secure_attribute 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 773123854481b3622f58a393706848701bf1c039
+  data.tar.gz: a71411f98c30243778348a2a5d9426eeab7015ec
+SHA512:
+  metadata.gz: eca1061427d684176ea764c898ea740c1cd7ad231a1b4f7e1446567e80daa72e4098a2ee27efaac5042a7f3d56c99ddd9d860a22a9d2a2298ddcfd2bc86b9865
+  data.tar.gz: 9111e5f0544e859c926ca48849a57feaa13d284914d84e7063fe0d5b1e8903e641749bf5a318bf604126fb84b23bede70b7d6d2c9c9226228d3bf2fbdd11aa40

data/lib/secure_attribute/version.rb

@@ -0,0 +1,3 @@
+module SecureAttribute
+  VERSION = "0.1.0"
+end

data/lib/secure_attribute.rb

@@ -0,0 +1,67 @@
+require "base64"
+require "openssl"
+
+module SecureAttribute
+  def self.included(model)
+    model.extend(ClassMethods)
+  end
+
+  def self.encipher(algorithm, data, key)
+    encrypted, iv = SecureAttribute.encrypt(algorithm, data, key)
+    SecureAttribute.pack(algorithm, iv, encrypted)
+  end
+
+  def self.decipher(data, key)
+    algorithm, iv, data = SecureAttribute.unpack(data)
+    SecureAttribute.decrypt(algorithm, data, key, iv)
+  end
+
+  def self.encrypt(algorithm, data, key)
+    cipher = OpenSSL::Cipher.new(algorithm).encrypt
+    cipher.key = key
+    iv = cipher.random_iv
+    [cipher.update(data) + cipher.final, iv]
+  end
+
+  def self.decrypt(algorithm, data, key, iv)
+    cipher = OpenSSL::Cipher.new(algorithm).decrypt
+    cipher.key, cipher.iv = key, iv
+    decrypted = cipher.update(data)
+    decrypted << cipher.final
+  end
+
+  def self.pack(algorithm, iv, encrypted)
+    ["", algorithm, Base64.strict_encode64(iv), Base64.strict_encode64(encrypted)].join("$")
+  end
+
+  def self.unpack(string)
+    _, algorithm, iv, data = string.split("$")
+    [algorithm, Base64.decode64(iv), Base64.decode64(data)]
+  end
+
+  def self.export_random_key_base64(algorithm)
+    Base64.strict_encode64(OpenSSL::Cipher.new(algorithm).random_key)
+  end
+
+  module ClassMethods
+    def attr_secure(name, options = {})
+      force_defining_active_record_attribute_accessors
+      attr_writer(name) unless respond_to?("#{name}=")
+      attr_reader(name) unless respond_to?(name)
+      alias_method(attr_reader = "#{name}_without_secure_attribute", "#{name}")
+      alias_method(attr_writer = "#{name}_without_secure_attribute=", "#{name}=")
+
+      define_method("#{name}=") do |data|
+        send(attr_writer, SecureAttribute.encipher(options[:algorithm], data, options[:key]))
+      end
+
+      define_method(name) do
+        SecureAttribute.decipher(send(attr_reader), options[:key])
+      end
+    end
+
+    def force_defining_active_record_attribute_accessors
+      define_attribute_methods if defined?(ActiveRecord::Base) && self < ActiveRecord::Base
+    end
+  end
+end

metadata

@@ -0,0 +1,47 @@
+--- !ruby/object:Gem::Specification
+name: secure_attribute
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Alexis Bernard
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-01-09 00:00:00.000000000 Z
+dependencies: []
+description: Encrypt attributes of any Ruby object or ActiveRecord model.
+email:
+- alexis@bernard.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/secure_attribute.rb
+- lib/secure_attribute/version.rb
+homepage: https://github.com/BaseSecrete/secure_attribute
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: Encrypt attributes of any Ruby object or ActiveRecord model.
+test_files: []
+has_rdoc: