pod4 0.10.3 → 0.10.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.hgtags +1 -0
- data/lib/pod4/encrypting.rb +40 -18
- data/lib/pod4/version.rb +1 -1
- data/spec/common/model_plus_encrypting_spec.rb +34 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 630728075021ff016e6ead3d63c58806821bc3ce
|
|
4
|
+
data.tar.gz: 8545dc27e2f1f73a7fd4bc0589d4f751a44d3811
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b93e6dc86f29c31acca757cb64392a23b406829f033e6db3a4c0158e951ce258a5abe874d6f6f3f393b03afc84b0a8d3db461d0fdf6e189cee545c201adc8d41
|
|
7
|
+
data.tar.gz: f07ac222e7260b0fd94669640fc519a14604779982d659333da5de52577e590cf811665645fd2192ec277b80d56765ac35e57e1689c5dec21c27c712d58b6f02
|
data/.hgtags
CHANGED
data/lib/pod4/encrypting.rb
CHANGED
|
@@ -75,6 +75,10 @@ module Pod4
|
|
|
75
75
|
#
|
|
76
76
|
# * `encryption_iv` returns the value of the IV column of the record, whatever it is.
|
|
77
77
|
#
|
|
78
|
+
# * `encrypt` and `decrypt` allow you to transform arbitrary text in a manner compatible with the
|
|
79
|
+
# model -- for example, if you removed a column from `encrypted_columns`, you could do a
|
|
80
|
+
# one-time decrypt of your data.
|
|
81
|
+
#
|
|
78
82
|
# Notes
|
|
79
83
|
# -----
|
|
80
84
|
#
|
|
@@ -135,12 +139,11 @@ module Pod4
|
|
|
135
139
|
hash = super.to_h
|
|
136
140
|
cipher = get_cipher(:encrypt)
|
|
137
141
|
|
|
138
|
-
#
|
|
139
|
-
#
|
|
140
|
-
if use_iv?
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
hash[self.class.encryption_iv_column] = Base64.strict_encode64(iv)
|
|
142
|
+
# Each time we write, we set a new IV. We must also set it on the hash to go to the
|
|
143
|
+
# interface, where it must be base64 encoded, just like the encrypted columns.
|
|
144
|
+
if use_iv?
|
|
145
|
+
set_encryption_iv( cipher.random_iv )
|
|
146
|
+
hash[self.class.encryption_iv_column] = Base64.strict_encode64(encryption_iv)
|
|
144
147
|
end
|
|
145
148
|
|
|
146
149
|
self.class.encryption_columns.each do |col|
|
|
@@ -157,10 +160,9 @@ module Pod4
|
|
|
157
160
|
hash = ot.to_h
|
|
158
161
|
cipher = get_cipher(:decrypt)
|
|
159
162
|
|
|
160
|
-
# The IV is not in columns, we need to de-base-64 it and set it on the model
|
|
161
|
-
if use_iv?
|
|
162
|
-
|
|
163
|
-
set_encryption_iv(iv)
|
|
163
|
+
# The IV column is not in columns, so we need to de-base-64 it and set it on the model here
|
|
164
|
+
if use_iv? && (iv64 = hash[self.class.encryption_iv_column])
|
|
165
|
+
set_encryption_iv Base64.strict_decode64(iv64)
|
|
164
166
|
end
|
|
165
167
|
|
|
166
168
|
self.class.encryption_columns.each do |col|
|
|
@@ -178,6 +180,24 @@ module Pod4
|
|
|
178
180
|
instance_variable_get( "@#{self.class.encryption_iv_column}".to_sym )
|
|
179
181
|
end
|
|
180
182
|
|
|
183
|
+
##
|
|
184
|
+
# Public facing manual encryption, compatible with the current model
|
|
185
|
+
#
|
|
186
|
+
def encrypt(string)
|
|
187
|
+
cipher = get_cipher(:encrypt)
|
|
188
|
+
iv = use_iv? ? encryption_iv : nil
|
|
189
|
+
crypt(cipher, :encrypt, iv, string)
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
##
|
|
193
|
+
# Public facing manual decryption, compatible with the current model
|
|
194
|
+
#
|
|
195
|
+
def decrypt(string)
|
|
196
|
+
cipher = get_cipher(:decrypt)
|
|
197
|
+
iv = use_iv? ? encryption_iv : nil
|
|
198
|
+
crypt(cipher, :decrypt, iv, string)
|
|
199
|
+
end
|
|
200
|
+
|
|
181
201
|
private
|
|
182
202
|
|
|
183
203
|
##
|
|
@@ -219,14 +239,16 @@ module Pod4
|
|
|
219
239
|
cipher.key = self.class.encryption_key
|
|
220
240
|
cipher.iv = iv if use_iv?
|
|
221
241
|
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
242
|
+
case direction
|
|
243
|
+
when :encrypt
|
|
244
|
+
answer = string.to_s.empty? ? "" : cipher.update(string.to_s)
|
|
245
|
+
answer << cipher.final
|
|
246
|
+
Base64.strict_encode64(answer)
|
|
247
|
+
|
|
248
|
+
when :decrypt
|
|
249
|
+
answer = Base64.strict_decode64(string.to_s)
|
|
250
|
+
cipher.update(answer) + cipher.final
|
|
251
|
+
end
|
|
230
252
|
|
|
231
253
|
rescue OpenSSL::Cipher::CipherError
|
|
232
254
|
raise Pod4::Pod4Error, $!
|
data/lib/pod4/version.rb
CHANGED
|
@@ -229,7 +229,7 @@ describe "(Model with Encryption)" do
|
|
|
229
229
|
expect( d.heading ).to eq "fred"
|
|
230
230
|
expect( d.text ).to eq "sore toe"
|
|
231
231
|
end
|
|
232
|
-
|
|
232
|
+
|
|
233
233
|
end
|
|
234
234
|
|
|
235
235
|
context "when we have an IV column" do
|
|
@@ -249,6 +249,24 @@ describe "(Model with Encryption)" do
|
|
|
249
249
|
expect( m.prescription ).to eq "suck thumb"
|
|
250
250
|
end
|
|
251
251
|
|
|
252
|
+
it "handles the case of a record with no IV (not encrypted)" do
|
|
253
|
+
ot = Octothorpe.new( id: 80,
|
|
254
|
+
nhs_no: "abc",
|
|
255
|
+
name: "sally",
|
|
256
|
+
ailment: "short-sighted",
|
|
257
|
+
prescription: "glasses",
|
|
258
|
+
nonce: nil )
|
|
259
|
+
|
|
260
|
+
m80 = medical_model_class.new(80)
|
|
261
|
+
allow( m80.interface ).to receive(:read).with(80).and_return(ot)
|
|
262
|
+
|
|
263
|
+
m80.read
|
|
264
|
+
expect( m80.nhs_no ).to eq "abc"
|
|
265
|
+
expect( m80.name ).to eq "sally"
|
|
266
|
+
expect( m80.ailment ).to eq "short-sighted"
|
|
267
|
+
expect( m80.prescription ).to eq "glasses"
|
|
268
|
+
end
|
|
269
|
+
|
|
252
270
|
end
|
|
253
271
|
|
|
254
272
|
end # of (reading a record)
|
|
@@ -294,6 +312,21 @@ describe "(Model with Encryption)" do
|
|
|
294
312
|
end # of Model#encryption_iv
|
|
295
313
|
|
|
296
314
|
|
|
315
|
+
describe "Model#encrypt & Model#decrypt" do
|
|
316
|
+
|
|
317
|
+
it "encrypts and decrypts when the model has no IV" do
|
|
318
|
+
d = diary_model_class.new
|
|
319
|
+
expect( d.decrypt(d.encrypt "foobar123") ).to eq "foobar123"
|
|
320
|
+
end
|
|
321
|
+
|
|
322
|
+
it "encrypts and decrypts when the model has IV" do
|
|
323
|
+
m = medical_model_class.new
|
|
324
|
+
expect( m.decrypt(m.encrypt "plonkplink987") ).to eq "plonkplink987"
|
|
325
|
+
end
|
|
326
|
+
|
|
327
|
+
end # of Model#encrypt & Model#decrypt
|
|
328
|
+
|
|
329
|
+
|
|
297
330
|
describe "Model#map_to_interface" do
|
|
298
331
|
|
|
299
332
|
it "raises Pod4Error if there is an encryption problem, eg, key too short" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pod4
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.10.
|
|
4
|
+
version: 0.10.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andy Jones
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-06-
|
|
11
|
+
date: 2018-06-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devnull
|