encrypt_attr 0.2.1 → 0.2.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bcc38fab2754e7957dd3674e4fbe3437c7e64f5d
4
- data.tar.gz: 5b7a041d6bba77fd3fc7a69480c12f16acaae2b6
3
+ metadata.gz: 0eff7d819ff9893c446ee56eef2ca21e98ea2ba1
4
+ data.tar.gz: 0233923144bd0cbc85d7adbb13a2fa8816adfd0c
5
5
  SHA512:
6
- metadata.gz: 3ea7a6a267539aca5149fb3d62b5df9f5a572bae3c489df0c6ed4e30ee24adfda57d2d3c384c86ec4bb27e9349731cbde203cece5fb9a841ac140a7a3e91c952
7
- data.tar.gz: 392aad7a970e1f23ee1bd82ff44eb6c3e2e0cc4a32abdabba3f5defd78fa5199ab78c91c7a1d96d696a648494e190069caa348f1cb1a5b72a77a311bdaf7d5f3
6
+ metadata.gz: 3a5954e6af6377c2f73b81440cf2b0841d5f23a4eeaed8128e473ad3e5dc217f19e7b71fbce7f315363c26f014e1b154951670c3d7ce9ac28a6476d7ddb85350
7
+ data.tar.gz: a1d0045a75942ad4ced0caa3816ec18d0c0b8dd51ee6cb921c156fe5d8429b15e7d843d512e679362cca82eb306f258bdfd68f882d472b817aa15861f9e6bb18
data/.travis.yml CHANGED
@@ -2,9 +2,11 @@ language: ruby
2
2
  cache: bundler
3
3
  sudo: false
4
4
  rvm:
5
- - '2.0'
6
- - '2.1'
5
+ - '2.4.0-preview1'
6
+ - '2.3'
7
7
  - '2.2'
8
+ - '2.1'
9
+ - '2.0'
8
10
  addons:
9
11
  code_climate:
10
12
  repo_token:
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## v0.2.2
4
+
5
+ - Ruby 2.4+ validates the IV and key size, so now we're setting the exact size. Notice that encrypted values will be the same, since ruby ignored the additional characters.
6
+
3
7
  ## v0.2.1
4
8
 
5
9
  - Ignore empty strings; OpenSSL::Cipher raises exception with it.
data/README.md CHANGED
@@ -1,8 +1,10 @@
1
1
  # EncryptAttr
2
2
 
3
- [![Build Status](https://travis-ci.org/fnando/encrypt_attr.svg)](https://travis-ci.org/fnando/encrypt_attr)
3
+ [![Travis-CI](https://travis-ci.org/fnando/encrypt_attr.png)](https://travis-ci.org/fnando/encrypt_attr)
4
4
  [![Code Climate](https://codeclimate.com/github/fnando/encrypt_attr/badges/gpa.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
5
- [![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
5
+ [![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr/coverage)
6
+ [![Gem](https://img.shields.io/gem/v/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
7
+ [![Gem](https://img.shields.io/gem/dt/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
6
8
 
7
9
  Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.
8
10
 
@@ -11,7 +13,7 @@ Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works
11
13
  Add this line to your application's Gemfile:
12
14
 
13
15
  ```ruby
14
- gem 'encrypt_attr'
16
+ gem "encrypt_attr"
15
17
  ```
16
18
 
17
19
  And then execute:
@@ -47,7 +49,7 @@ The `encrypt_attr` method has some aliases, so you can also use any of these:
47
49
  This assumes that you have a `encrypted_api_key` attribute. By default, the value is encrypted using a global secret token. You can set a custom token by setting `EncryptAttr.secret_token`; you have to use 100 characters or more (e.g. `$ openssl rand -hex 50`).
48
50
 
49
51
  ```ruby
50
- EncryptAttr.secret_token = 'abc123'
52
+ EncryptAttr.secret_token = "abc123"
51
53
  ```
52
54
 
53
55
  You can also set the secret token per attribute basis.
@@ -64,11 +66,11 @@ To access the decrypted value, just use the method with the same name.
64
66
 
65
67
  ```ruby
66
68
  user = User.new
67
- user.api_key = 'abc123'
69
+ user.api_key = "abc123"
68
70
  user.api_key #=> abc123
69
71
  user.encrypted_api_key #=> UcnhbnAl1Rmvt1mkG0m1FA...
70
72
 
71
- user.api_key = 'newsecret'
73
+ user.api_key = "newsecret"
72
74
  user.api_key #=> newsecret
73
75
  user.encrypted_api_key #=> JgH5dFGl8HnJNEloXZ6qSg...
74
76
  ```
@@ -127,7 +129,7 @@ class User
127
129
  end
128
130
 
129
131
  user = User.new
130
- user.api_key = 'API_KEY'
132
+ user.api_key = "API_KEY"
131
133
  user.encrypted_api_key #=> 'YEK_IPA'
132
134
  ```
133
135
 
data/Rakefile CHANGED
@@ -1,11 +1,12 @@
1
- require 'bundler/gem_tasks'
2
- require 'rake/testtask'
1
+ require "bundler/gem_tasks"
2
+ require "rake/testtask"
3
3
 
4
4
  Rake::TestTask.new(:test) do |t|
5
- t.libs << 'test'
6
- t.libs << 'lib'
7
- t.test_files = FileList['test/**/*_test.rb']
5
+ t.libs << "test"
6
+ t.libs << "lib"
7
+ t.test_files = FileList["test/**/*_test.rb"]
8
+ t.warning = false
8
9
  end
9
10
 
10
- task :default => :test
11
+ task default: :test
11
12
 
data/encrypt_attr.gemspec CHANGED
@@ -1,26 +1,26 @@
1
- require './lib/encrypt_attr/version'
1
+ require "./lib/encrypt_attr/version"
2
2
 
3
3
  Gem::Specification.new do |spec|
4
- spec.name = 'encrypt_attr'
4
+ spec.name = "encrypt_attr"
5
5
  spec.version = EncryptAttr::VERSION
6
- spec.authors = ['Nando Vieira']
7
- spec.email = ['fnando.vieira@gmail.com']
8
- spec.summary = 'Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.'
6
+ spec.authors = ["Nando Vieira"]
7
+ spec.email = ["fnando.vieira@gmail.com"]
8
+ spec.summary = "Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord."
9
9
  spec.description = spec.summary
10
- spec.homepage = 'http://rubygems.org/gems/encrypt_attr'
11
- spec.license = 'MIT'
10
+ spec.homepage = "http://rubygems.org/gems/encrypt_attr"
11
+ spec.license = "MIT"
12
12
 
13
13
  spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
14
- spec.bindir = 'exe'
14
+ spec.bindir = "exe"
15
15
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
16
- spec.require_paths = ['lib']
16
+ spec.require_paths = ["lib"]
17
17
 
18
- spec.add_development_dependency 'bundler'
19
- spec.add_development_dependency 'rake'
20
- spec.add_development_dependency 'minitest'
21
- spec.add_development_dependency 'minitest-utils'
22
- spec.add_development_dependency 'sqlite3'
23
- spec.add_development_dependency 'activerecord'
24
- spec.add_development_dependency 'pry-meta'
25
- spec.add_development_dependency 'codeclimate-test-reporter'
18
+ spec.add_development_dependency "bundler"
19
+ spec.add_development_dependency "rake"
20
+ spec.add_development_dependency "minitest"
21
+ spec.add_development_dependency "minitest-utils"
22
+ spec.add_development_dependency "sqlite3"
23
+ spec.add_development_dependency "activerecord"
24
+ spec.add_development_dependency "pry-meta"
25
+ spec.add_development_dependency "codeclimate-test-reporter"
26
26
  end
data/lib/encrypt_attr.rb CHANGED
@@ -1,10 +1,13 @@
1
- require 'forwardable'
1
+ require "forwardable"
2
+ require "digest/sha2"
3
+ require "base64"
4
+ require "openssl"
2
5
 
3
6
  module EncryptAttr
4
- require 'encrypt_attr/version'
5
- require 'encrypt_attr/encryptor'
6
- require 'encrypt_attr/base'
7
- require 'encrypt_attr/active_record' if defined?(ActiveRecord)
7
+ require "encrypt_attr/version"
8
+ require "encrypt_attr/encryptor"
9
+ require "encrypt_attr/base"
10
+ require "encrypt_attr/active_record" if defined?(ActiveRecord)
8
11
 
9
12
  class << self
10
13
  extend Forwardable
@@ -1,2 +1,2 @@
1
- require 'encrypt_attr'
1
+ require "encrypt_attr"
2
2
  ActiveRecord::Base.send :include, EncryptAttr::Base
@@ -22,7 +22,7 @@ module EncryptAttr
22
22
  def self.validate_secret_token(secret_token)
23
23
  if secret_token.size < 100
24
24
  offending_line = caller
25
- .reject {|entry| entry.include?(__dir__) || entry.include?('forwardable.rb') }
25
+ .reject {|entry| entry.include?(__dir__) || entry.include?("forwardable.rb") }
26
26
  .first[/^(.*?:\d+)/, 1]
27
27
  warn "[encrypt_attribute] secret token must have at least 100 characters (called from #{offending_line})"
28
28
  end
@@ -1,9 +1,7 @@
1
- require 'digest/sha2'
2
- require 'base64'
3
- require 'openssl'
4
-
5
1
  module EncryptAttr
6
2
  class Encryptor
3
+ CIPHER = "AES-256-CBC".freeze
4
+
7
5
  def self.encrypt(secret_token, value)
8
6
  new(secret_token).encrypt(value)
9
7
  end
@@ -28,9 +26,10 @@ module EncryptAttr
28
26
  end
29
27
 
30
28
  def cipher(mode, value)
31
- cipher = OpenSSL::Cipher.new('AES-256-CBC').public_send(mode)
32
- cipher.key = Digest::SHA256.digest(secret_token)
33
- cipher.iv = Digest::SHA256.digest(secret_token)
29
+ cipher = OpenSSL::Cipher.new(CIPHER).public_send(mode)
30
+ digest = Digest::SHA256.digest(secret_token)
31
+ cipher.key = digest
32
+ cipher.iv = digest[0...cipher.iv_len]
34
33
  cipher.update(value) + cipher.final
35
34
  end
36
35
 
@@ -1,3 +1,3 @@
1
1
  module EncryptAttr
2
- VERSION = '0.2.1'
2
+ VERSION = "0.2.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: encrypt_attr
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nando Vieira
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-03-02 00:00:00.000000000 Z
11
+ date: 2016-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler