ore-rs 0.7.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 02706d916a820eb7361f4c683748199fcfa14115b6bf0071b24f9a81ef113705
+  data.tar.gz: 923e4b3dffb8cabebd7a10751c1f6eea508759860fb9360cca36f00674a5b9ef
+SHA512:
+  metadata.gz: 1660b0e1f79dd0af03d2bbc7df6cf0400b23c7a9a065f1a461d38e100571a602464f6390b1d4e781675f35a998680cfc4be2f8d8d3c2505df9a6d05bb90130e8
+  data.tar.gz: eec438c1ffa889c53e76facbcf86103889ed78ecd54183e7a4e5de97ef531c1f92b16f27ad39c78c4a7affc8610805a1e67f740b11cc67eeb09bb68fa37653e8

data/CODEOWNERS

@@ -0,0 +1,2 @@
+*     @cipherstash/ruby
+*.rs  @cipherstash/rust

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,49 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer at team@cipherstash.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an
+incident.
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[http://contributor-covenant.org/version/1/3/0/][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/3/0/

data/CONTRIBUTING.md

@@ -0,0 +1,10 @@
+* If you have found a discrepancy in documented and observed behaviour, that
+  is a bug.  Feel free to [report it as an
+  issue](https://github.com/cipherstash/ruby-ore-rs/issues), providing
+  sufficient detail to reproduce the problem.
+
+* If you would like to add new behaviour, please submit a well-tested and
+  well-documented [pull
+  request](https://github.com/cipherstash/ruby-ore-rs/pulls).
+
+* At all times, abide by the Code of Conduct (CODE_OF_CONDUCT.md).

data/LICENCE

@@ -0,0 +1,124 @@
+CipherStash Client Library Licence Agreement
+
+0. Background
+
+This licence sets out the terms on which you are permitted to use client side
+components of software provided by CipherStash to query encrypted databases
+(CipherStash Client Software).The operation of the CipherStash Client Software
+is dependent on encryption keys generated by server software operated or
+licensed by CipherStash.
+
+1. Definitions
+
+1.1 In these terms the following terms have the following meanings:
+    (a) Authorised Purpose in relation to the CipherStash Source Code has the
+        meaning given to it in clause 2.4;
+    (b) CipherStash Source Code means human readable code of the CipherStash
+        Client Software;
+    (c) CipherStash Executable means the machine executable code of the
+        CipherStash Client Software as made available by CipherStash from
+        time to time;
+    (d) CipherStash Client Software has the meaning given to it in the
+        Background;
+    (e) Licensed Query means a query on a database that:
+        (i)  uses an encryption key generated by a key server operated or
+             licensed by CipherStash for all encryption of the content of that
+             query or of results returned in response to that query (excluding
+             encryption in the transport layer for communications between
+             servers); and
+        (ii) uses a valid token provided by CipherStash in the course of
+             acquiring the key referred to in the previous paragraph;
+    (f) Your Applications means applications that you create that rely on any
+        part of the CipherStash Client Software in the course of their
+        operation.
+1.2 In these terms, unless the context requires otherwise, references to:
+    (a) encryption includes decryption;
+    (b) keys are references to data used for encryption, not data indicating a
+        row in a database table.
+
+2. Grant of Licence
+
+2.1 This licence permits you to do the following in relation to the CipherStash
+    Client Software:
+    (a) use the CipherStash Executables in the course of developing and testing
+        Your Applications;
+    (b) deploy and use copies of the CipherStash Executables for the purpose of
+        executing Licensed Queries, including as part of one or more of Your
+        Applications; and
+    (c) use the CipherStash Source Code solely for an Authorised Purpose.
+2.2 Subject to clause 2.4(c), you must not make any modifications to the
+    CipherStash Client Software.
+2.3 This licence specifically excludes any use of any part of the CipherStash
+    Client Software to execute any queries other than Licensed Queries on any
+    database.
+2.4 CipherStash makes the CipherStash Source Code available for the sole purpose
+    of allowing third parties to verify the operation, integrity and security
+    of the CipherStash Client Software (Authorised Purpose). This licence
+    permits you to do the following solely for an Authorised Purpose:
+    (a) download and review the CipherStash Source Code;
+    (b) build executable versions of the CipherStash Source Code to verify
+        correspondence between it and its associated CipherStash Executable;
+    (c) make configuration changes to the CipherStash Source Code solely to the
+        extent necessary to build a working executable version under paragraph
+        (b).
+
+3. Warranties and Liability
+
+3.1 To the extent permitted by law, CipherStash excludes all warranties,
+    guarantees and conditions that would otherwise be implied into this
+    agreement by law. Where CipherStash is not able to exclude such a warranty,
+    guarantee or condition, CipherStash limits, to the extent permitted by law,
+    its liability for a breach of that warranty, guarantee or condition to one
+    or more of the following at its option:
+    (a) in the case of goods, any one or more of the following:
+        (i)   the replacement of the goods or the supply of equivalent goods;
+        (ii)  the repair of the goods;
+        (iii) the payment of the cost of replacing the goods or of acquiring
+              equivalent goods;
+        (iv)  the payment of the cost of having the goods repaired; and
+    (b) in the case of services:
+        (i) the supplying of the services again; or
+        (ii) the payment of the cost of having the services supplied again.
+3.2 CipherStash has no liability to any person arising under or in relation to
+    this agreement (whether in tort, contract, equity or otherwise) for any
+    loss in the nature of consequential or economic loss. In particular,
+    CipherStash has no liability to any person for any: lost profits; loss of
+    savings, income or revenue; revenue not meeting targets or certain levels;
+    uptime or availability of internet connectivity or of the ability of third
+    parties to access a website, loss of opportunity; or loss of or corruption
+    of data. The exclusions in this clause 3.2 apply even in respect of loss or
+    damage that was foreseeable or about which either or both of the parties
+    were aware was likely to arise.
+
+4. Dispute Resolution
+
+4.1 Prior to commencing any action in any court or any action in any other form
+    of judicial or quasi-judicial forum you must comply with the requirements
+    of this clause 4.
+4.2 Where you believe there is a dispute between you and CipherStash in respect
+    of a matter the subject of this agreement you must notify CipherStash in
+    writing of the nature of that dispute and for a period of 120 days
+    following CipherStash’s receipt of that notification, make reasonable
+    attempts to resolve that dispute with CipherStash.
+
+5. General and Interpretation
+
+5.1 Except where expressly set out to the contrary, nothing in this agreement
+    grants the Customer any rights over any intellectual property rights
+    (including copyright, patents, and rights to the registration of such
+    rights) held by CipherStash at any time.
+5.2 No provision of this agreement may be construed against a party because
+    that party drafted that term.
+5.3 A waiver of rights under this agreement can only occur in writing signed by
+    the party granting the waiver. Except to the extent set out in the waiver,
+    a waiver is only effective in relation to the specific facts and rights set
+    out in it and does not operate to waive any other rights or to waive the
+    same rights in respect of different facts or circumstances.
+5.4 Where a part of this agreement is held by a court to be illegal or
+    otherwise unenforceable, and the unenforceability of that part does not
+    substantially alter the character of the bargain that would have been in
+    existence between the parties had that part been enforceable, that part is
+    severed and the balance of this agreement will continue unaffected.
+5.5 This contract is governed by the laws in force in the State of New South
+    Wales, Australia. Each party submits to the non-exclusive jurisdiction of
+    the courts of that State.

data/README.md

@@ -0,0 +1,72 @@
+Ruby bindings for the [ore.rs](https://github.com/cipherstash/ore.rs) Order-Revealing Encryption Rust library.
+
+
+# Installation
+
+For the most common platforms, we provide "native" gems (which have the shared
+object that provides the cryptographic primitives pre-compiled).  At present,
+we provide native gems for:
+
+* Linux `x86_64` and `aarch64`
+* macOS `x86_64` and `arm64`
+
+On these platforms, you can just install the `ore-rs` gem via your preferred
+method, and it should "just work".  If it doesn't, please [report that as a
+bug](https://github.com/cipherstash/ruby-ore-rs/issues).
+
+For other platforms, you will need to install the source gem, which requires
+that you have Rust 1.57.0 or later installed.  On ARM-based platforms, you must
+use Rust nightly, for SIMD intrinsics support.
+
+## Installing from Git
+
+If you have a burning need to install directly from a checkout of the git
+repository, you can do so by running `bundle install && rake install`.  As this
+is a source-based installation, you will need to have Rust installed, as
+described above.
+
+
+# Usage
+
+First off, load the library:
+
+```ruby
+require "ore-rs"
+```
+
+Then create a new encryptor:
+
+```ruby
+enc = ORE::AES128.new(key1, key2, 64, 8)
+```
+
+Encrypt a couple of ciphertexts:
+
+```ruby
+ct1 = enc.encrypt(42)
+ct2 = enc.encrypt(420)
+```
+
+Finally, compare them:
+
+```ruby
+ct1 < ct2   # => true
+ct1 > ct2   # => false
+```
+
+If you need to store a ciphertext, you can turn it into a binary string:
+
+```ruby
+File.write("/tmp/ciphertext", ct1.to_s)
+```
+
+To turn a binary string back into a ciphertext, just create a new ciphertext with it:
+
+```ruby
+ct3 = ORE::AES128::Ciphertext.new(File.binread("/tmp/ciphertext"), 8)
+```
+
+
+# Contributing
+
+Please see [CONTRIBUTING.md](CONTRIBUTING.md).

data/ext/ore_rs/.gitignore

@@ -0,0 +1,4 @@
+/target
+# Cargo.lock is deliberately *not* ignored; despite *technically* being a
+# library package, it is not a Rust library that is built into other projects,
+# but rather a standalone binary object that should be built reproducibly.