result
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
def decrypt_value(result, hash_key, options)
|
|
111
|
+
data_key = 'encrypted_' + hash_key.to_s
|
|
112
|
+
iv_key = 'encrypted_' + hash_key.to_s + '_iv'
|
|
113
|
+
|
|
114
|
+
if hash_key.is_a? Symbol
|
|
115
|
+
data_key = data_key.to_sym
|
|
116
|
+
iv_key = iv_key.to_sym
|
|
117
|
+
end
|
|
89
118
|
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
119
|
+
if (result.has_key? data_key)
|
|
120
|
+
iv = result[iv_key]
|
|
121
|
+
crypt_key = options[:encryption_key]
|
|
93
122
|
|
|
94
|
-
|
|
123
|
+
encrypted_value = result[data_key]
|
|
95
124
|
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
125
|
+
# Decode if necessary
|
|
126
|
+
iv = iv.unpack(options[:encode_iv]).first if options[:encode_iv]
|
|
127
|
+
encrypted_value = encrypted_value.unpack(options[:encode]).first if options[:encode]
|
|
99
128
|
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
end
|
|
107
|
-
end
|
|
129
|
+
decrypted_value = EncryptorInterface.decrypt(:data, encrypted_value,
|
|
130
|
+
iv: iv, key: crypt_key)
|
|
131
|
+
|
|
132
|
+
result[hash_key] = decrypted_value
|
|
133
|
+
result.delete data_key
|
|
134
|
+
result.delete iv_key
|
|
108
135
|
end
|
|
109
|
-
|
|
110
|
-
result
|
|
111
136
|
end
|
|
112
137
|
end
|
|
113
138
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hash_redactor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Jensen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-07-
|
|
11
|
+
date: 2016-07-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: attr_encrypted
|