vault-rails 0.1.2 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +116 -32
- data/lib/vault/encrypted_model.rb +215 -24
- data/lib/vault/rails.rb +183 -21
- data/lib/vault/rails/configurable.rb +98 -0
- data/lib/vault/rails/errors.rb +19 -0
- data/lib/vault/rails/serializer.rb +33 -0
- data/lib/vault/rails/version.rb +1 -1
- data/spec/dummy/app/models/person.rb +16 -0
- data/spec/dummy/config/initializers/vault.rb +2 -1
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/migrate/20150428220101_create_people.rb +4 -0
- data/spec/dummy/db/schema.rb +6 -2
- data/spec/dummy/db/test.sqlite3 +0 -0
- data/spec/dummy/lib/binary_serializer.rb +12 -0
- data/spec/dummy/log/development.log +15591 -0
- data/spec/integration/rails_spec.rb +230 -6
- data/spec/support/vault_server.rb +14 -21
- data/spec/unit/encrypted_model_spec.rb +45 -0
- data/spec/unit/rails_spec.rb +14 -19
- metadata +29 -9
- data/lib/vault/rails/testing.rb +0 -73
data/lib/vault/rails/testing.rb
DELETED
@@ -1,73 +0,0 @@
|
|
1
|
-
require_relative "../encrypted_model"
|
2
|
-
|
3
|
-
require "base64"
|
4
|
-
require "openssl"
|
5
|
-
|
6
|
-
module Vault
|
7
|
-
module Rails
|
8
|
-
module Testing
|
9
|
-
# Start the vault-rails testing stubs.
|
10
|
-
#
|
11
|
-
# @return [self]
|
12
|
-
def self.enable!
|
13
|
-
@enabled = true
|
14
|
-
return self
|
15
|
-
end
|
16
|
-
|
17
|
-
# Stop the vault-rails testing stubs.
|
18
|
-
#
|
19
|
-
# @return [self]
|
20
|
-
def self.disable!
|
21
|
-
@enabled = false
|
22
|
-
return self
|
23
|
-
end
|
24
|
-
|
25
|
-
# Returns whether the testing library is enabled.
|
26
|
-
#
|
27
|
-
# @return [true, false]
|
28
|
-
def self.enabled?
|
29
|
-
return defined?(@enabled) ? @enabled : false
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
# Save a reference to the original methods.
|
34
|
-
class << self
|
35
|
-
alias_method :encrypt_original, :encrypt
|
36
|
-
alias_method :decrypt_original, :decrypt
|
37
|
-
end
|
38
|
-
|
39
|
-
# @see Vault::Rails.encrypt
|
40
|
-
def self.encrypt(path, key, plaintext)
|
41
|
-
if Vault::Rails::Testing.enabled?
|
42
|
-
return nil if plaintext.nil?
|
43
|
-
cipher = OpenSSL::Cipher::AES.new(128, :CBC)
|
44
|
-
cipher.encrypt
|
45
|
-
cipher.key = key_for(path, key)
|
46
|
-
return Base64.strict_encode64(cipher.update(plaintext) + cipher.final)
|
47
|
-
else
|
48
|
-
return encrypt_original(path, key, plaintext)
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
|
-
# @see Vault::Rails.decrypt
|
53
|
-
def self.decrypt(path, key, ciphertext)
|
54
|
-
if Vault::Rails::Testing.enabled?
|
55
|
-
return nil if ciphertext.nil?
|
56
|
-
cipher = OpenSSL::Cipher::AES.new(128, :CBC)
|
57
|
-
cipher.decrypt
|
58
|
-
cipher.key = key_for(path, key)
|
59
|
-
return cipher.update(Base64.strict_decode64(ciphertext)) + cipher.final
|
60
|
-
else
|
61
|
-
return decrypt_original(path, key, ciphertext)
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
private
|
66
|
-
|
67
|
-
# The symmetric key for the given params.
|
68
|
-
# @return [String]
|
69
|
-
def self.key_for(path, key)
|
70
|
-
return Base64.strict_encode64("#{path}/#{key}".ljust(32, "x"))
|
71
|
-
end
|
72
|
-
end
|
73
|
-
end
|