sequel_vault 0.3 → 0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +2 -0
  3. data/Gemfile.lock +5 -2
  4. data/lib/sequel_vault.rb +30 -10
  5. data/sequel_vault.gemspec +1 -1
  6. data/spec/sequel_vault_spec.rb +7 -4
  7. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 165282372b352387b3f41c17d6a652db49e6fd88
4
- data.tar.gz: bcf9013ae07860c426d1e9895dac5c8fc50eed21
3
+ metadata.gz: 3049adb333bd60b77bf10308bd4b762c0fe5e074
4
+ data.tar.gz: 942936b542ea08b4c968d85a000515da9cd1c4f0
5
5
  SHA512:
6
- metadata.gz: 35567135ac68c423cba3e794f1f4e96a336fdb8c34bbea44857ecc02b630175f455f06dc46b50f85d1a1127ce5cc642efe6d749a5db7fc83826ec15c0fed2ebf
7
- data.tar.gz: 161c4e25ecad6ff8720f419803c415183971853c0884f6d18480137d6983954abd6a5c66b5a199bf608344407267b283a3b46287f48c7c1159fbdf9bb36c7acf
6
+ metadata.gz: ffeab0fb22d2bdb46899ff54599574251b41a55080a8311e08571d7255dd671bed61193f34ce5fd94fceaccf2b962d6a8e597fa168fd6b287dca70338e88178b
7
+ data.tar.gz: 1ee118a4925797d427da37de478e95e486ba1521f7b4ad06366127d4ecfe4c89e51222f16bccd70f97aaf1f7e3bd94b4bdba1c97e884c21b61b6387891dadfa5
data/.gitignore CHANGED
@@ -1,2 +1,4 @@
1
1
  coverage
2
2
  *.gem
3
+ doc/
4
+ .yardoc
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- sequel_vault (0.2)
4
+ sequel_vault (0.3)
5
5
  fernet (~> 2.1, >= 2.1)
6
6
  sequel (~> 4.21, >= 4.21.0)
7
7
 
@@ -26,7 +26,7 @@ GEM
26
26
  diff-lcs (>= 1.2.0, < 2.0)
27
27
  rspec-support (~> 3.3.0)
28
28
  rspec-support (3.3.0)
29
- sequel (4.23.0)
29
+ sequel (4.26.0)
30
30
  simplecov (0.9.2)
31
31
  docile (~> 1.1.0)
32
32
  multi_json (~> 1.0)
@@ -43,3 +43,6 @@ DEPENDENCIES
43
43
  sequel_vault!
44
44
  simplecov (~> 0.9.2)
45
45
  sqlite3 (~> 1.3, >= 1.3.10)
46
+
47
+ BUNDLED WITH
48
+ 1.10.6
data/lib/sequel_vault.rb CHANGED
@@ -17,20 +17,27 @@ module Sequel
17
17
  model.vault_attributes(keys, *attrs) unless attrs.empty?
18
18
  end
19
19
 
20
+ # @!attribute [r] vault_attrs
21
+ # @return [Array<Symbol>] array of all attributes to be encrypted
22
+ # @!attribute [r] vault_keys
23
+ # @return [Array<String>] array of all keys to be used.
20
24
  module ClassMethods
21
25
  attr_reader :vault_attrs
22
26
  attr_reader :vault_keys
23
- attr_reader :vault_module
24
27
 
25
28
  Plugins.inherited_instance_variables(self, :@vault_attrs => :dup, :@vault_keys => :dup)
26
29
 
27
- def vault_attributes(keys, *attrs)
28
- raise(Error, 'must provide both keys name and attrs when setting up vault') unless keys && attrs
30
+ # Setup vault with the given keys for the given attributes.
31
+ #
32
+ # @param [Array<String>] keys to be used
33
+ # @param [Array<Symbol>] attributes that will be encrypted
34
+ def vault_attributes(keys, *attributes)
35
+ raise(Error, 'must provide both keys name and attrs when setting up vault') unless keys && attributes
29
36
  @vault_keys = keys
30
- @vault_attrs = attrs
37
+ @vault_attrs = attributes
31
38
 
32
39
  self.class.instance_eval do
33
- attrs.each do |attr|
40
+ attributes.each do |attr|
34
41
  define_method("#{attr}_lookup") do |plain|
35
42
  digests = keys.map { |key| Sequel.blob(digest(key, plain)) }
36
43
  where("#{attr}_digest": digests).first
@@ -39,14 +46,29 @@ module Sequel
39
46
  end
40
47
  end
41
48
 
49
+ # Returns the HMAC digest of plain text.
50
+ #
51
+ # @param [Array<String>] keys to be used
52
+ # @param [String] plain text
53
+ # @return [String] HMAC digest of the plain text
42
54
  def digest(keys, plain)
43
- OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha512'), Array(keys).first, plain)
55
+ OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha512'), Array(keys).last, plain)
44
56
  end
45
57
 
58
+ # Returns the encrypted version of plain text.
59
+ #
60
+ # @param [Array<String>] keys to be used
61
+ # @param [String] plain text
62
+ # @return [String] encrypted version of the plain text
46
63
  def encrypt(keys, plain)
47
- ::Fernet.generate(keys.first, plain)
64
+ ::Fernet.generate(keys.last, plain)
48
65
  end
49
66
 
67
+ # Returns the decryped version of encrypted text.
68
+ #
69
+ # @param [Array<String>] keys to be used
70
+ # @param [String] cypher text
71
+ # @return [String] plain version of the cypher text
50
72
  def decrypt(keys, cypher)
51
73
  keys.each do |key|
52
74
  verifier = ::Fernet.verifier(key, cypher, enforce_ttl: false)
@@ -57,14 +79,12 @@ module Sequel
57
79
  end
58
80
  end
59
81
 
60
- module DatasetMethods
61
- end
62
-
63
82
  module InstanceMethods
64
83
  def []=(attr, plain)
65
84
  if model.vault_attrs.include?(attr) && !plain.nil?
66
85
  send("#{attr}_digest=", self.class.digest(model.vault_keys, plain))
67
86
  value = self.class.encrypt(model.vault_keys, plain)
87
+ super(:key_id, model.vault_keys.length) if model.columns.include?(:key_id)
68
88
  end
69
89
  super(attr, value || plain)
70
90
  end
data/sequel_vault.gemspec CHANGED
@@ -13,7 +13,7 @@ Gem::Specification.new do |gem|
13
13
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
14
14
  gem.name = "sequel_vault"
15
15
  gem.require_paths = ["lib"]
16
- gem.version = '0.3'
16
+ gem.version = '0.4'
17
17
 
18
18
  gem.add_runtime_dependency 'sequel', '~> 4.21', '>= 4.21.0'
19
19
  gem.add_runtime_dependency 'fernet', '~> 2.1', '>= 2.1'
data/spec/sequel_vault_spec.rb CHANGED
@@ -7,7 +7,7 @@ describe Sequel::Plugins::Vault do
7
7
  Class.new(Sequel::Model(db[:vm])) do
8
8
  set_primary_key :id
9
9
  unrestrict_primary_key
10
- set_columns([:id, :secret, :secret_digest])
10
+ set_columns([:id, :secret, :secret_digest, :key_id])
11
11
 
12
12
  plugin :vault
13
13
  end
@@ -15,18 +15,19 @@ describe Sequel::Plugins::Vault do
15
15
  let(:dataset) { klass.dataset }
16
16
  let(:model) { klass.new }
17
17
  let(:keys) do
18
- ["woRXJWevRaxZLxgoiEQtCDPBSf9TNg57bki0RUK1U48=",
19
- "fih3l0Z9e4NBpy5KIj+rmXVexY5O9LspzuqCFyqavjg="]
18
+ ["fih3l0Z9e4NBpy5KIj+rmXVexY5O9LspzuqCFyqavjg=",
19
+ "woRXJWevRaxZLxgoiEQtCDPBSf9TNg57bki0RUK1U48="]
20
20
  end
21
21
  let(:secret) { "Attack at once." }
22
22
  let(:cypher) { klass.encrypt(keys, secret) }
23
- let(:digest) { OpenSSL::HMAC.digest('sha512', keys.first, secret) }
23
+ let(:digest) { OpenSSL::HMAC.digest('sha512', keys.last, secret) }
24
24
 
25
25
  it "should encrypt vault attributes" do
26
26
  klass.vault_attributes(keys, :secret)
27
27
  model.secret = secret
28
28
  expect(model.values[:secret]).to_not eq(secret)
29
29
  expect(model.secret).to eq(secret)
30
+ expect(model.key_id).to eq(2)
30
31
  end
31
32
 
32
33
  it "should allow nil value" do
@@ -34,6 +35,7 @@ describe Sequel::Plugins::Vault do
34
35
  model.secret = nil
35
36
  expect(model.values[:secret]).to be_nil
36
37
  expect(model.secret).to be_nil
38
+ expect(model.key_id).to be_nil
37
39
  end
38
40
 
39
41
  it "should write a digest of the value" do
@@ -41,6 +43,7 @@ describe Sequel::Plugins::Vault do
41
43
  model.secret = secret
42
44
  expect(model.values[:secret_digest]).to_not eq(secret)
43
45
  expect(model.secret_digest).to eq(digest)
46
+ expect(model.key_id).to eq(2)
44
47
  end
45
48
 
46
49
  it "should provide a digest lookup" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sequel_vault
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.3'
4
+ version: '0.4'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Timothée Peignier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-29 00:00:00.000000000 Z
11
+ date: 2015-09-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sequel
@@ -141,10 +141,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
141
141
  version: '0'
142
142
  requirements: []
143
143
  rubyforge_project:
144
- rubygems_version: 2.4.5
144
+ rubygems_version: 2.4.5.1
145
145
  signing_key:
146
146
  specification_version: 4
147
147
  summary: Handle attributes encryption.
148
148
  test_files:
149
149
  - spec/sequel_vault_spec.rb
150
150
  - spec/spec_helper.rb
151
+ has_rdoc: