hash_redactor 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/hash_redactor/hash_redactor.rb +63 -38
- data/lib/hash_redactor/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 21c05c3393cf49eaf7ebd8b45b872724bbb2344c
|
|
4
|
+
data.tar.gz: 11cf069f14be218a178bebb0acb646f0d293b4d1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cfb79ccabcef173c20cdaa045ae685215890df0559276f0915387abaa203088fd834d87d4c0973e8123466de8264fa0482d547b8f969722e90442da2b8e90645
|
|
7
|
+
data.tar.gz: 840f2ce58bec117ec31afebf3bc91f6001eb4647c400d8f2a724caea4349c7da8182dcd9ecb1ee39b66b33c85564f3cd6c7503111835b7ebec3ed4b6e1edf3fe
|
data/CHANGELOG.md
CHANGED
|
@@ -41,27 +41,11 @@ module HashRedactor
|
|
|
41
41
|
when :remove
|
|
42
42
|
nil
|
|
43
43
|
when :digest
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
result[result_key] = Digest::SHA256.base64digest(
|
|
47
|
-
result[hash_key].to_s + options[:digest_salt])
|
|
44
|
+
digest(result, hash_key, options)
|
|
48
45
|
when :encrypt
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
crypt_key = options[:encryption_key]
|
|
52
|
-
iv = SecureRandom.random_bytes(12)
|
|
53
|
-
data_key = ('encrypted_' + hash_key.to_s).to_sym
|
|
54
|
-
iv_key = ('encrypted_' + hash_key.to_s + '_iv').to_sym
|
|
55
|
-
|
|
56
|
-
encrypted_value = EncryptorInterface.encrypt(:data, result[hash_key], iv: iv, key: crypt_key)
|
|
57
|
-
|
|
58
|
-
encrypted_value = [encrypted_value].pack(options[:encode]) if options[:encode]
|
|
59
|
-
iv = [iv].pack(options[:encode_iv]) if options[:encode_iv]
|
|
60
|
-
|
|
61
|
-
result[data_key] = encrypted_value
|
|
62
|
-
result[iv_key] = iv
|
|
46
|
+
encrypt(result, hash_key, options)
|
|
63
47
|
else
|
|
64
|
-
raise "redact called with unknown operation on #{hash_key
|
|
48
|
+
raise "redact called with unknown operation on #{hash_key}: #{how}"
|
|
65
49
|
end
|
|
66
50
|
|
|
67
51
|
result.delete hash_key
|
|
@@ -70,6 +54,38 @@ module HashRedactor
|
|
|
70
54
|
|
|
71
55
|
result
|
|
72
56
|
end
|
|
57
|
+
|
|
58
|
+
def digest(hash, hash_key, options)
|
|
59
|
+
digest_key = hash_key.to_s + '_digest'
|
|
60
|
+
digest_key = digest_key.to_sym if hash_key.is_a? Symbol
|
|
61
|
+
|
|
62
|
+
hash[digest_key] = Digest::SHA256.base64digest(
|
|
63
|
+
hash[hash_key].to_s + options[:digest_salt])
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def encrypt(hash, hash_key, options)
|
|
67
|
+
raise "No encryption key specified. Please pass :encryption_key in options to new or redact" unless options[:encryption_key]
|
|
68
|
+
|
|
69
|
+
data_key = 'encrypted_' + hash_key.to_s
|
|
70
|
+
iv_key = 'encrypted_' + hash_key.to_s + '_iv'
|
|
71
|
+
|
|
72
|
+
if hash_key.is_a? Symbol
|
|
73
|
+
data_key = data_key.to_sym
|
|
74
|
+
iv_key = iv_key.to_sym
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
crypt_key = options[:encryption_key]
|
|
78
|
+
iv = SecureRandom.random_bytes(12)
|
|
79
|
+
|
|
80
|
+
encrypted_value = EncryptorInterface.encrypt(:data,
|
|
81
|
+
hash[hash_key], iv: iv, key: crypt_key)
|
|
82
|
+
|
|
83
|
+
encrypted_value = [encrypted_value].pack(options[:encode]) if options[:encode]
|
|
84
|
+
iv = [iv].pack(options[:encode_iv]) if options[:encode_iv]
|
|
85
|
+
|
|
86
|
+
hash[data_key] = encrypted_value
|
|
87
|
+
hash[iv_key] = iv
|
|
88
|
+
end
|
|
73
89
|
|
|
74
90
|
def decrypt(data, opts = {})
|
|
75
91
|
options = @options.merge opts
|
|
@@ -84,30 +100,39 @@ module HashRedactor
|
|
|
84
100
|
|
|
85
101
|
redact_hash.each do |hash_key,how|
|
|
86
102
|
if (how == :encrypt)
|
|
87
|
-
|
|
88
|
-
|
|
103
|
+
decrypt_value(result, hash_key, options)
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
result
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
def decrypt_value(result, hash_key, options)
|
|
111
|
+
data_key = 'encrypted_' + hash_key.to_s
|
|
112
|
+
iv_key = 'encrypted_' + hash_key.to_s + '_iv'
|
|
113
|
+
|
|
114
|
+
if hash_key.is_a? Symbol
|
|
115
|
+
data_key = data_key.to_sym
|
|
116
|
+
iv_key = iv_key.to_sym
|
|
117
|
+
end
|
|
89
118
|
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
119
|
+
if (result.has_key? data_key)
|
|
120
|
+
iv = result[iv_key]
|
|
121
|
+
crypt_key = options[:encryption_key]
|
|
93
122
|
|
|
94
|
-
|
|
123
|
+
encrypted_value = result[data_key]
|
|
95
124
|
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
125
|
+
# Decode if necessary
|
|
126
|
+
iv = iv.unpack(options[:encode_iv]).first if options[:encode_iv]
|
|
127
|
+
encrypted_value = encrypted_value.unpack(options[:encode]).first if options[:encode]
|
|
99
128
|
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
end
|
|
107
|
-
end
|
|
129
|
+
decrypted_value = EncryptorInterface.decrypt(:data, encrypted_value,
|
|
130
|
+
iv: iv, key: crypt_key)
|
|
131
|
+
|
|
132
|
+
result[hash_key] = decrypted_value
|
|
133
|
+
result.delete data_key
|
|
134
|
+
result.delete iv_key
|
|
108
135
|
end
|
|
109
|
-
|
|
110
|
-
result
|
|
111
136
|
end
|
|
112
137
|
end
|
|
113
138
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hash_redactor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Jensen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-07-
|
|
11
|
+
date: 2016-07-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: attr_encrypted
|