RubyGems - encrypt_attr - Versions diffs - 0.2.1 → 0.2.2 - Mend

encrypt_attr 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/.travis.yml +4 -2
data/CHANGELOG.md +4 -0
data/README.md +9 -7
data/Rakefile +7 -6
data/encrypt_attr.gemspec +17 -17
data/lib/encrypt_attr.rb +8 -5
data/lib/encrypt_attr/active_record.rb +1 -1
data/lib/encrypt_attr/base.rb +1 -1
data/lib/encrypt_attr/encryptor.rb +6 -7
data/lib/encrypt_attr/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bcc38fab2754e7957dd3674e4fbe3437c7e64f5d
-  data.tar.gz: 5b7a041d6bba77fd3fc7a69480c12f16acaae2b6
+  metadata.gz: 0eff7d819ff9893c446ee56eef2ca21e98ea2ba1
+  data.tar.gz: 0233923144bd0cbc85d7adbb13a2fa8816adfd0c
 SHA512:
-  metadata.gz: 3ea7a6a267539aca5149fb3d62b5df9f5a572bae3c489df0c6ed4e30ee24adfda57d2d3c384c86ec4bb27e9349731cbde203cece5fb9a841ac140a7a3e91c952
-  data.tar.gz: 392aad7a970e1f23ee1bd82ff44eb6c3e2e0cc4a32abdabba3f5defd78fa5199ab78c91c7a1d96d696a648494e190069caa348f1cb1a5b72a77a311bdaf7d5f3
+  metadata.gz: 3a5954e6af6377c2f73b81440cf2b0841d5f23a4eeaed8128e473ad3e5dc217f19e7b71fbce7f315363c26f014e1b154951670c3d7ce9ac28a6476d7ddb85350
+  data.tar.gz: a1d0045a75942ad4ced0caa3816ec18d0c0b8dd51ee6cb921c156fe5d8429b15e7d843d512e679362cca82eb306f258bdfd68f882d472b817aa15861f9e6bb18

data/.travis.yml CHANGED Viewed

@@ -2,9 +2,11 @@ language: ruby
 cache: bundler
 sudo: false
 rvm:
-  - '2.0'
-  - '2.1'
+  - '2.4.0-preview1'
+  - '2.3'
   - '2.2'
+  - '2.1'
+  - '2.0'
 addons:
   code_climate:
     repo_token:

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,9 @@
 # Changelog
+## v0.2.2
+- Ruby 2.4+ validates the IV and key size, so now we're setting the exact size. Notice that encrypted values will be the same, since ruby ignored the additional characters.
 ## v0.2.1
 - Ignore empty strings; OpenSSL::Cipher raises exception with it.

data/README.md CHANGED Viewed

@@ -1,8 +1,10 @@
 # EncryptAttr
-[![Build Status](https://travis-ci.org/fnando/encrypt_attr.svg)](https://travis-ci.org/fnando/encrypt_attr)
+[![Travis-CI](https://travis-ci.org/fnando/encrypt_attr.png)](https://travis-ci.org/fnando/encrypt_attr)
 [![Code Climate](https://codeclimate.com/github/fnando/encrypt_attr/badges/gpa.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
-[![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
+[![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr/coverage)
+[![Gem](https://img.shields.io/gem/v/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
+[![Gem](https://img.shields.io/gem/dt/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
 Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.
@@ -11,7 +13,7 @@ Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works
 Add this line to your application's Gemfile:
 ```ruby
-gem 'encrypt_attr'
+gem "encrypt_attr"
 ```
 And then execute:
@@ -47,7 +49,7 @@ The `encrypt_attr` method has some aliases, so you can also use any of these:
 This assumes that you have a `encrypted_api_key` attribute. By default, the value is encrypted using a global secret token. You can set a custom token by setting `EncryptAttr.secret_token`; you have to use 100 characters or more (e.g. `$ openssl rand -hex 50`).
 ```ruby
-EncryptAttr.secret_token = 'abc123'
+EncryptAttr.secret_token = "abc123"
 ```
 You can also set the secret token per attribute basis.
@@ -64,11 +66,11 @@ To access the decrypted value, just use the method with the same name.
 ```ruby
 user = User.new
-user.api_key = 'abc123'
+user.api_key = "abc123"
 user.api_key                #=> abc123
 user.encrypted_api_key      #=> UcnhbnAl1Rmvt1mkG0m1FA...
-user.api_key = 'newsecret'
+user.api_key = "newsecret"
 user.api_key                #=> newsecret
 user.encrypted_api_key      #=> JgH5dFGl8HnJNEloXZ6qSg...
 ```
@@ -127,7 +129,7 @@ class User
 end
 user = User.new
-user.api_key = 'API_KEY'
+user.api_key = "API_KEY"
 user.encrypted_api_key #=> 'YEK_IPA'
 ```

data/Rakefile CHANGED Viewed

@@ -1,11 +1,12 @@
-require 'bundler/gem_tasks'
-require 'rake/testtask'
+require "bundler/gem_tasks"
+require "rake/testtask"
 Rake::TestTask.new(:test) do |t|
-  t.libs << 'test'
-  t.libs << 'lib'
-  t.test_files = FileList['test/**/*_test.rb']
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
+  t.warning = false
 end
-task :default => :test
+task default: :test

data/encrypt_attr.gemspec CHANGED Viewed

@@ -1,26 +1,26 @@
-require './lib/encrypt_attr/version'
+require "./lib/encrypt_attr/version"
 Gem::Specification.new do |spec|
-  spec.name          = 'encrypt_attr'
+  spec.name          = "encrypt_attr"
   spec.version       = EncryptAttr::VERSION
-  spec.authors       = ['Nando Vieira']
-  spec.email         = ['fnando.vieira@gmail.com']
-  spec.summary       = 'Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.'
+  spec.authors       = ["Nando Vieira"]
+  spec.email         = ["fnando.vieira@gmail.com"]
+  spec.summary       = "Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord."
   spec.description   = spec.summary
-  spec.homepage      = 'http://rubygems.org/gems/encrypt_attr'
-  spec.license       = 'MIT'
+  spec.homepage      = "http://rubygems.org/gems/encrypt_attr"
+  spec.license       = "MIT"
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = 'exe'
+  spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
+  spec.require_paths = ["lib"]
-  spec.add_development_dependency 'bundler'
-  spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'minitest'
-  spec.add_development_dependency 'minitest-utils'
-  spec.add_development_dependency 'sqlite3'
-  spec.add_development_dependency 'activerecord'
-  spec.add_development_dependency 'pry-meta'
-  spec.add_development_dependency 'codeclimate-test-reporter'
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "minitest"
+  spec.add_development_dependency "minitest-utils"
+  spec.add_development_dependency "sqlite3"
+  spec.add_development_dependency "activerecord"
+  spec.add_development_dependency "pry-meta"
+  spec.add_development_dependency "codeclimate-test-reporter"
 end

data/lib/encrypt_attr.rb CHANGED Viewed

@@ -1,10 +1,13 @@
-require 'forwardable'
+require "forwardable"
+require "digest/sha2"
+require "base64"
+require "openssl"
 module EncryptAttr
-  require 'encrypt_attr/version'
-  require 'encrypt_attr/encryptor'
-  require 'encrypt_attr/base'
-  require 'encrypt_attr/active_record' if defined?(ActiveRecord)
+  require "encrypt_attr/version"
+  require "encrypt_attr/encryptor"
+  require "encrypt_attr/base"
+  require "encrypt_attr/active_record" if defined?(ActiveRecord)
   class << self
     extend Forwardable

data/lib/encrypt_attr/active_record.rb CHANGED Viewed

@@ -1,2 +1,2 @@
-require 'encrypt_attr'
+require "encrypt_attr"
 ActiveRecord::Base.send :include, EncryptAttr::Base

data/lib/encrypt_attr/base.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module EncryptAttr
     def self.validate_secret_token(secret_token)
       if secret_token.size < 100
         offending_line = caller
-                          .reject {|entry| entry.include?(__dir__) || entry.include?('forwardable.rb') }
+                          .reject {|entry| entry.include?(__dir__) || entry.include?("forwardable.rb") }
                           .first[/^(.*?:\d+)/, 1]
         warn "[encrypt_attribute] secret token must have at least 100 characters (called from #{offending_line})"
       end

data/lib/encrypt_attr/encryptor.rb CHANGED Viewed

@@ -1,9 +1,7 @@
-require 'digest/sha2'
-require 'base64'
-require 'openssl'
 module EncryptAttr
   class Encryptor
+    CIPHER = "AES-256-CBC".freeze
     def self.encrypt(secret_token, value)
       new(secret_token).encrypt(value)
     end
@@ -28,9 +26,10 @@ module EncryptAttr
     end
     def cipher(mode, value)
-      cipher = OpenSSL::Cipher.new('AES-256-CBC').public_send(mode)
-      cipher.key = Digest::SHA256.digest(secret_token)
-      cipher.iv = Digest::SHA256.digest(secret_token)
+      cipher = OpenSSL::Cipher.new(CIPHER).public_send(mode)
+      digest = Digest::SHA256.digest(secret_token)
+      cipher.key = digest
+      cipher.iv = digest[0...cipher.iv_len]
       cipher.update(value) + cipher.final
     end

data/lib/encrypt_attr/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EncryptAttr
-  VERSION = '0.2.1'
+  VERSION = "0.2.2"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: encrypt_attr
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Nando Vieira
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-03-02 00:00:00.000000000 Z
+date: 2016-06-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler