Sha256: 23170012eaac49e1df4d4a693e9f5514f22a1a9749887475b228fdd0787f9005
Contents?: true
Size: 1.47 KB
Versions: 1
Compression:
Stored size: 1.47 KB
Contents
require "fernet"
module Sequel
module Plugins
module Vault
class InvalidCiphertext < Exception; end
def self.configure(model, keys = nil, *attrs)
model.vault_attributes(keys, *attrs) unless attrs.empty?
end
module ClassMethods
attr_accessor :vault_attributes_module
def vault_attributes(keys, *attrs)
include(self.vault_attributes_module ||= Module.new) unless vault_attributes_module
vault_attributes_module.class_eval do
attrs.each do |attr|
define_method(attr) do
cypher = super()
decrypt(keys, cypher) unless cypher.nil?
end
define_method("#{attr}=") do |plain|
return if plain.nil?
cypher = encrypt(keys, plain)
digest = OpenSSL::HMAC.digest('sha512', keys.first, plain)
super(cypher)
send("#{attr}_digest=", digest)
end
end
end
end
end
module InstanceMethods
private
def encrypt(keys, plain)
::Fernet.generate(keys.first, plain)
end
def decrypt(keys, cypher)
keys.each do |key|
verifier = ::Fernet.verifier(key, cypher, enforce_ttl: false)
next unless verifier.valid?
return verifier.message
end
raise InvalidCiphertext, "Could not decrypt field"
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| sequel_vault-0.2 | lib/sequel_vault.rb |