pod4 0.10.3 → 0.10.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.hgtags +1 -0
- data/lib/pod4/encrypting.rb +40 -18
- data/lib/pod4/version.rb +1 -1
- data/spec/common/model_plus_encrypting_spec.rb +34 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 630728075021ff016e6ead3d63c58806821bc3ce
|
|
4
|
+
data.tar.gz: 8545dc27e2f1f73a7fd4bc0589d4f751a44d3811
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b93e6dc86f29c31acca757cb64392a23b406829f033e6db3a4c0158e951ce258a5abe874d6f6f3f393b03afc84b0a8d3db461d0fdf6e189cee545c201adc8d41
|
|
7
|
+
data.tar.gz: f07ac222e7260b0fd94669640fc519a14604779982d659333da5de52577e590cf811665645fd2192ec277b80d56765ac35e57e1689c5dec21c27c712d58b6f02
|
data/.hgtags
CHANGED
data/lib/pod4/encrypting.rb
CHANGED
|
@@ -75,6 +75,10 @@ module Pod4
|
|
|
75
75
|
#
|
|
76
76
|
# * `encryption_iv` returns the value of the IV column of the record, whatever it is.
|
|
77
77
|
#
|
|
78
|
+
# * `encrypt` and `decrypt` allow you to transform arbitrary text in a manner compatible with the
|
|
79
|
+
# model -- for example, if you removed a column from `encrypted_columns`, you could do a
|
|
80
|
+
# one-time decrypt of your data.
|
|
81
|
+
#
|
|
78
82
|
# Notes
|
|
79
83
|
# -----
|
|
80
84
|
#
|
|
@@ -135,12 +139,11 @@ module Pod4
|
|
|
135
139
|
hash = super.to_h
|
|
136
140
|
cipher = get_cipher(:encrypt)
|
|
137
141
|
|
|
138
|
-
#
|
|
139
|
-
#
|
|
140
|
-
if use_iv?
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
hash[self.class.encryption_iv_column] = Base64.strict_encode64(iv)
|
|
142
|
+
# Each time we write, we set a new IV. We must also set it on the hash to go to the
|
|
143
|
+
# interface, where it must be base64 encoded, just like the encrypted columns.
|
|
144
|
+
if use_iv?
|
|
145
|
+
set_encryption_iv( cipher.random_iv )
|
|
146
|
+
hash[self.class.encryption_iv_column] = Base64.strict_encode64(encryption_iv)
|
|
144
147
|
end
|
|
145
148
|
|
|
146
149
|
self.class.encryption_columns.each do |col|
|
|
@@ -157,10 +160,9 @@ module Pod4
|
|
|
157
160
|
hash = ot.to_h
|
|
158
161
|
cipher = get_cipher(:decrypt)
|
|
159
162
|
|
|
160
|
-
# The IV is not in columns, we need to de-base-64 it and set it on the model
|
|
161
|
-
if use_iv?
|
|
162
|
-
|
|
163
|
-
set_encryption_iv(iv)
|
|
163
|
+
# The IV column is not in columns, so we need to de-base-64 it and set it on the model here
|
|
164
|
+
if use_iv? && (iv64 = hash[self.class.encryption_iv_column])
|
|
165
|
+
set_encryption_iv Base64.strict_decode64(iv64)
|
|
164
166
|
end
|
|
165
167
|
|
|
166
168
|
self.class.encryption_columns.each do |col|
|
|
@@ -178,6 +180,24 @@ module Pod4
|
|
|
178
180
|
instance_variable_get( "@#{self.class.encryption_iv_column}".to_sym )
|
|
179
181
|
end
|
|
180
182
|
|
|
183
|
+
##
|
|
184
|
+
# Public facing manual encryption, compatible with the current model
|
|
185
|
+
#
|
|
186
|
+
def encrypt(string)
|
|
187
|
+
cipher = get_cipher(:encrypt)
|
|
188
|
+
iv = use_iv? ? encryption_iv : nil
|
|
189
|
+
crypt(cipher, :encrypt, iv, string)
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
##
|
|
193
|
+
# Public facing manual decryption, compatible with the current model
|
|
194
|
+
#
|
|
195
|
+
def decrypt(string)
|
|
196
|
+
cipher = get_cipher(:decrypt)
|
|
197
|
+
iv = use_iv? ? encryption_iv : nil
|
|
198
|
+
crypt(cipher, :decrypt, iv, string)
|
|
199
|
+
end
|
|
200
|
+
|
|
181
201
|
private
|
|
182
202
|
|
|
183
203
|
##
|
|
@@ -219,14 +239,16 @@ module Pod4
|
|
|
219
239
|
cipher.key = self.class.encryption_key
|
|
220
240
|
cipher.iv = iv if use_iv?
|
|
221
241
|
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
242
|
+
case direction
|
|
243
|
+
when :encrypt
|
|
244
|
+
answer = string.to_s.empty? ? "" : cipher.update(string.to_s)
|
|
245
|
+
answer << cipher.final
|
|
246
|
+
Base64.strict_encode64(answer)
|
|
247
|
+
|
|
248
|
+
when :decrypt
|
|
249
|
+
answer = Base64.strict_decode64(string.to_s)
|
|
250
|
+
cipher.update(answer) + cipher.final
|
|
251
|
+
end
|
|
230
252
|
|
|
231
253
|
rescue OpenSSL::Cipher::CipherError
|
|
232
254
|
raise Pod4::Pod4Error, $!
|
data/lib/pod4/version.rb
CHANGED
|
@@ -229,7 +229,7 @@ describe "(Model with Encryption)" do
|
|
|
229
229
|
expect( d.heading ).to eq "fred"
|
|
230
230
|
expect( d.text ).to eq "sore toe"
|
|
231
231
|
end
|
|
232
|
-
|
|
232
|
+
|
|
233
233
|
end
|
|
234
234
|
|
|
235
235
|
context "when we have an IV column" do
|
|
@@ -249,6 +249,24 @@ describe "(Model with Encryption)" do
|
|
|
249
249
|
expect( m.prescription ).to eq "suck thumb"
|
|
250
250
|
end
|
|
251
251
|
|
|
252
|
+
it "handles the case of a record with no IV (not encrypted)" do
|
|
253
|
+
ot = Octothorpe.new( id: 80,
|
|
254
|
+
nhs_no: "abc",
|
|
255
|
+
name: "sally",
|
|
256
|
+
ailment: "short-sighted",
|
|
257
|
+
prescription: "glasses",
|
|
258
|
+
nonce: nil )
|
|
259
|
+
|
|
260
|
+
m80 = medical_model_class.new(80)
|
|
261
|
+
allow( m80.interface ).to receive(:read).with(80).and_return(ot)
|
|
262
|
+
|
|
263
|
+
m80.read
|
|
264
|
+
expect( m80.nhs_no ).to eq "abc"
|
|
265
|
+
expect( m80.name ).to eq "sally"
|
|
266
|
+
expect( m80.ailment ).to eq "short-sighted"
|
|
267
|
+
expect( m80.prescription ).to eq "glasses"
|
|
268
|
+
end
|
|
269
|
+
|
|
252
270
|
end
|
|
253
271
|
|
|
254
272
|
end # of (reading a record)
|
|
@@ -294,6 +312,21 @@ describe "(Model with Encryption)" do
|
|
|
294
312
|
end # of Model#encryption_iv
|
|
295
313
|
|
|
296
314
|
|
|
315
|
+
describe "Model#encrypt & Model#decrypt" do
|
|
316
|
+
|
|
317
|
+
it "encrypts and decrypts when the model has no IV" do
|
|
318
|
+
d = diary_model_class.new
|
|
319
|
+
expect( d.decrypt(d.encrypt "foobar123") ).to eq "foobar123"
|
|
320
|
+
end
|
|
321
|
+
|
|
322
|
+
it "encrypts and decrypts when the model has IV" do
|
|
323
|
+
m = medical_model_class.new
|
|
324
|
+
expect( m.decrypt(m.encrypt "plonkplink987") ).to eq "plonkplink987"
|
|
325
|
+
end
|
|
326
|
+
|
|
327
|
+
end # of Model#encrypt & Model#decrypt
|
|
328
|
+
|
|
329
|
+
|
|
297
330
|
describe "Model#map_to_interface" do
|
|
298
331
|
|
|
299
332
|
it "raises Pod4Error if there is an encryption problem, eg, key too short" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pod4
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.10.
|
|
4
|
+
version: 0.10.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andy Jones
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-06-
|
|
11
|
+
date: 2018-06-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devnull
|