mongoid-kms 0.0.25 → 0.0.26
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mongoid/kms/version.rb +1 -1
- data/lib/mongoid/kms.rb +7 -4
- data/spec/lib/mongoid/kms_spec.rb +6 -6
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0b721f1617dbd2a4c8b99a82f4f0dd5a9ab1aa91
|
4
|
+
data.tar.gz: 8751a588d3a45ea1a10c1fa5abd0d9e6ba0e1881
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e0dd1407b688f8cb6ceffa37228d4d0f3ab7868f6e9b35080c9ff21b9fb2f6ee4506f0b81d6fc5573503212f0ec0048bc76049eeca95e53716a3c9d74c9d66ea
|
7
|
+
data.tar.gz: 9ec33a149e4d181a87556b9a0d7f42df1ee472e3f1dfff901e05ee3f5750b4fb8adef52d85a89ee2623857bb9a8e579ed4e263e23cc67641d85c3c42c1172029
|
data/lib/mongoid/kms/version.rb
CHANGED
data/lib/mongoid/kms.rb
CHANGED
@@ -58,7 +58,9 @@ module Mongoid
|
|
58
58
|
encrypted_field_name = self.class.get_encrypted_field_name(field_name)
|
59
59
|
|
60
60
|
if instance_variable_get("@#{field_name}").nil? && kms_context_value_changed?(field_name)
|
61
|
-
|
61
|
+
raw = self.send(encrypted_field_name)
|
62
|
+
raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary)
|
63
|
+
value = self.class.decrypt_field(self, field_name, raw, self.class.kms_context_was(self, field_name))
|
62
64
|
else
|
63
65
|
value = send("#{field_name}")
|
64
66
|
end
|
@@ -66,7 +68,7 @@ module Mongoid
|
|
66
68
|
if value.nil?
|
67
69
|
self.send("#{encrypted_field_name}=", nil)
|
68
70
|
else
|
69
|
-
self.send("#{encrypted_field_name}=", self.class.encrypt_field(self, field_name, value))
|
71
|
+
self.send("#{encrypted_field_name}=", Mongoid::Kms.bson_class::Binary.new(self.class.encrypt_field(self, field_name, value)))
|
70
72
|
end
|
71
73
|
end
|
72
74
|
end
|
@@ -88,7 +90,7 @@ module Mongoid
|
|
88
90
|
key_id: Mongoid::Kms.key,
|
89
91
|
plaintext: value,
|
90
92
|
encryption_context: kms_context(object, field_name)
|
91
|
-
})[:ciphertext_blob]
|
93
|
+
})[:ciphertext_blob]
|
92
94
|
end
|
93
95
|
|
94
96
|
def decrypt_field(object, field_name, data, encryption_context = nil)
|
@@ -152,11 +154,12 @@ module Mongoid
|
|
152
154
|
define_method(field_name) do
|
153
155
|
instance_variable_get("@#{field_name}") || begin
|
154
156
|
raw = send("kms_secure_#{field_name}")
|
157
|
+
raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary)
|
155
158
|
|
156
159
|
if raw.nil?
|
157
160
|
raw
|
158
161
|
else
|
159
|
-
v =
|
162
|
+
v = self.class.decrypt_field(self, field_name, raw)
|
160
163
|
instance_variable_set("@#{field_name}", v)
|
161
164
|
v
|
162
165
|
end
|
@@ -15,7 +15,7 @@ describe Mongoid::Kms do
|
|
15
15
|
o.save!
|
16
16
|
|
17
17
|
o = MyClass.find(o.id)
|
18
|
-
expect(o.secure).to eq(
|
18
|
+
expect(o.secure).to eq("batman")
|
19
19
|
expect(o.unsecure).to eq("robin")
|
20
20
|
end
|
21
21
|
|
@@ -24,7 +24,7 @@ describe Mongoid::Kms do
|
|
24
24
|
o.save!
|
25
25
|
|
26
26
|
o = OtherClass.find(o.id)
|
27
|
-
expect(o.super_secure).to eq(
|
27
|
+
expect(o.super_secure).to eq("joker")
|
28
28
|
expect(o.unsecure).to eq("pengiun")
|
29
29
|
end
|
30
30
|
|
@@ -37,7 +37,7 @@ describe Mongoid::Kms do
|
|
37
37
|
o.save!
|
38
38
|
|
39
39
|
o = MyClass.find(o.id)
|
40
|
-
expect(o.secure).to eq(
|
40
|
+
expect(o.secure).to eq("other")
|
41
41
|
end
|
42
42
|
|
43
43
|
it "updates properly" do
|
@@ -49,7 +49,7 @@ describe Mongoid::Kms do
|
|
49
49
|
o.save!
|
50
50
|
|
51
51
|
o = MyClass.find(o.id)
|
52
|
-
expect(o.secure).to eq(
|
52
|
+
expect(o.secure).to eq("salted-other")
|
53
53
|
end
|
54
54
|
|
55
55
|
it "handles a class without context" do
|
@@ -57,7 +57,7 @@ describe Mongoid::Kms do
|
|
57
57
|
o.save!
|
58
58
|
|
59
59
|
o = MyClass.find(o.id)
|
60
|
-
expect(o.secure).to eq(
|
60
|
+
expect(o.secure).to eq("bla")
|
61
61
|
end
|
62
62
|
|
63
63
|
it "fails to configure without a region" do
|
@@ -69,7 +69,7 @@ describe Mongoid::Kms do
|
|
69
69
|
o.save!
|
70
70
|
|
71
71
|
o = ExtendedClass.find(o.id)
|
72
|
-
expect(o.additional_secure).to eq(
|
72
|
+
expect(o.additional_secure).to eq("wha!")
|
73
73
|
o.test_hash_crash
|
74
74
|
end
|
75
75
|
|