encrypt_attr 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +4 -2
- data/CHANGELOG.md +4 -0
- data/README.md +9 -7
- data/Rakefile +7 -6
- data/encrypt_attr.gemspec +17 -17
- data/lib/encrypt_attr.rb +8 -5
- data/lib/encrypt_attr/active_record.rb +1 -1
- data/lib/encrypt_attr/base.rb +1 -1
- data/lib/encrypt_attr/encryptor.rb +6 -7
- data/lib/encrypt_attr/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0eff7d819ff9893c446ee56eef2ca21e98ea2ba1
|
4
|
+
data.tar.gz: 0233923144bd0cbc85d7adbb13a2fa8816adfd0c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3a5954e6af6377c2f73b81440cf2b0841d5f23a4eeaed8128e473ad3e5dc217f19e7b71fbce7f315363c26f014e1b154951670c3d7ce9ac28a6476d7ddb85350
|
7
|
+
data.tar.gz: a1d0045a75942ad4ced0caa3816ec18d0c0b8dd51ee6cb921c156fe5d8429b15e7d843d512e679362cca82eb306f258bdfd68f882d472b817aa15861f9e6bb18
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
# Changelog
|
2
2
|
|
3
|
+
## v0.2.2
|
4
|
+
|
5
|
+
- Ruby 2.4+ validates the IV and key size, so now we're setting the exact size. Notice that encrypted values will be the same, since ruby ignored the additional characters.
|
6
|
+
|
3
7
|
## v0.2.1
|
4
8
|
|
5
9
|
- Ignore empty strings; OpenSSL::Cipher raises exception with it.
|
data/README.md
CHANGED
@@ -1,8 +1,10 @@
|
|
1
1
|
# EncryptAttr
|
2
2
|
|
3
|
-
[](https://travis-ci.org/fnando/encrypt_attr)
|
4
4
|
[](https://codeclimate.com/github/fnando/encrypt_attr)
|
5
|
-
[](https://codeclimate.com/github/fnando/encrypt_attr)
|
5
|
+
[](https://codeclimate.com/github/fnando/encrypt_attr/coverage)
|
6
|
+
[](https://rubygems.org/gems/encrypt_attr)
|
7
|
+
[](https://rubygems.org/gems/encrypt_attr)
|
6
8
|
|
7
9
|
Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.
|
8
10
|
|
@@ -11,7 +13,7 @@ Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works
|
|
11
13
|
Add this line to your application's Gemfile:
|
12
14
|
|
13
15
|
```ruby
|
14
|
-
gem
|
16
|
+
gem "encrypt_attr"
|
15
17
|
```
|
16
18
|
|
17
19
|
And then execute:
|
@@ -47,7 +49,7 @@ The `encrypt_attr` method has some aliases, so you can also use any of these:
|
|
47
49
|
This assumes that you have a `encrypted_api_key` attribute. By default, the value is encrypted using a global secret token. You can set a custom token by setting `EncryptAttr.secret_token`; you have to use 100 characters or more (e.g. `$ openssl rand -hex 50`).
|
48
50
|
|
49
51
|
```ruby
|
50
|
-
EncryptAttr.secret_token =
|
52
|
+
EncryptAttr.secret_token = "abc123"
|
51
53
|
```
|
52
54
|
|
53
55
|
You can also set the secret token per attribute basis.
|
@@ -64,11 +66,11 @@ To access the decrypted value, just use the method with the same name.
|
|
64
66
|
|
65
67
|
```ruby
|
66
68
|
user = User.new
|
67
|
-
user.api_key =
|
69
|
+
user.api_key = "abc123"
|
68
70
|
user.api_key #=> abc123
|
69
71
|
user.encrypted_api_key #=> UcnhbnAl1Rmvt1mkG0m1FA...
|
70
72
|
|
71
|
-
user.api_key =
|
73
|
+
user.api_key = "newsecret"
|
72
74
|
user.api_key #=> newsecret
|
73
75
|
user.encrypted_api_key #=> JgH5dFGl8HnJNEloXZ6qSg...
|
74
76
|
```
|
@@ -127,7 +129,7 @@ class User
|
|
127
129
|
end
|
128
130
|
|
129
131
|
user = User.new
|
130
|
-
user.api_key =
|
132
|
+
user.api_key = "API_KEY"
|
131
133
|
user.encrypted_api_key #=> 'YEK_IPA'
|
132
134
|
```
|
133
135
|
|
data/Rakefile
CHANGED
@@ -1,11 +1,12 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "bundler/gem_tasks"
|
2
|
+
require "rake/testtask"
|
3
3
|
|
4
4
|
Rake::TestTask.new(:test) do |t|
|
5
|
-
t.libs <<
|
6
|
-
t.libs <<
|
7
|
-
t.test_files = FileList[
|
5
|
+
t.libs << "test"
|
6
|
+
t.libs << "lib"
|
7
|
+
t.test_files = FileList["test/**/*_test.rb"]
|
8
|
+
t.warning = false
|
8
9
|
end
|
9
10
|
|
10
|
-
task :
|
11
|
+
task default: :test
|
11
12
|
|
data/encrypt_attr.gemspec
CHANGED
@@ -1,26 +1,26 @@
|
|
1
|
-
require
|
1
|
+
require "./lib/encrypt_attr/version"
|
2
2
|
|
3
3
|
Gem::Specification.new do |spec|
|
4
|
-
spec.name =
|
4
|
+
spec.name = "encrypt_attr"
|
5
5
|
spec.version = EncryptAttr::VERSION
|
6
|
-
spec.authors = [
|
7
|
-
spec.email = [
|
8
|
-
spec.summary =
|
6
|
+
spec.authors = ["Nando Vieira"]
|
7
|
+
spec.email = ["fnando.vieira@gmail.com"]
|
8
|
+
spec.summary = "Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord."
|
9
9
|
spec.description = spec.summary
|
10
|
-
spec.homepage =
|
11
|
-
spec.license =
|
10
|
+
spec.homepage = "http://rubygems.org/gems/encrypt_attr"
|
11
|
+
spec.license = "MIT"
|
12
12
|
|
13
13
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
14
|
-
spec.bindir =
|
14
|
+
spec.bindir = "exe"
|
15
15
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
16
|
-
spec.require_paths = [
|
16
|
+
spec.require_paths = ["lib"]
|
17
17
|
|
18
|
-
spec.add_development_dependency
|
19
|
-
spec.add_development_dependency
|
20
|
-
spec.add_development_dependency
|
21
|
-
spec.add_development_dependency
|
22
|
-
spec.add_development_dependency
|
23
|
-
spec.add_development_dependency
|
24
|
-
spec.add_development_dependency
|
25
|
-
spec.add_development_dependency
|
18
|
+
spec.add_development_dependency "bundler"
|
19
|
+
spec.add_development_dependency "rake"
|
20
|
+
spec.add_development_dependency "minitest"
|
21
|
+
spec.add_development_dependency "minitest-utils"
|
22
|
+
spec.add_development_dependency "sqlite3"
|
23
|
+
spec.add_development_dependency "activerecord"
|
24
|
+
spec.add_development_dependency "pry-meta"
|
25
|
+
spec.add_development_dependency "codeclimate-test-reporter"
|
26
26
|
end
|
data/lib/encrypt_attr.rb
CHANGED
@@ -1,10 +1,13 @@
|
|
1
|
-
require
|
1
|
+
require "forwardable"
|
2
|
+
require "digest/sha2"
|
3
|
+
require "base64"
|
4
|
+
require "openssl"
|
2
5
|
|
3
6
|
module EncryptAttr
|
4
|
-
require
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require
|
7
|
+
require "encrypt_attr/version"
|
8
|
+
require "encrypt_attr/encryptor"
|
9
|
+
require "encrypt_attr/base"
|
10
|
+
require "encrypt_attr/active_record" if defined?(ActiveRecord)
|
8
11
|
|
9
12
|
class << self
|
10
13
|
extend Forwardable
|
@@ -1,2 +1,2 @@
|
|
1
|
-
require
|
1
|
+
require "encrypt_attr"
|
2
2
|
ActiveRecord::Base.send :include, EncryptAttr::Base
|
data/lib/encrypt_attr/base.rb
CHANGED
@@ -22,7 +22,7 @@ module EncryptAttr
|
|
22
22
|
def self.validate_secret_token(secret_token)
|
23
23
|
if secret_token.size < 100
|
24
24
|
offending_line = caller
|
25
|
-
.reject {|entry| entry.include?(__dir__) || entry.include?(
|
25
|
+
.reject {|entry| entry.include?(__dir__) || entry.include?("forwardable.rb") }
|
26
26
|
.first[/^(.*?:\d+)/, 1]
|
27
27
|
warn "[encrypt_attribute] secret token must have at least 100 characters (called from #{offending_line})"
|
28
28
|
end
|
@@ -1,9 +1,7 @@
|
|
1
|
-
require 'digest/sha2'
|
2
|
-
require 'base64'
|
3
|
-
require 'openssl'
|
4
|
-
|
5
1
|
module EncryptAttr
|
6
2
|
class Encryptor
|
3
|
+
CIPHER = "AES-256-CBC".freeze
|
4
|
+
|
7
5
|
def self.encrypt(secret_token, value)
|
8
6
|
new(secret_token).encrypt(value)
|
9
7
|
end
|
@@ -28,9 +26,10 @@ module EncryptAttr
|
|
28
26
|
end
|
29
27
|
|
30
28
|
def cipher(mode, value)
|
31
|
-
cipher = OpenSSL::Cipher.new(
|
32
|
-
|
33
|
-
cipher.
|
29
|
+
cipher = OpenSSL::Cipher.new(CIPHER).public_send(mode)
|
30
|
+
digest = Digest::SHA256.digest(secret_token)
|
31
|
+
cipher.key = digest
|
32
|
+
cipher.iv = digest[0...cipher.iv_len]
|
34
33
|
cipher.update(value) + cipher.final
|
35
34
|
end
|
36
35
|
|
data/lib/encrypt_attr/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: encrypt_attr
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nando Vieira
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-06-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|