Strategies for Landing an Oracle DBA Job as a Fresher
Adventures in paranoia with sinatra and sequel
1. ro
ug
cu h
t
adventures in paranoia
with sinatra and sequel
Eleanor McHugh
@feyeleanor
http://github.com/feyeleanor
Thursday, 4 April 2013
2. ro
ug
cu h
t
adventures in paranoia
with sinatra and sequel
Eleanor McHugh
@feyeleanor
http://github.com/feyeleanor
Thursday, 4 April 2013
3. ro
ug
cu h
t
adventures in paranoia
with sinatra and sequel
Eleanor McHugh
@feyeleanor
http://github.com/feyeleanor
Thursday, 4 April 2013
4. ro
ug
cu h
t
caveat lector
think carefully before doing security
Thursday, 4 April 2013
5. I am not a certified security professional
and it's unlikely you are either
what follows is definitely above our pay grade
and presented to provoke further study
so if privacy truly matters to you - and it should
hire a certified security professional
then follow their advice assiduously
http://slides.games-with-brains.net
Thursday, 4 April 2013
6. adventure
Pronunciation: /əәdˈvɛntʃəә/
noun
{mass noun}
an unusual and exciting or daring experience: her recent adventures in Italy
excitement associated with danger or the taking of risks: she travelled the world in
search of adventure
a reckless or potentially hazardous action or enterprise.
archaic a commercial venture.
http://slides.games-with-brains.net
Thursday, 4 April 2013
7. paranoia
Pronunciation: /ˌparəәˈnɔɪəә/
noun
{mass noun}
a mental condition characterized by delusions of persecution, unwarranted jealousy,
or exaggerated self-importance, typically worked into an organized system. It may
be an aspect of chronic personality disorder, of drug abuse, or of a serious condition
such as schizophrenia in which the person loses touch with reality.
unjustified suspicion and mistrust of other people: mild paranoia afflicts all prime
ministers
http://slides.games-with-brains.net
Thursday, 4 April 2013
8. paranoia
Pronunciation: /ˌparəәˈnɔɪəә/
noun
{mass noun}
the perfectly reasonable belief that someone, somewhere is watching your
online behaviour with malicious and/or nefarious intent. It may be a result of
reading a Hacking Exposed or Hacking for Dummies publication, experiencing
the fallout from identity theft, or mixing with cryptographers and cypherpunks.
justified suspicion and mistrust of other people: chronic paranoia afflicts all
information security professionals
http://slides.games-with-brains.net
Thursday, 4 April 2013
9. trust no one
how can we believe our visitors are who they claim to be
http://slides.games-with-brains.net
Thursday, 4 April 2013
10. trust no one
how can visitors be confident we protect their privacy
http://slides.games-with-brains.net
Thursday, 4 April 2013
11. establish a well-known presence
assign globally unique identities
only accept opaque credentials
secure storage wherever identity data rests
secure transport wherever identity data moves
separate authentication and authorisation
http://slides.games-with-brains.net
Thursday, 4 April 2013
12. globally unique identities
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
13. globally unique identities
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
14. high entropy identifiers
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
15. SecureRandom.uuid
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
16. SecureRandom.uuid
opaque credentials
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
17. SecureRandom.uuid
hashed passwords
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
18. SecureRandom.uuid
OpenSSL::Digest::SHA512
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
19. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
20. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
secure storage
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
21. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
hybrid encryption
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
22. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
23. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
OpenSSL::Cipher::AES
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
24. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
OpenSSL::Cipher::AES
single-use keys
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
25. SecureRandom.uuid
OpenSSL::Digest::SHA512
iterative workload
OpenSSL::PKey::RSA
OpenSSL::Cipher::AES
single-use keys
secure transport
http://slides.games-with-brains.net
Thursday, 4 April 2013
33. random_bytes
random_number
urlsafe_base64
uuid
http://slides.games-with-brains.net
Thursday, 4 April 2013
34. require ‘securerandom’
def random_string min = 8, max = 64
length = SecureRandom.random_bytes(max - min)
length = SecureRandom.random_bytes(min + length)
SecureRandom.random_number length
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
35. OpenSSL
the default security toolkit of the internet
http://slides.games-with-brains.net
Thursday, 4 April 2013
36. SHA2
cryptographic hashing algorithm
http://slides.games-with-brains.net
Thursday, 4 April 2013
37. require ‘openssl’
class SHA2
attr_accessor :rounds, :salt
def initialize options = {}
end
def encode value
end
def sign value = nil
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
43. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
44. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
45. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
46. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
47. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
48. def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
49. def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
50. def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
51. def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
52. class SHA2
attr_accessor :rounds, :salt
def initialize options = {}
@digest = OpenSSL::Digest::SHA512.new options
@salt = options[:salt] || 'salted'
@rounds = options[:rounds] || 100000
@key = options[:signing_key] || ""
end
def encode value
@digest.reset
if rounds > 0
@digest << (salt + value)
(rounds - 1).times do
@digest << @digest.hexdigest
end
@digest.hexdigest
else
value
end
end
def sign value = nil
encode value if value
OpenSSL::HMAC.hexdigest @digest, @key, @digest.hexdigest
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
53. AES
single-key symmetric encryption
http://slides.games-with-brains.net
Thursday, 4 April 2013
54. require ‘openssl’
class AES
attr_reader :result, :key, :iv
def initialize options = {}
end
def encode data = ""
end
def decode cipher_text = ""
end
def encode_and_pack data
end
def unpack_and_decode cipher_text
end
private
def update data = ""
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
55. def update data = ""
@result = @cipher.update data
@result << @cipher.final
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
56. def update data = ""
@result = @cipher.update data
@result << @cipher.final
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
57. def update data = ""
@result = @cipher.update data
@result << @cipher.final
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
58. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
59. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
60. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
61. def initialize options = {}
@cipher = OpenSSL::Cipher::AES.new 256, :CBC
@iv = if options[:iv]
@cipher.iv = options[:iv]
else
@cipher.random_iv
end
@key = if options[:key]
@cipher.key = options[:key]
else
@cipher.random_key
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
62. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
63. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
64. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
65. def encode data = ""
@cipher.reset
@cipher.encrypt
@cipher.key = key
@cipher.iv = iv
update(data.to_s rescue "")
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
66. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
67. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
68. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
69. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
70. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
71. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
72. def decode cipher_text = ""
length = cipher_text.length rescue 0
@result = if length > 0
@cipher.reset
@cipher.decrypt
@cipher.key = key
@cipher.iv = iv
cipher_text = update cipher_text
cipher_text if cipher_text.length > 0
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
73. def encode_and_pack data
[iv, encode(data)].pack 'mm'
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
74. def encode_and_pack data
[iv, encode(data)].pack 'mm'
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
75. def encode_and_pack data
[iv, encode(data)].pack 'mm'
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
76. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
77. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
78. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
79. def unpack_and_decode cipher_text = ""
cipher_elements = cipher_text.unpack 'mm'
if cipher_elements.length > 0
c = AES.new iv: cipher_elements[0], key: key
@result = c.decode cipher_elements[1]
end
rescue Exception => e
nil
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
80. RSA
2-key asymmetric encryption
http://slides.games-with-brains.net
Thursday, 4 April 2013
81. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
82. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
83. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
84. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
85. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
86. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
87. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
88. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
89. require ‘openssl’
class RSA
attr_reader :result, :key
def initialize opts = {}
@key = OpenSSL::PKey::RSA.new(opts[:key] || opts[:keysize])
end
def public_key
@key.public_key.to_pem
end
def private_key
@key.to_pem
end
def encode data
@result = @key.public_encrypt(data.to_s rescue "")
end
def decode cipher_text
@result = @key.private_decrypt(cipher_text.to_s rescue "")
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
90. encrypted datastores
encryption-aware tables in Sequel
http://slides.games-with-brains.net
Thursday, 4 April 2013
91. encrypted datastores
(this is not a sequel talk)
http://slides.games-with-brains.net
Thursday, 4 April 2013
92. encrypted datastores
(we're just using it for its friendly DDL)
http://slides.games-with-brains.net
Thursday, 4 April 2013
93. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
94. class Account < Sequel::Model
plugin!:schema
plugin :validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
95. class Account < Sequel::Model
plugin!:schema
plugin :validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
96. class Account < Sequel::Model
plugin!:schema
plugin!:validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
97. class Account < Sequel::Model
plugin!:schema
plugin!:validation_helpers
set_schema do
primary_key :id
String :name
String :email_address
index :name, unique: true
index :email_address, unique: true
end
def validate
super
validates_unique :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
98. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
99. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
100. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
101. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
102. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
103. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index! ! :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
104. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index! ! :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
105. class Account < Sequel::Model
plugin :schema
plugin :validation_helpers
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index! ! :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
106. class Account < Sequel::Model
plugin! :schema
plugin! :validation_helpers
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
107. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
108. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
109. module Model
def self.included mod
mod.plugin!:validation_helpers
mod.plugin!:schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
110. class Account < Sequel::Model
include Model
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
111. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
112. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
113. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
114. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
115. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
116. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
def == entity
self[:id] == entity.id rescue false
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
117. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
def == entity
self[:id] == entity.id rescue false
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
118. module Model
def self.included mod
mod.plugin :validation_helpers
mod.plugin :schema
mod.module_eval <<-ACCESSOR, __FILE__, __LINE__ + 1
def self.retrieve id
#{mod}.where(id: id).first
end
ACCESSOR
end
def == entity
self[:id] == entity.id rescue false
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
119. class Account < Sequel::Model
include Model
set_schema do
primary_key!:id, type: :varchar, auto_increment: false, unique: true
String :name
String :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
unrestrict_primary_key
def validate
super
validates_unique :id, :name, :email_address
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
120. module Model
require 'securerandom'
def generate_id
SecureRandom.uuid
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
121. module Model
require 'securerandom'
def generate_id
SecureRandom.uuid
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
122. module Model
require 'securerandom'
def generate_id
SecureRandom.uuid
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
123. class Account < Sequel::Model
include Model
set_schema do
primary_key! :id, type: :varchar, auto_increment: false, unique: true
String :name
String :retrieval_email
index :id, unique: true
index :name, unique: true
index :retrieval_email, unique: true
end
unrestrict_primary_key
def before_create
generate_id
super
end
def validate
super
validates_unique :id, :name, :retrieval_email
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
124. class Account < Sequel::Model
include Model
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
125. module EncryptedModel
def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
end
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
126. module EncryptedModel
def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
end
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
127. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
128. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
129. field encryption
with encrypted search
http://slides.games-with-brains.net
Thursday, 4 April 2013
130. automatically encrypt on storing
automatically decrypt on retrieval
support equality searches
http://slides.games-with-brains.net
Thursday, 4 April 2013
131. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
132. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
133. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
134. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
135. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
136. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
blob :key, null: true
blob :iv, null: true
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
137. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
blob! ! :key, null: true
blob :iv, null: true
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
138. class Account < Sequel::Model
include Model
extend EncryptedModel
set_schema do
primary_key :id, type: :varchar, auto_increment: false, unique: true
String :name
String! ! :email_address
blob! ! :key, null: true
blob! ! :iv, null: true
index :id, unique: true
index :name, unique: true
index :email_address, unique: true
end
encrypted_fields! :email_address
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
139. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
140. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
141. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
142. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
143. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
144. def configure_field_encryption
self.module_eval <<-CIPHER, __FILE__, __LINE__ + 1
def symmetric_cipher
cipher = if self[:key]
AES.new key: self[:key], iv: self[:iv]
else
AES.new
end
self[:key] ||= cipher.key
self[:iv] ||= cipher.iv
cipher
end
CIPHER
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
145. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
149. def encrypted_fields fields = [], options = {}
options = { rounds: 100000, salt: "", signing_key: "" }.merge options
if fields.length > 0
configure_field_encryption
add_field_validation
enable_equality_searches options
add_field_accessors fields
end
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
150. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
151. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
152. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013
153. def enable_equality_searches options = {}
self.module_eval <<-SEARCH, __FILE__, __LINE__ + 1
def self.search_key v
@@index_key = "#{options[:signing_key]}"
@@rounds = #{options[:rounds]}
@@salt = "#{options[:salt]}"
if v && @@index_key
digest = SHA512.new key: @@index_key,
rounds: @@rounds,
salt: @@salt
digest.encode v
digest.sign
else
v
end
end
def search_key v
self.class.search_key v
end
SEARCH
end
http://slides.games-with-brains.net
Thursday, 4 April 2013