encrypt_attr 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bcc38fab2754e7957dd3674e4fbe3437c7e64f5d
4
- data.tar.gz: 5b7a041d6bba77fd3fc7a69480c12f16acaae2b6
3
+ metadata.gz: 0eff7d819ff9893c446ee56eef2ca21e98ea2ba1
4
+ data.tar.gz: 0233923144bd0cbc85d7adbb13a2fa8816adfd0c
5
5
  SHA512:
6
- metadata.gz: 3ea7a6a267539aca5149fb3d62b5df9f5a572bae3c489df0c6ed4e30ee24adfda57d2d3c384c86ec4bb27e9349731cbde203cece5fb9a841ac140a7a3e91c952
7
- data.tar.gz: 392aad7a970e1f23ee1bd82ff44eb6c3e2e0cc4a32abdabba3f5defd78fa5199ab78c91c7a1d96d696a648494e190069caa348f1cb1a5b72a77a311bdaf7d5f3
6
+ metadata.gz: 3a5954e6af6377c2f73b81440cf2b0841d5f23a4eeaed8128e473ad3e5dc217f19e7b71fbce7f315363c26f014e1b154951670c3d7ce9ac28a6476d7ddb85350
7
+ data.tar.gz: a1d0045a75942ad4ced0caa3816ec18d0c0b8dd51ee6cb921c156fe5d8429b15e7d843d512e679362cca82eb306f258bdfd68f882d472b817aa15861f9e6bb18
data/.travis.yml CHANGED
@@ -2,9 +2,11 @@ language: ruby
2
2
  cache: bundler
3
3
  sudo: false
4
4
  rvm:
5
- - '2.0'
6
- - '2.1'
5
+ - '2.4.0-preview1'
6
+ - '2.3'
7
7
  - '2.2'
8
+ - '2.1'
9
+ - '2.0'
8
10
  addons:
9
11
  code_climate:
10
12
  repo_token:
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## v0.2.2
4
+
5
+ - Ruby 2.4+ validates the IV and key size, so now we're setting the exact size. Notice that encrypted values will be the same, since ruby ignored the additional characters.
6
+
3
7
  ## v0.2.1
4
8
 
5
9
  - Ignore empty strings; OpenSSL::Cipher raises exception with it.
data/README.md CHANGED
@@ -1,8 +1,10 @@
1
1
  # EncryptAttr
2
2
 
3
- [![Build Status](https://travis-ci.org/fnando/encrypt_attr.svg)](https://travis-ci.org/fnando/encrypt_attr)
3
+ [![Travis-CI](https://travis-ci.org/fnando/encrypt_attr.png)](https://travis-ci.org/fnando/encrypt_attr)
4
4
  [![Code Climate](https://codeclimate.com/github/fnando/encrypt_attr/badges/gpa.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
5
- [![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
5
+ [![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr/coverage)
6
+ [![Gem](https://img.shields.io/gem/v/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
7
+ [![Gem](https://img.shields.io/gem/dt/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
6
8
 
7
9
  Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.
8
10
 
@@ -11,7 +13,7 @@ Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works
11
13
  Add this line to your application's Gemfile:
12
14
 
13
15
  ```ruby
14
- gem 'encrypt_attr'
16
+ gem "encrypt_attr"
15
17
  ```
16
18
 
17
19
  And then execute:
@@ -47,7 +49,7 @@ The `encrypt_attr` method has some aliases, so you can also use any of these:
47
49
  This assumes that you have a `encrypted_api_key` attribute. By default, the value is encrypted using a global secret token. You can set a custom token by setting `EncryptAttr.secret_token`; you have to use 100 characters or more (e.g. `$ openssl rand -hex 50`).
48
50
 
49
51
  ```ruby
50
- EncryptAttr.secret_token = 'abc123'
52
+ EncryptAttr.secret_token = "abc123"
51
53
  ```
52
54
 
53
55
  You can also set the secret token per attribute basis.
@@ -64,11 +66,11 @@ To access the decrypted value, just use the method with the same name.
64
66
 
65
67
  ```ruby
66
68
  user = User.new
67
- user.api_key = 'abc123'
69
+ user.api_key = "abc123"
68
70
  user.api_key #=> abc123
69
71
  user.encrypted_api_key #=> UcnhbnAl1Rmvt1mkG0m1FA...
70
72
 
71
- user.api_key = 'newsecret'
73
+ user.api_key = "newsecret"
72
74
  user.api_key #=> newsecret
73
75
  user.encrypted_api_key #=> JgH5dFGl8HnJNEloXZ6qSg...
74
76
  ```
@@ -127,7 +129,7 @@ class User
127
129
  end
128
130
 
129
131
  user = User.new
130
- user.api_key = 'API_KEY'
132
+ user.api_key = "API_KEY"
131
133
  user.encrypted_api_key #=> 'YEK_IPA'
132
134
  ```
133
135
 
data/Rakefile CHANGED
@@ -1,11 +1,12 @@
1
- require 'bundler/gem_tasks'
2
- require 'rake/testtask'
1
+ require "bundler/gem_tasks"
2
+ require "rake/testtask"
3
3
 
4
4
  Rake::TestTask.new(:test) do |t|
5
- t.libs << 'test'
6
- t.libs << 'lib'
7
- t.test_files = FileList['test/**/*_test.rb']
5
+ t.libs << "test"
6
+ t.libs << "lib"
7
+ t.test_files = FileList["test/**/*_test.rb"]
8
+ t.warning = false
8
9
  end
9
10
 
10
- task :default => :test
11
+ task default: :test
11
12
 
data/encrypt_attr.gemspec CHANGED
@@ -1,26 +1,26 @@
1
- require './lib/encrypt_attr/version'
1
+ require "./lib/encrypt_attr/version"
2
2
 
3
3
  Gem::Specification.new do |spec|
4
- spec.name = 'encrypt_attr'
4
+ spec.name = "encrypt_attr"
5
5
  spec.version = EncryptAttr::VERSION
6
- spec.authors = ['Nando Vieira']
7
- spec.email = ['fnando.vieira@gmail.com']
8
- spec.summary = 'Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.'
6
+ spec.authors = ["Nando Vieira"]
7
+ spec.email = ["fnando.vieira@gmail.com"]
8
+ spec.summary = "Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord."
9
9
  spec.description = spec.summary
10
- spec.homepage = 'http://rubygems.org/gems/encrypt_attr'
11
- spec.license = 'MIT'
10
+ spec.homepage = "http://rubygems.org/gems/encrypt_attr"
11
+ spec.license = "MIT"
12
12
 
13
13
  spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
14
- spec.bindir = 'exe'
14
+ spec.bindir = "exe"
15
15
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
16
- spec.require_paths = ['lib']
16
+ spec.require_paths = ["lib"]
17
17
 
18
- spec.add_development_dependency 'bundler'
19
- spec.add_development_dependency 'rake'
20
- spec.add_development_dependency 'minitest'
21
- spec.add_development_dependency 'minitest-utils'
22
- spec.add_development_dependency 'sqlite3'
23
- spec.add_development_dependency 'activerecord'
24
- spec.add_development_dependency 'pry-meta'
25
- spec.add_development_dependency 'codeclimate-test-reporter'
18
+ spec.add_development_dependency "bundler"
19
+ spec.add_development_dependency "rake"
20
+ spec.add_development_dependency "minitest"
21
+ spec.add_development_dependency "minitest-utils"
22
+ spec.add_development_dependency "sqlite3"
23
+ spec.add_development_dependency "activerecord"
24
+ spec.add_development_dependency "pry-meta"
25
+ spec.add_development_dependency "codeclimate-test-reporter"
26
26
  end
data/lib/encrypt_attr.rb CHANGED
@@ -1,10 +1,13 @@
1
- require 'forwardable'
1
+ require "forwardable"
2
+ require "digest/sha2"
3
+ require "base64"
4
+ require "openssl"
2
5
 
3
6
  module EncryptAttr
4
- require 'encrypt_attr/version'
5
- require 'encrypt_attr/encryptor'
6
- require 'encrypt_attr/base'
7
- require 'encrypt_attr/active_record' if defined?(ActiveRecord)
7
+ require "encrypt_attr/version"
8
+ require "encrypt_attr/encryptor"
9
+ require "encrypt_attr/base"
10
+ require "encrypt_attr/active_record" if defined?(ActiveRecord)
8
11
 
9
12
  class << self
10
13
  extend Forwardable
@@ -1,2 +1,2 @@
1
- require 'encrypt_attr'
1
+ require "encrypt_attr"
2
2
  ActiveRecord::Base.send :include, EncryptAttr::Base
@@ -22,7 +22,7 @@ module EncryptAttr
22
22
  def self.validate_secret_token(secret_token)
23
23
  if secret_token.size < 100
24
24
  offending_line = caller
25
- .reject {|entry| entry.include?(__dir__) || entry.include?('forwardable.rb') }
25
+ .reject {|entry| entry.include?(__dir__) || entry.include?("forwardable.rb") }
26
26
  .first[/^(.*?:\d+)/, 1]
27
27
  warn "[encrypt_attribute] secret token must have at least 100 characters (called from #{offending_line})"
28
28
  end
@@ -1,9 +1,7 @@
1
- require 'digest/sha2'
2
- require 'base64'
3
- require 'openssl'
4
-
5
1
  module EncryptAttr
6
2
  class Encryptor
3
+ CIPHER = "AES-256-CBC".freeze
4
+
7
5
  def self.encrypt(secret_token, value)
8
6
  new(secret_token).encrypt(value)
9
7
  end
@@ -28,9 +26,10 @@ module EncryptAttr
28
26
  end
29
27
 
30
28
  def cipher(mode, value)
31
- cipher = OpenSSL::Cipher.new('AES-256-CBC').public_send(mode)
32
- cipher.key = Digest::SHA256.digest(secret_token)
33
- cipher.iv = Digest::SHA256.digest(secret_token)
29
+ cipher = OpenSSL::Cipher.new(CIPHER).public_send(mode)
30
+ digest = Digest::SHA256.digest(secret_token)
31
+ cipher.key = digest
32
+ cipher.iv = digest[0...cipher.iv_len]
34
33
  cipher.update(value) + cipher.final
35
34
  end
36
35
 
@@ -1,3 +1,3 @@
1
1
  module EncryptAttr
2
- VERSION = '0.2.1'
2
+ VERSION = "0.2.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: encrypt_attr
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nando Vieira
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-03-02 00:00:00.000000000 Z
11
+ date: 2016-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler