porky_lib 0.1.4 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -4
- data/lib/porky_lib/symmetric.rb +0 -10
- data/lib/porky_lib/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ea558fc6faee130daa48e2d3c5bec7d0803773c
|
|
4
|
+
data.tar.gz: 0de735f7b91d041d9522cb37ff19f35df1cdbb3a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 61a58989c93c0ae920e22dd4c05f1ed8385d51c6702ae862450ae37da5f3c5d62f28ba5b133b078b44283810633e5c6f018e7f8fcc9a532fe1dfa078f1787a7d
|
|
7
|
+
data.tar.gz: 41e1b3b123a21340c2005e7183a487f47fe31a3b031095b18682cd342cefae2e71d8c9db07dde98f2da37c5f1f3509a0e2270447732c4ff7b88ee20689489292
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
porky_lib (0.1.
|
|
4
|
+
porky_lib (0.1.5)
|
|
5
5
|
aws-sdk-kms
|
|
6
6
|
msgpack
|
|
7
7
|
rbnacl-libsodium
|
|
@@ -11,8 +11,8 @@ GEM
|
|
|
11
11
|
specs:
|
|
12
12
|
ast (2.4.0)
|
|
13
13
|
aws-eventstream (1.0.1)
|
|
14
|
-
aws-partitions (1.
|
|
15
|
-
aws-sdk-core (3.
|
|
14
|
+
aws-partitions (1.102.0)
|
|
15
|
+
aws-sdk-core (3.25.0)
|
|
16
16
|
aws-eventstream (~> 1.0)
|
|
17
17
|
aws-partitions (~> 1.0)
|
|
18
18
|
aws-sigv4 (~> 1.0)
|
|
@@ -106,4 +106,4 @@ DEPENDENCIES
|
|
|
106
106
|
timecop
|
|
107
107
|
|
|
108
108
|
BUNDLED WITH
|
|
109
|
-
1.16.
|
|
109
|
+
1.16.2
|
data/lib/porky_lib/symmetric.rb
CHANGED
|
@@ -17,7 +17,6 @@ class PorkyLib::Symmetric
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def create_key(tags, key_alias = nil, key_rotation_enabled = true)
|
|
20
|
-
PorkyLib::Config.logger.info("Creating a new master key")
|
|
21
20
|
resp = client.create_key(key_usage: CMK_KEY_USAGE, origin: CMK_KEY_ORIGIN, tags: tags)
|
|
22
21
|
key_id = resp.to_h[:key_metadata][:key_id]
|
|
23
22
|
|
|
@@ -40,17 +39,14 @@ class PorkyLib::Symmetric
|
|
|
40
39
|
end
|
|
41
40
|
|
|
42
41
|
def enable_key_rotation(key_id)
|
|
43
|
-
PorkyLib::Config.logger.info("Enabling automatic key rotation for master key")
|
|
44
42
|
client.enable_key_rotation(key_id: key_id)
|
|
45
43
|
end
|
|
46
44
|
|
|
47
45
|
def create_alias(key_id, key_alias)
|
|
48
|
-
PorkyLib::Config.logger.info("Setting alias for master key")
|
|
49
46
|
client.create_alias(target_key_id: key_id, alias_name: key_alias)
|
|
50
47
|
end
|
|
51
48
|
|
|
52
49
|
def generate_data_encryption_key(cmk_key_id, encryption_context = nil)
|
|
53
|
-
PorkyLib::Config.logger.info('Generating new data encryption key')
|
|
54
50
|
resp = {}
|
|
55
51
|
resp = client.generate_data_key(key_id: cmk_key_id, key_spec: SYMMETRIC_KEY_SPEC, encryption_context: encryption_context) if encryption_context
|
|
56
52
|
resp = client.generate_data_key(key_id: cmk_key_id, key_spec: SYMMETRIC_KEY_SPEC) unless encryption_context
|
|
@@ -59,8 +55,6 @@ class PorkyLib::Symmetric
|
|
|
59
55
|
end
|
|
60
56
|
|
|
61
57
|
def decrypt_data_encryption_key(ciphertext_key, encryption_context = nil)
|
|
62
|
-
PorkyLib::Config.logger.info('Decrypting data encryption key')
|
|
63
|
-
|
|
64
58
|
return client.decrypt(ciphertext_blob: ciphertext_key, encryption_context: encryption_context).to_h[:plaintext] if encryption_context
|
|
65
59
|
client.decrypt(ciphertext_blob: ciphertext_key).to_h[:plaintext]
|
|
66
60
|
end
|
|
@@ -85,9 +79,7 @@ class PorkyLib::Symmetric
|
|
|
85
79
|
nonce = RbNaCl::Random.random_bytes(secret_box.nonce_bytes)
|
|
86
80
|
|
|
87
81
|
# Encrypt a message with SecretBox
|
|
88
|
-
PorkyLib::Config.logger.info('Beginning encryption')
|
|
89
82
|
ciphertext = secret_box.encrypt(nonce, data)
|
|
90
|
-
PorkyLib::Config.logger.info('Encryption complete')
|
|
91
83
|
[ciphertext_key, ciphertext, nonce]
|
|
92
84
|
end
|
|
93
85
|
|
|
@@ -102,9 +94,7 @@ class PorkyLib::Symmetric
|
|
|
102
94
|
# Securely delete the plaintext value from memory
|
|
103
95
|
plaintext_key.replace(secure_delete_plaintext_key(plaintext_key.bytesize))
|
|
104
96
|
|
|
105
|
-
PorkyLib::Config.logger.info('Beginning decryption')
|
|
106
97
|
result = secret_box.decrypt(nonce, ciphertext)
|
|
107
|
-
PorkyLib::Config.logger.info('Decryption complete')
|
|
108
98
|
result
|
|
109
99
|
end
|
|
110
100
|
|
data/lib/porky_lib/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: porky_lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Greg Fletcher
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-08-
|
|
11
|
+
date: 2018-08-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -291,7 +291,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
291
291
|
version: '0'
|
|
292
292
|
requirements: []
|
|
293
293
|
rubyforge_project:
|
|
294
|
-
rubygems_version: 2.5.2
|
|
294
|
+
rubygems_version: 2.5.2.3
|
|
295
295
|
signing_key:
|
|
296
296
|
specification_version: 4
|
|
297
297
|
summary: A library for cryptographic services using AWS KMS and RbNaCl
|