RubyGems - encrypt_attr - Versions diffs - 0.2.1 → 0.2.2 - Mend

encrypt_attr 0.2.1 → 0.2.2

Files changed (12) hide show

checksums.yaml +4 -4
data/.travis.yml +4 -2
data/CHANGELOG.md +4 -0
data/README.md +9 -7
data/Rakefile +7 -6
data/encrypt_attr.gemspec +17 -17
data/lib/encrypt_attr.rb +8 -5
data/lib/encrypt_attr/active_record.rb +1 -1
data/lib/encrypt_attr/base.rb +1 -1
data/lib/encrypt_attr/encryptor.rb +6 -7
data/lib/encrypt_attr/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bcc38fab2754e7957dd3674e4fbe3437c7e64f5d
-  data.tar.gz: 5b7a041d6bba77fd3fc7a69480c12f16acaae2b6
+  metadata.gz: 0eff7d819ff9893c446ee56eef2ca21e98ea2ba1
+  data.tar.gz: 0233923144bd0cbc85d7adbb13a2fa8816adfd0c
 SHA512:
-  metadata.gz: 3ea7a6a267539aca5149fb3d62b5df9f5a572bae3c489df0c6ed4e30ee24adfda57d2d3c384c86ec4bb27e9349731cbde203cece5fb9a841ac140a7a3e91c952
-  data.tar.gz: 392aad7a970e1f23ee1bd82ff44eb6c3e2e0cc4a32abdabba3f5defd78fa5199ab78c91c7a1d96d696a648494e190069caa348f1cb1a5b72a77a311bdaf7d5f3
+  metadata.gz: 3a5954e6af6377c2f73b81440cf2b0841d5f23a4eeaed8128e473ad3e5dc217f19e7b71fbce7f315363c26f014e1b154951670c3d7ce9ac28a6476d7ddb85350
+  data.tar.gz: a1d0045a75942ad4ced0caa3816ec18d0c0b8dd51ee6cb921c156fe5d8429b15e7d843d512e679362cca82eb306f258bdfd68f882d472b817aa15861f9e6bb18

data/.travis.yml CHANGED Viewed

@@ -2,9 +2,11 @@ language: ruby
 cache: bundler
 sudo: false
 rvm:
-  - '2.0'
-  - '2.1'
+  - '2.4.0-preview1'
+  - '2.3'
   - '2.2'
+  - '2.1'
+  - '2.0'
 addons:
   code_climate:
     repo_token:

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,9 @@
 # Changelog
+## v0.2.2
+- Ruby 2.4+ validates the IV and key size, so now we're setting the exact size. Notice that encrypted values will be the same, since ruby ignored the additional characters.
 ## v0.2.1
 - Ignore empty strings; OpenSSL::Cipher raises exception with it.

data/README.md CHANGED Viewed

@@ -1,8 +1,10 @@
 # EncryptAttr
-[![Build Status](https://travis-ci.org/fnando/encrypt_attr.svg)](https://travis-ci.org/fnando/encrypt_attr)
+[![Travis-CI](https://travis-ci.org/fnando/encrypt_attr.png)](https://travis-ci.org/fnando/encrypt_attr)
 [![Code Climate](https://codeclimate.com/github/fnando/encrypt_attr/badges/gpa.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
-[![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr)
+[![Test Coverage](https://codeclimate.com/github/fnando/encrypt_attr/badges/coverage.svg)](https://codeclimate.com/github/fnando/encrypt_attr/coverage)
+[![Gem](https://img.shields.io/gem/v/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
+[![Gem](https://img.shields.io/gem/dt/encrypt_attr.svg)](https://rubygems.org/gems/encrypt_attr)
 Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.
@@ -11,7 +13,7 @@ Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works
 Add this line to your application's Gemfile:
 ```ruby
-gem 'encrypt_attr'
+gem "encrypt_attr"
 ```
 And then execute:
@@ -47,7 +49,7 @@ The `encrypt_attr` method has some aliases, so you can also use any of these:
 This assumes that you have a `encrypted_api_key` attribute. By default, the value is encrypted using a global secret token. You can set a custom token by setting `EncryptAttr.secret_token`; you have to use 100 characters or more (e.g. `$ openssl rand -hex 50`).
 ```ruby
-EncryptAttr.secret_token = 'abc123'
+EncryptAttr.secret_token = "abc123"
 ```
 You can also set the secret token per attribute basis.
@@ -64,11 +66,11 @@ To access the decrypted value, just use the method with the same name.
 ```ruby
 user = User.new
-user.api_key = 'abc123'
+user.api_key = "abc123"
 user.api_key                #=> abc123
 user.encrypted_api_key      #=> UcnhbnAl1Rmvt1mkG0m1FA...
-user.api_key = 'newsecret'
+user.api_key = "newsecret"
 user.api_key                #=> newsecret
 user.encrypted_api_key      #=> JgH5dFGl8HnJNEloXZ6qSg...
 ```
@@ -127,7 +129,7 @@ class User
 end
 user = User.new
-user.api_key = 'API_KEY'
+user.api_key = "API_KEY"
 user.encrypted_api_key #=> 'YEK_IPA'
 ```

data/Rakefile CHANGED Viewed

@@ -1,11 +1,12 @@
-require 'bundler/gem_tasks'
-require 'rake/testtask'
+require "bundler/gem_tasks"
+require "rake/testtask"
 Rake::TestTask.new(:test) do |t|
-  t.libs << 'test'
-  t.libs << 'lib'
-  t.test_files = FileList['test/**/*_test.rb']
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
+  t.warning = false
 end
-task :default => :test
+task default: :test

data/encrypt_attr.gemspec CHANGED Viewed

@@ -1,26 +1,26 @@
-require './lib/encrypt_attr/version'
+require "./lib/encrypt_attr/version"
 Gem::Specification.new do |spec|
-  spec.name          = 'encrypt_attr'
+  spec.name          = "encrypt_attr"
   spec.version       = EncryptAttr::VERSION
-  spec.authors       = ['Nando Vieira']
-  spec.email         = ['fnando.vieira@gmail.com']
-  spec.summary       = 'Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord.'
+  spec.authors       = ["Nando Vieira"]
+  spec.email         = ["fnando.vieira@gmail.com"]
+  spec.summary       = "Encrypt attributes using AES-256-CBC (or your custom encryption strategy). Works with and without ActiveRecord."
   spec.description   = spec.summary
-  spec.homepage      = 'http://rubygems.org/gems/encrypt_attr'
-  spec.license       = 'MIT'
+  spec.homepage      = "http://rubygems.org/gems/encrypt_attr"
+  spec.license       = "MIT"
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = 'exe'
+  spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
+  spec.require_paths = ["lib"]
-  spec.add_development_dependency 'bundler'
-  spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'minitest'
-  spec.add_development_dependency 'minitest-utils'
-  spec.add_development_dependency 'sqlite3'
-  spec.add_development_dependency 'activerecord'
-  spec.add_development_dependency 'pry-meta'
-  spec.add_development_dependency 'codeclimate-test-reporter'
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "minitest"
+  spec.add_development_dependency "minitest-utils"
+  spec.add_development_dependency "sqlite3"
+  spec.add_development_dependency "activerecord"
+  spec.add_development_dependency "pry-meta"
+  spec.add_development_dependency "codeclimate-test-reporter"
 end

data/lib/encrypt_attr.rb CHANGED Viewed

@@ -1,10 +1,13 @@
-require 'forwardable'
+require "forwardable"
+require "digest/sha2"
+require "base64"
+require "openssl"
 module EncryptAttr
-  require 'encrypt_attr/version'
-  require 'encrypt_attr/encryptor'
-  require 'encrypt_attr/base'
-  require 'encrypt_attr/active_record' if defined?(ActiveRecord)
+  require "encrypt_attr/version"
+  require "encrypt_attr/encryptor"
+  require "encrypt_attr/base"
+  require "encrypt_attr/active_record" if defined?(ActiveRecord)
   class << self
     extend Forwardable

data/lib/encrypt_attr/active_record.rb CHANGED Viewed

@@ -1,2 +1,2 @@
-require 'encrypt_attr'
+require "encrypt_attr"
 ActiveRecord::Base.send :include, EncryptAttr::Base

data/lib/encrypt_attr/base.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module EncryptAttr
     def self.validate_secret_token(secret_token)
       if secret_token.size < 100
         offending_line = caller
-                          .reject {|entry| entry.include?(__dir__) || entry.include?('forwardable.rb') }
+                          .reject {|entry| entry.include?(__dir__) || entry.include?("forwardable.rb") }
                           .first[/^(.*?:\d+)/, 1]
         warn "[encrypt_attribute] secret token must have at least 100 characters (called from #{offending_line})"
       end

data/lib/encrypt_attr/encryptor.rb CHANGED Viewed

@@ -1,9 +1,7 @@
-require 'digest/sha2'
-require 'base64'
-require 'openssl'
 module EncryptAttr
   class Encryptor
+    CIPHER = "AES-256-CBC".freeze
     def self.encrypt(secret_token, value)
       new(secret_token).encrypt(value)
     end
@@ -28,9 +26,10 @@ module EncryptAttr
     end
     def cipher(mode, value)
-      cipher = OpenSSL::Cipher.new('AES-256-CBC').public_send(mode)
-      cipher.key = Digest::SHA256.digest(secret_token)
-      cipher.iv = Digest::SHA256.digest(secret_token)
+      cipher = OpenSSL::Cipher.new(CIPHER).public_send(mode)
+      digest = Digest::SHA256.digest(secret_token)
+      cipher.key = digest
+      cipher.iv = digest[0...cipher.iv_len]
       cipher.update(value) + cipher.final
     end

data/lib/encrypt_attr/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EncryptAttr
-  VERSION = '0.2.1'
+  VERSION = "0.2.2"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: encrypt_attr
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Nando Vieira
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-03-02 00:00:00.000000000 Z
+date: 2016-06-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler