RubyGems - attr_secure - Versions diffs - 0.4.0 → 0.4.1 - Mend

attr_secure 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8d5fbb2605957a88f3fd11dcbc0f735fc8b993ed
-  data.tar.gz: faf03ade79777a0e6b02d86698a463ca004f3d4c
+  metadata.gz: d6b19b64543b141b0b372b2010af6f30ccd3b81f
+  data.tar.gz: c984a560ca53f124d3205464e21b5f2bf4431718
 SHA512:
-  metadata.gz: 16569f6996244494a91e44b0d07f2032596c466aa53d4e69c1fd91e06bb68bd1fe668a67d3a252f4907eb1088b25a8d0ec867061fa5a2c0e172b9b3b968e0bd0
-  data.tar.gz: 55292057514a6f91c1dd9f03d128e51a48a3e155694f5632a3f2656999c2d044130d534b61b6b6b96aec12dbd00cb93868b159844861d52aaeebeefdf1f96a41
+  metadata.gz: 74c0df87e95d4063246dbf49cec92804550968b80f3f5764771418f97ff39f8065003dfbb1c023f807c112f82666604ddea4243bb820de29dee270832007ba7d
+  data.tar.gz: 696bca5441551b81791482e52e435a41e08447b2020058898ff964f528ecdef9a01824f821fde8972d20060fd2ac8bb8d4fa6820e08a5226843f87a8bf9e32de

data/README.md CHANGED

@@ -60,7 +60,7 @@ similar.  Encrypted values are long.
 ## Key rotation
-You can pass a comma delimited list of keys as your secret.  attr_secure will decrypt with each key in turn until it hits a verified value.  Encryption always happens with the newest (leftmost) key.
+You can pass a comma delimited list of keys (or an array of keys) as your secret.  attr_secure will decrypt with each key in turn until it hits a verified value.  Encryption always happens with the newest (leftmost) key.
 ## Contributing

data/lib/attr_secure/secure.rb CHANGED

@@ -34,8 +34,8 @@ module AttrSecure
           return verifier.data['value'] if verifier.valid?
         rescue
         end
-        raise OpenSSL::Cipher::CipherError
       end
+      raise OpenSSL::Cipher::CipherError
     end
   end

data/lib/attr_secure/version.rb CHANGED

@@ -1,3 +1,3 @@
 module AttrSecure
-  VERSION = "0.4.0"
+  VERSION = "0.4.1"
 end

data/spec/secure_spec.rb CHANGED

@@ -35,9 +35,11 @@ describe AttrSecure::Secure do
   [ ->(*secrets) { secrets.join(',') },
     ->(*secrets) { secrets } ].each do |make_secret|
     context "with an array of keys" do
-      subject       { described_class.new(make_secret.call(secret1, secret2)) }
-      let(:secret1) { 'fWSvpC6Eh1/FFE1TUgXpcEzMmmGc9IZSqoexzEslzKI=' }
-      let(:secret2) { 'd9ssNmUYn7UpMoSc0eM2glVUG2DPYwXveLTDU7j8pBY=' }
+      subject           { described_class.new(make_secret.call(secret1, secret2)) }
+      let(:secret1)     { 'fWSvpC6Eh1/FFE1TUgXpcEzMmmGc9IZSqoexzEslzKI=' }
+      let(:secret2)     { 'd9ssNmUYn7UpMoSc0eM2glVUG2DPYwXveLTDU7j8pBY=' }
+      let(:key1_secure) { described_class.new(secret1) }
+      let(:key2_secure) { described_class.new(secret2) }
       describe '#secret=' do
         it "should update the list of secrets" do
@@ -53,14 +55,33 @@ describe AttrSecure::Secure do
           expect(subject.encrypt('encrypted')).to_not be_empty
           expect(subject.encrypt('encrypted')).to_not eq(subject.encrypt('encrypted'))
         end
+        it "should use the first secret to encrypt" do
+          ciphertext = subject.encrypt('encrypted')
+          expect(key1_secure.decrypt(ciphertext)).to eq("encrypted")
+        end
       end
       describe '#decrypt' do
-        let(:encrypted_value) { subject.encrypt('decrypted') }
+        let(:encrypted_value)     { subject.encrypt('decrypted') }
+        let(:bare_value)          { "hello world" }
+        let(:undecryptable_value) { other_encrypter.encrypt('decrypted') }
         it "should decrypt a string" do
           expect(subject.decrypt(encrypted_value)).to eq('decrypted')
         end
+        it "should decrypt a string encrypted with any valid key" do
+          key1_ciphertext = key1_secure.encrypt('encrypted')
+          expect(subject.decrypt(key1_ciphertext)).to eq('encrypted')
+          key2_ciphertext = key2_secure.encrypt('encrypted')
+          expect(subject.decrypt(key2_ciphertext)).to eq('encrypted')
+        end
+        it "should raise if it cannot decrypt" do
+          expect { subject.decrypt(undecryptable_value) }.to raise_error(StandardError)
+        end
       end
     end
   end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: attr_secure
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Neil Middleton
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-01-06 00:00:00.000000000 Z
+date: 2014-02-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec