attr_secure 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/attr_secure/secure.rb +1 -1
- data/lib/attr_secure/version.rb +1 -1
- data/spec/secure_spec.rb +25 -4
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d6b19b64543b141b0b372b2010af6f30ccd3b81f
|
4
|
+
data.tar.gz: c984a560ca53f124d3205464e21b5f2bf4431718
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 74c0df87e95d4063246dbf49cec92804550968b80f3f5764771418f97ff39f8065003dfbb1c023f807c112f82666604ddea4243bb820de29dee270832007ba7d
|
7
|
+
data.tar.gz: 696bca5441551b81791482e52e435a41e08447b2020058898ff964f528ecdef9a01824f821fde8972d20060fd2ac8bb8d4fa6820e08a5226843f87a8bf9e32de
|
data/README.md
CHANGED
@@ -60,7 +60,7 @@ similar. Encrypted values are long.
|
|
60
60
|
|
61
61
|
## Key rotation
|
62
62
|
|
63
|
-
You can pass a comma delimited list of keys as your secret. attr_secure will decrypt with each key in turn until it hits a verified value. Encryption always happens with the newest (leftmost) key.
|
63
|
+
You can pass a comma delimited list of keys (or an array of keys) as your secret. attr_secure will decrypt with each key in turn until it hits a verified value. Encryption always happens with the newest (leftmost) key.
|
64
64
|
|
65
65
|
## Contributing
|
66
66
|
|
data/lib/attr_secure/secure.rb
CHANGED
data/lib/attr_secure/version.rb
CHANGED
data/spec/secure_spec.rb
CHANGED
@@ -35,9 +35,11 @@ describe AttrSecure::Secure do
|
|
35
35
|
[ ->(*secrets) { secrets.join(',') },
|
36
36
|
->(*secrets) { secrets } ].each do |make_secret|
|
37
37
|
context "with an array of keys" do
|
38
|
-
subject
|
39
|
-
let(:secret1)
|
40
|
-
let(:secret2)
|
38
|
+
subject { described_class.new(make_secret.call(secret1, secret2)) }
|
39
|
+
let(:secret1) { 'fWSvpC6Eh1/FFE1TUgXpcEzMmmGc9IZSqoexzEslzKI=' }
|
40
|
+
let(:secret2) { 'd9ssNmUYn7UpMoSc0eM2glVUG2DPYwXveLTDU7j8pBY=' }
|
41
|
+
let(:key1_secure) { described_class.new(secret1) }
|
42
|
+
let(:key2_secure) { described_class.new(secret2) }
|
41
43
|
|
42
44
|
describe '#secret=' do
|
43
45
|
it "should update the list of secrets" do
|
@@ -53,14 +55,33 @@ describe AttrSecure::Secure do
|
|
53
55
|
expect(subject.encrypt('encrypted')).to_not be_empty
|
54
56
|
expect(subject.encrypt('encrypted')).to_not eq(subject.encrypt('encrypted'))
|
55
57
|
end
|
58
|
+
|
59
|
+
it "should use the first secret to encrypt" do
|
60
|
+
ciphertext = subject.encrypt('encrypted')
|
61
|
+
expect(key1_secure.decrypt(ciphertext)).to eq("encrypted")
|
62
|
+
end
|
56
63
|
end
|
57
64
|
|
58
65
|
describe '#decrypt' do
|
59
|
-
let(:encrypted_value)
|
66
|
+
let(:encrypted_value) { subject.encrypt('decrypted') }
|
67
|
+
let(:bare_value) { "hello world" }
|
68
|
+
let(:undecryptable_value) { other_encrypter.encrypt('decrypted') }
|
60
69
|
|
61
70
|
it "should decrypt a string" do
|
62
71
|
expect(subject.decrypt(encrypted_value)).to eq('decrypted')
|
63
72
|
end
|
73
|
+
|
74
|
+
it "should decrypt a string encrypted with any valid key" do
|
75
|
+
key1_ciphertext = key1_secure.encrypt('encrypted')
|
76
|
+
expect(subject.decrypt(key1_ciphertext)).to eq('encrypted')
|
77
|
+
|
78
|
+
key2_ciphertext = key2_secure.encrypt('encrypted')
|
79
|
+
expect(subject.decrypt(key2_ciphertext)).to eq('encrypted')
|
80
|
+
end
|
81
|
+
|
82
|
+
it "should raise if it cannot decrypt" do
|
83
|
+
expect { subject.decrypt(undecryptable_value) }.to raise_error(StandardError)
|
84
|
+
end
|
64
85
|
end
|
65
86
|
end
|
66
87
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: attr_secure
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Neil Middleton
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-02-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|