sequel_vault 0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +2 -0
- data/.rubocop.yml +44 -0
- data/.travis.yml +8 -0
- data/Gemfile +3 -0
- data/Gemfile.lock +45 -0
- data/lib/sequel_vault.rb +51 -0
- data/sequel_vault.gemspec +24 -0
- data/spec/sequel_vault_spec.rb +35 -0
- data/spec/spec_helper.rb +23 -0
- metadata +149 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 9fcd1e2440b221cea5020dd2f48270ad299cc22c
|
4
|
+
data.tar.gz: 23a8b0f2216268942dc6671a9d73a3415bf8359c
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: c3557360f3bf786d794faaedf627b2c44f1e0a10aa85b879e86d767ed52e0d203a8402193358208dea5ecf6832a9b8a546c4137cd47293f28b510647d505c588
|
7
|
+
data.tar.gz: f4f389d1b62102304ea49ab7ab4b9d38d937997b7f5c6e306c7f62165149e60ba4792bd8dc5095478c9f247154dee53c6494971acc125d53a0ebd88dd2d18c6e
|
data/.gitignore
ADDED
data/.rubocop.yml
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
Style/AlignHash:
|
2
|
+
Enabled: false
|
3
|
+
|
4
|
+
Style/AlignArray:
|
5
|
+
Enabled: false
|
6
|
+
|
7
|
+
Style/AlignParameters:
|
8
|
+
Enabled: false
|
9
|
+
|
10
|
+
Style/Documentation:
|
11
|
+
Enabled: false
|
12
|
+
|
13
|
+
Style/CaseIndentation:
|
14
|
+
Enabled: false
|
15
|
+
|
16
|
+
Style/IndentHash:
|
17
|
+
Enabled: false
|
18
|
+
|
19
|
+
Style/NumericLiterals:
|
20
|
+
Enabled: false
|
21
|
+
|
22
|
+
Style/SignalException:
|
23
|
+
Enabled: false
|
24
|
+
|
25
|
+
Style/StringLiterals:
|
26
|
+
Enabled: false
|
27
|
+
|
28
|
+
Style/MultilineOperationIndentation:
|
29
|
+
Enabled: false
|
30
|
+
|
31
|
+
Style/StringLiterals:
|
32
|
+
Enabled: false
|
33
|
+
|
34
|
+
Metrics/LineLength:
|
35
|
+
Max: 250
|
36
|
+
|
37
|
+
Metrics/MethodLength:
|
38
|
+
Max: 250
|
39
|
+
|
40
|
+
Metrics/ClassLength:
|
41
|
+
Max: 250
|
42
|
+
|
43
|
+
Lint/UselessAssignment:
|
44
|
+
Enabled: false
|
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
sequel_vault (0.1)
|
5
|
+
fernet (~> 2.1, >= 2.1)
|
6
|
+
sequel (~> 4.21, >= 4.21.0)
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
diff-lcs (1.2.5)
|
12
|
+
docile (1.1.5)
|
13
|
+
fernet (2.1)
|
14
|
+
valcro (= 0.1)
|
15
|
+
multi_json (1.11.0)
|
16
|
+
rspec (3.2.0)
|
17
|
+
rspec-core (~> 3.2.0)
|
18
|
+
rspec-expectations (~> 3.2.0)
|
19
|
+
rspec-mocks (~> 3.2.0)
|
20
|
+
rspec-core (3.2.2)
|
21
|
+
rspec-support (~> 3.2.0)
|
22
|
+
rspec-expectations (3.2.0)
|
23
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
24
|
+
rspec-support (~> 3.2.0)
|
25
|
+
rspec-mocks (3.2.1)
|
26
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
27
|
+
rspec-support (~> 3.2.0)
|
28
|
+
rspec-support (3.2.2)
|
29
|
+
sequel (4.21.0)
|
30
|
+
simplecov (0.9.2)
|
31
|
+
docile (~> 1.1.0)
|
32
|
+
multi_json (~> 1.0)
|
33
|
+
simplecov-html (~> 0.9.0)
|
34
|
+
simplecov-html (0.9.0)
|
35
|
+
sqlite3 (1.3.10)
|
36
|
+
valcro (0.1)
|
37
|
+
|
38
|
+
PLATFORMS
|
39
|
+
ruby
|
40
|
+
|
41
|
+
DEPENDENCIES
|
42
|
+
rspec (~> 3.2, >= 3.2.0)
|
43
|
+
sequel_vault!
|
44
|
+
simplecov (~> 0.9.2)
|
45
|
+
sqlite3 (~> 1.3, >= 1.3.10)
|
data/lib/sequel_vault.rb
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
require "fernet"
|
2
|
+
|
3
|
+
module Sequel
|
4
|
+
module Plugins
|
5
|
+
module Vault
|
6
|
+
class InvalidCiphertext < Exception; end
|
7
|
+
|
8
|
+
def self.configure(model, keys = nil, *attrs)
|
9
|
+
model.vault_attributes(keys, *attrs) unless attrs.empty?
|
10
|
+
end
|
11
|
+
|
12
|
+
module ClassMethods
|
13
|
+
attr_accessor :vault_attributes_module
|
14
|
+
|
15
|
+
def vault_attributes(keys, *attrs)
|
16
|
+
include(self.vault_attributes_module ||= Module.new) unless vault_attributes_module
|
17
|
+
vault_attributes_module.class_eval do
|
18
|
+
attrs.each do |attr|
|
19
|
+
define_method(attr) do
|
20
|
+
cypher = super()
|
21
|
+
decrypt(keys, cypher) unless cypher.nil?
|
22
|
+
end
|
23
|
+
|
24
|
+
define_method("#{attr}=") do |plain|
|
25
|
+
cypher = encrypt(keys, plain) unless plain.nil?
|
26
|
+
super(cypher)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
module InstanceMethods
|
34
|
+
private
|
35
|
+
|
36
|
+
def encrypt(keys, plain)
|
37
|
+
::Fernet.generate(keys.first, plain)
|
38
|
+
end
|
39
|
+
|
40
|
+
def decrypt(keys, cypher)
|
41
|
+
keys.each do |key|
|
42
|
+
verifier = ::Fernet.verifier(key, cypher, enforce_ttl: false)
|
43
|
+
next unless verifier.valid?
|
44
|
+
return verifier.message
|
45
|
+
end
|
46
|
+
raise InvalidCiphertext, "Could not decrypt field"
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |gem|
|
4
|
+
gem.authors = ["Timothée Peignier"]
|
5
|
+
gem.email = ["timothee.peignier@tryphon.org"]
|
6
|
+
gem.description = %q{Sequel plugins to handle encrypted attributes}
|
7
|
+
gem.summary = %q{Handle attributes encryption.}
|
8
|
+
gem.homepage = "http://rubygems.org/gems/sequel_vault"
|
9
|
+
gem.license = 'MIT'
|
10
|
+
|
11
|
+
gem.files = `git ls-files`.split($\)
|
12
|
+
gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
13
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
14
|
+
gem.name = "sequel_vault"
|
15
|
+
gem.require_paths = ["lib"]
|
16
|
+
gem.version = '0.1'
|
17
|
+
|
18
|
+
gem.add_runtime_dependency 'sequel', '~> 4.21', '>= 4.21.0'
|
19
|
+
gem.add_runtime_dependency 'fernet', '~> 2.1', '>= 2.1'
|
20
|
+
|
21
|
+
gem.add_development_dependency 'rspec', '~> 3.2', '>= 3.2.0'
|
22
|
+
gem.add_development_dependency 'simplecov', '~> 0.9.2'
|
23
|
+
gem.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
|
24
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
require "spec_helper"
|
3
|
+
|
4
|
+
describe Sequel::Plugins::Vault do
|
5
|
+
let(:db) { Sequel.mock }
|
6
|
+
let(:klass) do
|
7
|
+
Class.new(Sequel::Model(db[:vm])) do
|
8
|
+
set_primary_key :id
|
9
|
+
set_columns([:id, :secret])
|
10
|
+
|
11
|
+
plugin :vault
|
12
|
+
end
|
13
|
+
end
|
14
|
+
let(:model) { klass.new }
|
15
|
+
let(:keys) do
|
16
|
+
["woRXJWevRaxZLxgoiEQtCDPBSf9TNg57bki0RUK1U48=",
|
17
|
+
"fih3l0Z9e4NBpy5KIj+rmXVexY5O9LspzuqCFyqavjg="]
|
18
|
+
end
|
19
|
+
let(:sqls) { db.sqls }
|
20
|
+
let(:secret) { "Attack at once." }
|
21
|
+
|
22
|
+
it "should encrypt vault attributes" do
|
23
|
+
model.class.vault_attributes(keys, :secret)
|
24
|
+
model.secret = secret
|
25
|
+
expect(model.values[:secret]).to_not eq(secret)
|
26
|
+
expect(model.secret).to eq(secret)
|
27
|
+
end
|
28
|
+
|
29
|
+
it "should allow nil value" do
|
30
|
+
model.class.vault_attributes(keys, :secret)
|
31
|
+
model.secret = nil
|
32
|
+
expect(model.values[:secret]).to be_nil
|
33
|
+
expect(model.secret).to be_nil
|
34
|
+
end
|
35
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
require "bundler"
|
2
|
+
Bundler.require
|
3
|
+
|
4
|
+
require "simplecov"
|
5
|
+
SimpleCov.start do
|
6
|
+
add_filter('spec/')
|
7
|
+
end
|
8
|
+
|
9
|
+
require "sequel"
|
10
|
+
require "sequel_vault"
|
11
|
+
|
12
|
+
RSpec.configure do |config|
|
13
|
+
config.order = 'random'
|
14
|
+
|
15
|
+
config.before(:suite) do
|
16
|
+
Sequel::Model.plugin(:schema)
|
17
|
+
Sequel.connect('sqlite:/')
|
18
|
+
end
|
19
|
+
|
20
|
+
config.around(:each) do |example|
|
21
|
+
Sequel::Model.db.transaction(rollback: :always) { example.run }
|
22
|
+
end
|
23
|
+
end
|
metadata
ADDED
@@ -0,0 +1,149 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: sequel_vault
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: '0.1'
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Timothée Peignier
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-04-05 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: sequel
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '4.21'
|
20
|
+
- - '>='
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 4.21.0
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - ~>
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '4.21'
|
30
|
+
- - '>='
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 4.21.0
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: fernet
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - ~>
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: '2.1'
|
40
|
+
- - '>='
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
version: '2.1'
|
43
|
+
type: :runtime
|
44
|
+
prerelease: false
|
45
|
+
version_requirements: !ruby/object:Gem::Requirement
|
46
|
+
requirements:
|
47
|
+
- - ~>
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: '2.1'
|
50
|
+
- - '>='
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: '2.1'
|
53
|
+
- !ruby/object:Gem::Dependency
|
54
|
+
name: rspec
|
55
|
+
requirement: !ruby/object:Gem::Requirement
|
56
|
+
requirements:
|
57
|
+
- - ~>
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
version: '3.2'
|
60
|
+
- - '>='
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: 3.2.0
|
63
|
+
type: :development
|
64
|
+
prerelease: false
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ~>
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '3.2'
|
70
|
+
- - '>='
|
71
|
+
- !ruby/object:Gem::Version
|
72
|
+
version: 3.2.0
|
73
|
+
- !ruby/object:Gem::Dependency
|
74
|
+
name: simplecov
|
75
|
+
requirement: !ruby/object:Gem::Requirement
|
76
|
+
requirements:
|
77
|
+
- - ~>
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: 0.9.2
|
80
|
+
type: :development
|
81
|
+
prerelease: false
|
82
|
+
version_requirements: !ruby/object:Gem::Requirement
|
83
|
+
requirements:
|
84
|
+
- - ~>
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
version: 0.9.2
|
87
|
+
- !ruby/object:Gem::Dependency
|
88
|
+
name: sqlite3
|
89
|
+
requirement: !ruby/object:Gem::Requirement
|
90
|
+
requirements:
|
91
|
+
- - ~>
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: '1.3'
|
94
|
+
- - '>='
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: 1.3.10
|
97
|
+
type: :development
|
98
|
+
prerelease: false
|
99
|
+
version_requirements: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ~>
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '1.3'
|
104
|
+
- - '>='
|
105
|
+
- !ruby/object:Gem::Version
|
106
|
+
version: 1.3.10
|
107
|
+
description: Sequel plugins to handle encrypted attributes
|
108
|
+
email:
|
109
|
+
- timothee.peignier@tryphon.org
|
110
|
+
executables: []
|
111
|
+
extensions: []
|
112
|
+
extra_rdoc_files: []
|
113
|
+
files:
|
114
|
+
- .gitignore
|
115
|
+
- .rubocop.yml
|
116
|
+
- .travis.yml
|
117
|
+
- Gemfile
|
118
|
+
- Gemfile.lock
|
119
|
+
- lib/sequel_vault.rb
|
120
|
+
- sequel_vault.gemspec
|
121
|
+
- spec/sequel_vault_spec.rb
|
122
|
+
- spec/spec_helper.rb
|
123
|
+
homepage: http://rubygems.org/gems/sequel_vault
|
124
|
+
licenses:
|
125
|
+
- MIT
|
126
|
+
metadata: {}
|
127
|
+
post_install_message:
|
128
|
+
rdoc_options: []
|
129
|
+
require_paths:
|
130
|
+
- lib
|
131
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
132
|
+
requirements:
|
133
|
+
- - '>='
|
134
|
+
- !ruby/object:Gem::Version
|
135
|
+
version: '0'
|
136
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
137
|
+
requirements:
|
138
|
+
- - '>='
|
139
|
+
- !ruby/object:Gem::Version
|
140
|
+
version: '0'
|
141
|
+
requirements: []
|
142
|
+
rubyforge_project:
|
143
|
+
rubygems_version: 2.0.14
|
144
|
+
signing_key:
|
145
|
+
specification_version: 4
|
146
|
+
summary: Handle attributes encryption.
|
147
|
+
test_files:
|
148
|
+
- spec/sequel_vault_spec.rb
|
149
|
+
- spec/spec_helper.rb
|