hash_redactor 0.3.0 → 0.3.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/README.md +21 -1
  4. data/lib/hash_redactor/hash_redactor.rb +37 -20
  5. data/lib/hash_redactor/version.rb +1 -1
  6. metadata +16 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1475a0799bf0c7185a9c8e00d68258518bfe98af
4
- data.tar.gz: 3f15bda52a73b7ef212dcc9b47196ca86adf0979
3
+ metadata.gz: eca69bf2b5f130a0afe3ef33193d4ed55c98ca48
4
+ data.tar.gz: f7e4edb6b92df00dda255708107ee0de3a0de30d
5
5
  SHA512:
6
- metadata.gz: c632a1359f36fe0e9595397c7cd4e00210ecd9bb860e6ece61b7ceb6b2a39759d48add5c0ce7a1b67d00565305bc2f28ecb49ff1d5e62092e4f6b2b716e3a38c
7
- data.tar.gz: ac247318fd969ac4fddeb6d1993590847c2d6a83aec9e980a9d1326d4a84e6bb4aa5ad5e923f62353f89a749d68c670db2c7b14bcd4a4341c8b8d7f25321b227
6
+ metadata.gz: 0893ea5ff0f2b8baa7d5e3d68a46ef5c526a21e696d0c57efd99fda7087e68235f7b5a801ca096c1ed1e3703d870d82b8706d8c22af9f5774596dd7c75f02ccd
7
+ data.tar.gz: c713797930216d03b2a137f021782194a42b19cb34c3d60e37eaf125795b9da4753831d8e4b44f22cb59adc56408a4036b87b2383f317607572a2ad86ffe4d35
data/CHANGELOG.md CHANGED
@@ -1,5 +1,10 @@
1
1
  # hash_redactor #
2
2
 
3
+ ## 0.3.1 ##
4
+ * Fixed: nil values caused encryption to fail
5
+ * Added: digest_empty to improve performance on empty strings
6
+ * Changed: Improved performance when encrypt is passed an empty string
7
+
3
8
  ##0.3.0 ##
4
9
  * Added: Whitelist mode (@chrisjensen)
5
10
  * Fixed: redact + decrypt loop specs should check result is not empty (@chrisjensen)
data/README.md CHANGED
@@ -123,7 +123,8 @@ Default options are:
123
123
  encode: true,
124
124
  encode_iv: true,
125
125
  default_encoding: 'm',
126
- filter_mode: :blacklist
126
+ filter_mode: :blacklist,
127
+ digest_empty: true
127
128
  ```
128
129
 
129
130
  ### :digest_salt
@@ -185,6 +186,25 @@ result[:age] # nil (because it wasn't explicitly whitelisted)
185
186
  *Note:* To prevent accidental deletion of digest information during repeated loading and unloading data, the digest of all values is implicitly assumed to be :keep.
186
187
  eg If your redact hash includes `:email => :digest`, it is assumed to also contain `:email_digest => :keep`
187
188
 
189
+ ### digest_empty
190
+ Determines if the empty string or nil should be digested, defaults to true for backwards compatibility.
191
+
192
+ ```
193
+ data = { empty: '', not_a_thing: nil }
194
+
195
+ redactor = HashRedactor::HashRedactor.new({
196
+ :empty => :digest, :not_a_thing => :digest
197
+ })
198
+
199
+ result = redactor.redact(data)
200
+ result[:empty_digest] # some digest
201
+ result[:not_a_thing_digest] # some digest
202
+
203
+ redactor.redact(data, digest_empty: false)
204
+ result[:empty_digest] # ''
205
+ result[:not_a_thing_digest] # nil
206
+ ```
207
+
188
208
  ## Development
189
209
 
190
210
  After checking out the repo, run `bin/setup` to install dependencies. Then, run `bin/console` for an interactive prompt that will allow you to experiment.
data/lib/hash_redactor/hash_redactor.rb CHANGED
@@ -18,7 +18,8 @@ module HashRedactor
18
18
  encode: true,
19
19
  encode_iv: true,
20
20
  default_encoding: 'm',
21
- filter_mode: :blacklist
21
+ filter_mode: :blacklist,
22
+ digest_empty: true
22
23
  }
23
24
  end
24
25
 
@@ -78,8 +79,13 @@ module HashRedactor
78
79
  def digest(hash, hash_key, options)
79
80
  dig_key = digest_key hash_key
80
81
 
81
- hash[dig_key] = Digest::SHA256.base64digest(
82
- hash[hash_key].to_s + options[:digest_salt])
82
+ # Don't digest the value if the user wants empty values to be untouched
83
+ if ((hash[hash_key].to_s != '') || options[:digest_empty])
84
+ hash[dig_key] = Digest::SHA256.base64digest(
85
+ hash[hash_key].to_s + options[:digest_salt])
86
+ else
87
+ hash[dig_key] = hash[hash_key]
88
+ end
83
89
  end
84
90
 
85
91
  def encrypt(hash, hash_key, options)
@@ -92,15 +98,21 @@ module HashRedactor
92
98
  data_key = data_key.to_sym
93
99
  iv_key = iv_key.to_sym
94
100
  end
95
-
96
- crypt_key = options[:encryption_key]
97
- iv = SecureRandom.random_bytes(12)
101
+
102
+ # Don't try to encrypt nil
103
+ if hash[hash_key].nil?
104
+ encrypted_value = nil
105
+ iv = nil
106
+ else
107
+ crypt_key = options[:encryption_key]
108
+ iv = SecureRandom.random_bytes(12)
98
109
 
99
- encrypted_value = EncryptorInterface.encrypt(:data,
100
- hash[hash_key], iv: iv, key: crypt_key)
110
+ encrypted_value = EncryptorInterface.encrypt(:data,
111
+ hash[hash_key], iv: iv, key: crypt_key)
101
112
 
102
- encrypted_value = [encrypted_value].pack(options[:encode]) if options[:encode]
103
- iv = [iv].pack(options[:encode_iv]) if options[:encode_iv]
113
+ encrypted_value = [encrypted_value].pack(options[:encode]) if options[:encode]
114
+ iv = [iv].pack(options[:encode_iv]) if options[:encode_iv]
115
+ end
104
116
 
105
117
  hash[data_key] = encrypted_value
106
118
  hash[iv_key] = iv
@@ -136,21 +148,26 @@ module HashRedactor
136
148
  end
137
149
 
138
150
  if (result.has_key? data_key)
139
- iv = result[iv_key]
140
- crypt_key = options[:encryption_key]
151
+ if result[data_key].nil?
152
+ decrypted_value = nil
153
+ else
154
+ iv = result[iv_key]
155
+ crypt_key = options[:encryption_key]
141
156
 
142
- encrypted_value = result[data_key]
157
+ encrypted_value = result[data_key]
143
158
 
144
- # Decode if necessary
145
- iv = iv.unpack(options[:encode_iv]).first if options[:encode_iv]
146
- encrypted_value = encrypted_value.unpack(options[:encode]).first if options[:encode]
159
+ # Decode if necessary
160
+ iv = iv.unpack(options[:encode_iv]).first if options[:encode_iv]
161
+ encrypted_value = encrypted_value.unpack(options[:encode]).first if options[:encode]
147
162
 
148
- decrypted_value = EncryptorInterface.decrypt(:data, encrypted_value,
149
- iv: iv, key: crypt_key)
163
+ decrypted_value = EncryptorInterface.decrypt(:data, encrypted_value,
164
+ iv: iv, key: crypt_key)
165
+
166
+ result.delete data_key
167
+ result.delete iv_key
168
+ end
150
169
 
151
170
  result[hash_key] = decrypted_value
152
- result.delete data_key
153
- result.delete iv_key
154
171
  end
155
172
  end
156
173
 
data/lib/hash_redactor/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module HashRedactor
2
- VERSION = "0.3.0"
2
+ VERSION = "0.3.1"
3
3
  end
metadata CHANGED
@@ -1,69 +1,69 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hash_redactor
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Jensen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-11 00:00:00.000000000 Z
11
+ date: 2016-07-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: attr_encrypted
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ~>
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: 3.0.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ~>
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: 3.0.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rake
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ~>
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
33
  version: '10.0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ~>
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '10.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ~>
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
47
  version: '2.14'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - ~>
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: '2.14'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: codeclimate-test-reporter
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '>='
59
+ - - ">="
60
60
  - !ruby/object:Gem::Version
61
61
  version: '0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '>='
66
+ - - ">="
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
69
  description: Removes, digests or encrypts selected values in a ruby hash
@@ -73,9 +73,9 @@ executables: []
73
73
  extensions: []
74
74
  extra_rdoc_files: []
75
75
  files:
76
- - .gitignore
77
- - .rspec
78
- - .travis.yml
76
+ - ".gitignore"
77
+ - ".rspec"
78
+ - ".travis.yml"
79
79
  - CHANGELOG.md
80
80
  - CODE_OF_CONDUCT.md
81
81
  - Gemfile
@@ -98,17 +98,17 @@ require_paths:
98
98
  - lib
99
99
  required_ruby_version: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '>='
101
+ - - ">="
102
102
  - !ruby/object:Gem::Version
103
103
  version: '0'
104
104
  required_rubygems_version: !ruby/object:Gem::Requirement
105
105
  requirements:
106
- - - '>='
106
+ - - ">="
107
107
  - !ruby/object:Gem::Version
108
108
  version: '0'
109
109
  requirements: []
110
110
  rubyforge_project:
111
- rubygems_version: 2.4.6
111
+ rubygems_version: 2.4.8
112
112
  signing_key:
113
113
  specification_version: 4
114
114
  summary: Redact specified values in a hash