yattr_encrypted 0.1.2 → 0.1.3

data/README.mdown

@@ -1,6 +1,6 @@
 # YattrEncrypted #
 
-Version: 0.1.2  (but you should check lib/yattr_encrypted/version.rb to be sure)
+Version: 0.1.3  (but you should check lib/yattr_encrypted/version.rb to be sure)
 
 ## Applicability ##
 
@@ -53,7 +53,7 @@ random *iv* and including it in the encrypted data. See *openssl* documentation
 for details [OpenSSL::Cipher]
 * detects when fields are modified by actions other than assignment. This supports
 encrypting complex types - such as hashes and arrays. This is implemented by adding
-*save* and *save!* methods to models
+a `before_save` calleback to the private method *yattr_update_encrypted_values*
 * Rails 3.1 & Rails 3.2 - doesn't pretend to support anything lower (but it might work)
 
 
@@ -132,18 +132,40 @@ serialized as JSON objects. This is to avoid dealing with any database idiodicy
 and to transparently handle complex data types being used in database fields [such as
 Hashes and Arrays].
 
-The encoding algorithm for a field is:
+The encoding code for a field is:
 
-    field_jsonified = ActiveSupprt::JSON.encode field
-    iv = lambda { (0..16).map { |x| rand(256).chr }.join() }.call
-    encrypted_data = YattrEncrypted.encrypt field_jsonified, iv
-    field_encrypted = ActiveSupport::Base64.encode64 ("%04d" % iv.length) + iv + encrypted_data
+    cipher = OpenSSL::Cipher.new(ALGORITHM)
+    cipher.encrypt
+    cipher.key = key
+    iv = cipher.random_iv   # ask OpenSSL for a new, random initial value
     
-The decoding algorithm is:
-
-    field_decoded = ActiveSupport::Base64::decode64 field_encrypted
-    len = field_decoded[0..3].to_i + 1
-    iv = field_decoded[4..(len)]
-    encrypted_data = field_decoded[(len+1)..-1]
-    field_jsonified = YattrEncrypted.decrypt encrypted_data, iv
-    field = ActiveSupprt::JSON.decode field_jsonified
+    # jsonify data
+    value_marshalled = Marshal.dump value
+
+    # encrypt data
+    result = cipher.update value_marshalled
+    result << cipher.final
+
+    # return encrypted data and iv
+    Base64.encode64(("%04d" % iv.length) + iv + result)
+        
+The decoding code is:
+
+     # initialize decryptor
+    cipher = OpenSSL::Cipher.new(ALGORITHM)
+    cipher.decrypt
+    cipher.key = key
+  
+    # extract encrypted_value
+    encrypted_value = Base64.decode64 marshalled_value
+
+    # extract and set iv
+    iv_end = encrypted_value[0..3].to_i + 3
+    cipher.iv = encrypted_value[4..(iv_end)]
+    encrypted_value = encrypted_value[(iv_end+1)..-1]
+
+    # derypte and return
+    result = cipher.update(encrypted_value)
+    result << cipher.final
+  
+    Marshal.load result

data/lib/yattr_encrypted/version.rb

@@ -1,3 +1,3 @@
 module YattrEncrypted
-  VERSION = '0.1.2'
+  VERSION = '0.1.3'
 end

data/lib/yattr_encrypted.rb

@@ -67,11 +67,14 @@ module YattrEncrypted
 
         # tell self to define instance methods from the database if they have not already been generated
         define_attribute_methods unless attribute_methods_generated?
+        
+        # schedule yattr_update_encrypted_values before save
+        self.send :before_save, :yate_update_encrypted_values unless self.yate_encrypted_attributes
 
         # collect existing instance methods
         instance_methods_as_symbols = instance_methods.map { |method| method.to_sym }
 
-        # iterate through attributes
+        # iterate through attributes and create accessors, verify encryped accessors exist
         attributes.map { |x| x.to_sym }.each do |attribute|
           encrypted_attribute_name = [options[:prefix], attribute, options[:suffix]].join.to_sym
 
@@ -82,14 +85,13 @@ module YattrEncrypted
               unless instance_methods_as_symbols.include?(:"#{encrypted_attribute_name}=")
 
           tmp =<<-XXX
-          puts "defining #{attribute}"
           def #{attribute}
             unless @#{attribute} && !@#{attribute}.empty?
               options = yate_encrypted_attributes[:#{attribute}]
               @#{attribute} = #{encrypted_attribute_name} ? \
                   yate_decrypt(#{encrypted_attribute_name}, options[:key]) : \
                   ''
-              self.yate_checksums[:#{attribute}] = yate_field_hash_value(:#{attribute})
+              self.yate_checksums[:#{attribute}] = yate_attribute_hash_value(:#{attribute})
               self.yate_dirty[:#{attribute}] = true
             end
             @#{attribute}
@@ -98,12 +100,11 @@ module YattrEncrypted
           class_eval(tmp)
 
           tmp =<<-XXX
-          puts "self: #{self}"
           def #{attribute}= value
             @#{attribute} = value
             options = yate_encrypted_attributes[:#{attribute}]
             self.#{encrypted_attribute_name} = yate_encrypt(value, options[:key])
-            self.yate_checksums[:#{attribute}] = yate_field_hash_value(:#{attribute})
+            self.yate_checksums[:#{attribute}] = yate_attribute_hash_value(:#{attribute})
             self.yate_dirty[:#{attribute}] = true
           end
           XXX
@@ -123,44 +124,6 @@ module YattrEncrypted
     end
   end
   
-  # Checks if an attribute is configured with <tt>yattr_encrypted</tt>
-  def yattr_encrypted?(attribute)
-    self.class.yate_encrypted_attributes.has_key?(attribute.to_sym)
-  end
-
-  def save *args
-    yate_update_encrypted_values
-    super
-  end
-  
-  def save! *args
-    yate_update_encrypted_values
-    super
-  end
-  
-  def update_attribute attribute, value
-    if (options = yate_encrypted_attributes[attribute])
-      self.send "#{attribute}=".to_sym, value
-      update_attribute options[:attribute], self.send(options[:attribute]) if yate_field_changed? attribute
-    else
-      super
-    end
-  end
-
-  def update_attributes params, options = {}
-    tmp = {}
-    params.keys.each do |attribute|
-      if (options = yate_encrypted_attributes[attribute])
-        self.send "#{attribute}=", params[attribute]
-        tmp[options[:attribute]] = self.send options[:attribute]
-      else
-        tmp[attribute] = params[attribute]
-      end
-    end
-    params = tmp
-    super
-  end
-
   # protected methods - nobody needs to use these outside of the model
   protected
   
@@ -184,7 +147,7 @@ module YattrEncrypted
     cipher = OpenSSL::Cipher.new(ALGORITHM)
     cipher.encrypt
     cipher.key = key
-    iv = cipher.random_iv
+    iv = cipher.random_iv   # ask OpenSSL for a new, random initial value
     
     # jsonify data
     value_marshalled = Marshal.dump value
@@ -220,19 +183,20 @@ module YattrEncrypted
   end
 
   # support for fields which are not atomic values
-  def yate_field_hash_value(attribute)
+  def yate_attribute_hash_value(attribute)
     attribute = attribute.to_s if Symbol === attribute
     OpenSSL::HMAC.digest('md5', 'ersatz key', Marshal.dump(self.instance_variable_get("@#{attribute}")))
   end
 
-  def yate_field_changed?(attribute)
+  def yate_attribute_changed?(attribute)
     attribute = attribute.to_sym unless Symbol === attribute
-    yate_field_hash_value(attribute) != self.yate_checksums[attribute] || self.yate_dirty[attribute]
+    yate_attribute_hash_value(attribute) != self.yate_checksums[attribute] || self.yate_dirty[attribute]
   end
   
   def yate_update_encrypted_values
+    return unless yate_encrypted_attributes
     yate_encrypted_attributes.each do |attribute, options|
-      if yate_field_changed?(attribute)
+      if yate_attribute_changed?(attribute)
         self.send "#{options[:attribute]}=".to_sym, yate_encrypt(self.send(attribute), options[:key])
         yate_dirty.delete(attribute)
       end

data/test/yattr_encrypted_test.rb

@@ -10,6 +10,11 @@ module ActiveRecord
     def self.attribute_methods_generated?
       true
     end
+    
+    def self.before_save *methods
+      @before_save_hooks ||= []
+      @before_save_hooks += methods
+    end
 
     def save
       true
@@ -39,6 +44,11 @@ class TestYattrEncrypted < MiniTest::Unit::TestCase
     @sc = SomeClass.new
   end
   
+  def test_before_save_hook
+    assert SomeClass.instance_variable_get(:@before_save_hooks).include?(:yate_update_encrypted_values), \
+        "before_save_hooks should include :yate_encrypted_attributes"
+  end
+
   def test_yattr_encrypted_should_create_accessors
     assert @sc.respond_to?(:field), "a SomeClass instance should respond to :field"
     assert @sc.respond_to?(:field=), "a SomeClass instance should respond to :field="
@@ -46,7 +56,7 @@ class TestYattrEncrypted < MiniTest::Unit::TestCase
     assert @sc.respond_to?(:yate_encrypted_attributes), "a SomeClass instance should respond to :yate_encrypted_attributes"
   end
   
-  def test_assigning_field_should_assign_field_encrypted
+  def test_assigning_attribute_should_assign_attribute_encrypted
     assert_nil @sc.field_encrypted, "field_encrypted should be nil prior to assignment to field"
     @sc.field = 'a field value'
     refute_nil @sc.field_encrypted, "field_encrypted should not be nil"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: yattr_encrypted
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-03-18 00:00:00.000000000Z
+date: 2012-03-19 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pry
-  requirement: &2151817020 !ruby/object:Gem::Requirement
+  requirement: &2151767260 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,7 +21,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2151817020
+  version_requirements: *2151767260
 description: Generates yattr_accessors that encrypt and decrypt attributes transparently.
   Based on attr_encrypted by Sean Huber [https://github.com/shuber]
 email: mike@clove.com
@@ -56,7 +56,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1650387470150173914
+      hash: -3636252519896888946
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements: