blind_index 2.5.0 → 2.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cca7398adad9e03afd11dd268f4e69d99abe9ef767d648525ceeaee02aa37ba2
-  data.tar.gz: 9ebc3c610a67aace050bffc6724cf7067f734bfe142ff2e0409cd73be66cbbb0
+  metadata.gz: 291577a62790b52028024d748fc849ccaaeebe73b611969291b07a3eef43fd50
+  data.tar.gz: b0775917f436380ead5163519a98f7984ce257db8b664c44f299f1ebbba32934
 SHA512:
-  metadata.gz: d2bc3c733e12261e561cfb0e82a171c9c995079d20f032dba22f757b07dc23dddadbcc87a20e7c83f7a683f6c6904b2227235aee5e69523168d3df2cb50551ec
-  data.tar.gz: ccea3ba949b1643cbbe86f8a2c5fdbd8dc1837334d9db1055bd8cfc0b2f16ea00133029483ea876ddef1c44359f9dec8e1313cbfcd5f727c54f14e803b2110fe
+  metadata.gz: 484dbd052625a14ae883b943d316b3bcf451baf53fb8c67239973c6c7598c50045f3e44af30233424945e427d8e1a43e35dfc3c50884d4567a30d6186cc3aa06
+  data.tar.gz: fe2ad8af315478d6baa00be6f97bdead8767866a8efa3c334cc1e66898571e6f7407a04ec8b53c4a61657cd23943ec24593559fe8c913f57ea14c82bd3d51c8a

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## 2.6.0 (2024-10-07)
+
+- Removed dependency on `scrypt` gem for scrypt algorithm
+- Dropped support for Active Record < 7
+
 ## 2.5.0 (2024-06-03)
 
 - Added support for Mongoid 9

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2017-2023 Andrew Kane
+Copyright (c) 2017-2024 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -385,16 +385,6 @@ One alternative to blind indexing is to use a deterministic encryption scheme, l
 1. You can keep encryption consistent for all fields (both searchable and non-searchable)
 2. Blind indexing supports expressions
 
-## Upgrading
-
-### 2.0.0
-
-2.0.0 brings a number of improvements.
-
-- Blind indexes are updated immediately instead of in a `before_validation` callback
-- Better Lockbox integration - no need to generate a separate key
-- There’s a new gem for Argon2 that has no dependencies and (officially) supports Windows
-
 ## History
 
 View the [changelog](https://github.com/ankane/blind_index/blob/master/CHANGELOG.md)

data/lib/blind_index/key_generator.rb

@@ -23,6 +23,7 @@ module BlindIndex
 
     def hkdf(ikm, salt:, info:, length:, hash:)
       if defined?(OpenSSL::KDF.hkdf)
+        # OpenSSL 1.1.0+
         return OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: length, hash: hash)
       end
 

data/lib/blind_index/model.rb

@@ -38,7 +38,7 @@ module BlindIndex
         class_eval do
           activerecord = defined?(ActiveRecord) && self < ActiveRecord::Base
 
-          if activerecord && ActiveRecord::VERSION::MAJOR >= 6
+          if activerecord
             # blind index value isn't really sensitive
             # but don't need to show it in the Rails console
             self.filter_attributes += [/\A#{Regexp.escape(bidx_attribute)}\z/]

data/lib/blind_index/version.rb

@@ -1,3 +1,3 @@
 module BlindIndex
-  VERSION = "2.5.0"
+  VERSION = "2.6.0"
 end

data/lib/blind_index.rb

@@ -51,7 +51,7 @@ module BlindIndex
 
       # check size
       size = (options[:size] || 32).to_i
-      raise BlindIndex::Error, "Size must be between 1 and 32" unless (1..32).include?(size)
+      raise BlindIndex::Error, "Size must be between 1 and 32" unless (1..32).cover?(size)
 
       value = value.to_s
 
@@ -70,7 +70,7 @@ module BlindIndex
           Argon2::KDF.argon2id(value, salt: key, t: t, m: m, p: 1, length: size)
         when :pbkdf2_sha256
           iterations = cost_options[:iterations] || options[:iterations] || (options[:slow] ? 100000 : 10000)
-          OpenSSL::PKCS5.pbkdf2_hmac(value, key, iterations, size, "sha256")
+          OpenSSL::KDF.pbkdf2_hmac(value, salt: key, iterations: iterations, length: size, hash: "sha256")
         when :argon2i
           t = (cost_options[:t] || 3).to_i
           # use same bounds as rbnacl
@@ -86,7 +86,7 @@ module BlindIndex
           n = cost_options[:n] || 4096
           r = cost_options[:r] || 8
           cp = cost_options[:p] || 1
-          SCrypt::Engine.scrypt(value, key, n, r, cp, size)
+          OpenSSL::KDF.scrypt(value, salt: key, N: n, r: r, p: cp, length: size)
         else
           raise BlindIndex::Error, "Unknown algorithm"
         end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blind_index
 version: !ruby/object:Gem::Version
-  version: 2.5.0
+  version: 2.6.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-03 00:00:00.000000000 Z
+date: 2024-10-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '7'
 - !ruby/object:Gem::Dependency
   name: argon2-kdf
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.1
+        version: '0.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.1
+        version: '0.2'
 description:
 email: andrew@ankane.org
 executables: []
@@ -73,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.9
+rubygems_version: 3.5.16
 signing_key:
 specification_version: 4
 summary: Securely search encrypted database fields