encryptor 1.1.3 → 1.3.0

data/README.md

@@ -0,0 +1,121 @@
+## Encryptor  [![Build Status](https://travis-ci.org/attr-encrypted/encryptor.png?branch=master)](https://travis-ci.org/attr-encrypted/encryptor)
+
+A simple wrapper for the standard Ruby OpenSSL library
+
+Intended to be used by a future version of `http://github.com/shuber/attr_encrypted` to easily encrypt/decrypt attributes in any Ruby class or model.
+
+### Installation
+
+```bash
+gem install encryptor
+```
+
+### Usage
+
+#### Basic
+
+Encryptor uses the AES-256-CBC algorithm by default to encrypt strings securely. You are strongly advised to use both an initialization vector (via the `:iv` option) and a salt (via the `:salt` option) to perform this encryption as securely as possible. Specifying only an `:iv` option without `:salt` is not recommended but is supported as part of a "compatibility mode" to support clients built using older versions of this gem.
+
+The best example is:
+
+```ruby
+salt = Time.now.to_i.to_s
+secret_key = 'secret'
+iv = OpenSSL::Cipher::Cipher.new('aes-256-cbc').random_iv
+encrypted_value = Encryptor.encrypt('some string to encrypt', :key => secret_key, :iv => iv, :salt => salt)
+decrypted_value = Encryptor.decrypt(encrypted_value, :key => secret_key, :iv => iv, :salt => salt)
+```
+
+The value to encrypt or decrypt may also be passed as the :value option if you'd prefer.
+
+```ruby
+encrypted_value = Encryptor.encrypt(:value => 'some string to encrypt', :key => secret_key, :iv => iv, :salt => salt)
+decrypted_value = Encryptor.decrypt(:value => encrypted_value, :key => secret_key, :iv => iv, :salt => salt)
+```
+
+**You may also skip the salt and the IV if you like. Do so at your own risk!**
+
+```ruby
+encrypted_value = Encryptor.encrypt(:value => 'some string to encrypt', :key => 'secret')
+decrypted_value = Encryptor.decrypt(:value => encrypted_value, :key => 'secret')
+```
+
+You may also pass an `:algorithm` option, though this is not required.
+
+```ruby
+Encryptor.default_options.merge!(:algorithm => 'aes-128-cbc', :key => 'some default secret key', :iv => iv, :salt => salt)
+```
+
+#### Strings
+
+Encryptor adds `encrypt` and `decrypt` methods to `String` objects for your convenience. These two methods accept the same arguments as the associated ones in the `Encryptor` module. They're nice when you set the default options in the `Encryptor.default_options attribute.` For example:
+
+```ruby
+Encryptor.default_options.merge!(:key => 'some default secret key', :iv => iv, :salt => salt)
+credit_card = 'xxxx xxxx xxxx 1234'
+encrypted_credit_card = credit_card.encrypt
+```
+
+There's also `encrypt!` and `decrypt!` methods that replace the contents of a string with the encrypted or decrypted version of itself.
+
+### Algorithms
+
+Run `openssl list-cipher-commands` in your terminal to view a list of all cipher algorithms that are supported on your platform. Typically, this will include the following:
+
+    aes-128-cbc
+    aes-128-ecb
+    aes-192-cbc
+    aes-192-ecb
+    aes-256-cbc
+    aes-256-ecb
+    bf
+    bf-cbc
+    bf-cfb
+    bf-ecb
+    bf-ofb
+    cast
+    cast-cbc
+    cast5-cbc
+    cast5-cfb
+    cast5-ecb
+    cast5-ofb
+    des
+    des-cbc
+    des-cfb
+    des-ecb
+    des-ede
+    des-ede-cbc
+    des-ede-cfb
+    des-ede-ofb
+    des-ede3
+    des-ede3-cbc
+    des-ede3-cfb
+    des-ede3-ofb
+    des-ofb
+    des3
+    desx
+    idea
+    idea-cbc
+    idea-cfb
+    idea-ecb
+    idea-ofb
+    rc2
+    rc2-40-cbc
+    rc2-64-cbc
+    rc2-cbc
+    rc2-cfb
+    rc2-ecb
+    rc2-ofb
+    rc4
+    rc4-40
+
+Note that some ciphers may not be supported by Ruby.
+
+### Notes on patches/pull requests
+
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it: this is important so I don't break it in a future version unintentionally.
+* Commit, do not mess with Rakefile, version, or history: if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull).
+* Send me a pull request: bonus points for topic branches.
+

data/Rakefile

@@ -2,9 +2,6 @@ require 'rake'
 require 'rake/testtask'
 require 'rake/rdoctask'
 
-desc 'Default: run unit tests'
-task :default => :test
-
 desc 'Test the encryptor gem'
 Rake::TestTask.new(:test) do |t|
   t.libs << 'lib'
@@ -19,4 +16,18 @@ Rake::RDocTask.new(:rdoc) do |rdoc|
   rdoc.options << '--line-numbers' << '--inline-source'
   rdoc.rdoc_files.include('README*')
   rdoc.rdoc_files.include('lib/**/*.rb')
-end
+end
+
+if RUBY_VERSION < '1.9.3'
+  require 'rcov/rcovtask'
+
+  task :rcov do
+    system "rcov -o coverage/rcov --exclude '^(?!lib)' " + FileList[ 'test/**/*_test.rb' ].join(' ')
+  end
+
+  desc 'Default: run unit tests under rcov.'
+  task :default => :rcov
+else
+  desc 'Default: run unit tests.'
+  task :default => :test
+end

data/lib/encryptor.rb

@@ -52,8 +52,19 @@ module Encryptor
       cipher = OpenSSL::Cipher::Cipher.new(options[:algorithm])
       cipher.send(cipher_method)
       if options[:iv]
-        cipher.key = options[:key]
         cipher.iv = options[:iv]
+        if options[:salt].nil?
+          # Use a non-salted cipher.
+          # This behaviour is retained for backwards compatibility. This mode
+          # is not secure and new deployments should use the :salt options
+          # wherever possible.
+          cipher.key = options[:key]
+        else
+          # Use an explicit salt (which can be persisted into a database on a
+          # per-column basis, for example). This is the preferred (and more
+          # secure) mode of operation.
+          cipher.key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(options[:key], options[:salt], 2000, cipher.key_len)
+        end
       else
         cipher.pkcs5_keyivgen(options[:key])
       end
@@ -61,4 +72,4 @@ module Encryptor
       result = cipher.update(options[:value])
       result << cipher.final
     end
-end
+end

data/lib/encryptor/version.rb

@@ -2,8 +2,8 @@ module Encryptor
   # Contains information about this gem's version
   module Version
     MAJOR = 1
-    MINOR = 1
-    PATCH = 3
+    MINOR = 3
+    PATCH = 0
 
     # Returns a version string by joining <tt>MAJOR</tt>, <tt>MINOR</tt>, and <tt>PATCH</tt> with <tt>'.'</tt>
     #
@@ -14,4 +14,4 @@ module Encryptor
       [MAJOR, MINOR, PATCH].join('.')
     end
   end
-end
+end

data/test/compatibility_test.rb

@@ -0,0 +1,93 @@
+require File.expand_path('../test_helper', __FILE__)
+
+# Test ensures that values stored by previous versions of the gem will
+# roundtrip and decrypt correctly in this and future versions. This is important
+# for data stored in databases and allows consumers of the gem to upgrade with
+# confidence in the future.
+#
+class CompatibilityTest < Test::Unit::TestCase
+  ALGORITHM = 'aes-256-cbc'
+
+  def self.base64_encode(value)
+    [value].pack('m').strip
+  end
+
+  def self.base64_decode(value)
+    value.unpack('m').first
+  end
+
+  if OpenSSL::Cipher.ciphers.include?(ALGORITHM)
+    def test_encrypt_with_iv
+      key = Digest::SHA256.hexdigest('my-fixed-key')
+      iv = Digest::SHA256.hexdigest('my-fixed-iv')
+      result = Encryptor.encrypt(
+        :algorithm => ALGORITHM,
+        :value => 'my-fixed-input',
+        :key => key,
+        :iv => iv
+      )
+      assert_equal 'nGuyGniksFXnMYj/eCxXKQ==', self.class.base64_encode(result)
+    end
+
+    def test_encrypt_without_iv
+      key = Digest::SHA256.hexdigest('my-fixed-key')
+      result = Encryptor.encrypt(
+        :algorithm => ALGORITHM,
+        :value => 'my-fixed-input',
+        :key => key
+      )
+      assert_equal 'XbwHRMFWqR5M80kgwRcEEg==', self.class.base64_encode(result)
+    end
+
+    def test_decrypt_with_iv
+      key = Digest::SHA256.hexdigest('my-fixed-key')
+      iv = Digest::SHA256.hexdigest('my-fixed-iv')
+      result = Encryptor.decrypt(
+        :algorithm => ALGORITHM,
+        :value => self.class.base64_decode('nGuyGniksFXnMYj/eCxXKQ=='),
+        :key => key,
+        :iv => iv
+      )
+      assert_equal 'my-fixed-input', result
+    end
+
+    def test_decrypt_without_iv
+      key = Digest::SHA256.hexdigest('my-fixed-key')
+      result = Encryptor.decrypt(
+        :algorithm => ALGORITHM,
+        :value => self.class.base64_decode('XbwHRMFWqR5M80kgwRcEEg=='),
+        :key => key
+      )
+      assert_equal 'my-fixed-input', result
+    end
+
+    def test_encrypt_with_iv_and_salt
+      key = Digest::SHA256.hexdigest('my-fixed-key')
+      iv = Digest::SHA256.hexdigest('my-fixed-iv')
+      salt = 'my-fixed-salt'
+      result = Encryptor.encrypt(
+        :algorithm => ALGORITHM,
+        :value => 'my-fixed-input',
+        :key => key,
+        :iv => iv,
+        :salt => salt
+      )
+      assert_equal 'DENuQSh9b0eW8GN3YLzLGw==', self.class.base64_encode(result)
+    end
+
+    def test_decrypt_with_iv_and_salt
+      key = Digest::SHA256.hexdigest('my-fixed-key')
+      iv = Digest::SHA256.hexdigest('my-fixed-iv')
+      salt = 'my-fixed-salt'
+      result = Encryptor.decrypt(
+        :algorithm => ALGORITHM,
+        :value => self.class.base64_decode('DENuQSh9b0eW8GN3YLzLGw=='),
+        :key => key,
+        :iv => iv,
+        :salt => salt
+      )
+      assert_equal 'my-fixed-input', result
+    end
+  end
+end
+

data/test/encryptor_test.rb

@@ -1,20 +1,23 @@
 require File.expand_path('../test_helper', __FILE__)
+require File.expand_path('../openssl_helper', __FILE__)
 
+# Tests for new preferred salted encryption mode
+#
 class EncryptorTest < Test::Unit::TestCase
 
-  algorithms = %x(openssl list-cipher-commands).split
   key = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
   iv = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+  salt = Time.now.to_i.to_s
   original_value = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
 
-  algorithms.reject { |algorithm| algorithm == 'base64' }.each do |algorithm|
-    encrypted_value_with_iv = Encryptor.encrypt(:value => original_value, :key => key, :iv => iv, :algorithm => algorithm)
+  OpenSSLHelper::ALGORITHMS.each do |algorithm|
+    encrypted_value_with_iv = Encryptor.encrypt(:value => original_value, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
     encrypted_value_without_iv = Encryptor.encrypt(:value => original_value, :key => key, :algorithm => algorithm)
 
     define_method "test_should_crypt_with_the_#{algorithm}_algorithm_with_iv" do
       assert_not_equal original_value, encrypted_value_with_iv
       assert_not_equal encrypted_value_without_iv, encrypted_value_with_iv
-      assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_with_iv, :key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_with_iv, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
     end
 
     define_method "test_should_crypt_with_the_#{algorithm}_algorithm_without_iv" do
@@ -23,7 +26,7 @@ class EncryptorTest < Test::Unit::TestCase
     end
 
     define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
-      assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, :key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
     end
 
     define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
@@ -31,7 +34,7 @@ class EncryptorTest < Test::Unit::TestCase
     end
 
     define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
-      assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, :key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
     end
 
     define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
@@ -39,7 +42,7 @@ class EncryptorTest < Test::Unit::TestCase
     end
 
     define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
-      assert_equal encrypted_value_with_iv, original_value.encrypt(:key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal encrypted_value_with_iv, original_value.encrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
     end
 
     define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
@@ -47,7 +50,7 @@ class EncryptorTest < Test::Unit::TestCase
     end
 
     define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
-      assert_equal original_value, encrypted_value_with_iv.decrypt(:key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal original_value, encrypted_value_with_iv.decrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
     end
 
     define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
@@ -56,8 +59,8 @@ class EncryptorTest < Test::Unit::TestCase
 
     define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
       original_value_dup = original_value.dup
-      original_value_dup.encrypt!(:key => key, :iv => iv, :algorithm => algorithm)
-      assert_equal original_value.encrypt(:key => key, :iv => iv, :algorithm => algorithm), original_value_dup
+      original_value_dup.encrypt!(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
+      assert_equal original_value.encrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm), original_value_dup
     end
 
     define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
@@ -68,7 +71,7 @@ class EncryptorTest < Test::Unit::TestCase
 
     define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
       encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
-      encrypted_value_with_iv_dup.decrypt!(:key => key, :iv => iv, :algorithm => algorithm)
+      encrypted_value_with_iv_dup.decrypt!(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
       assert_equal original_value, encrypted_value_with_iv_dup
     end
 
@@ -101,4 +104,5 @@ class EncryptorTest < Test::Unit::TestCase
     assert called
   end
 
-end
+end
+

data/test/legacy_encryptor_test.rb

@@ -0,0 +1,107 @@
+require File.expand_path('../test_helper', __FILE__)
+require File.expand_path('../openssl_helper', __FILE__)
+
+# Tests for legacy (non-salted) encryption mode
+#
+class LegacyEncryptorTest < Test::Unit::TestCase
+
+  key = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+  iv = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+  original_value = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
+
+  OpenSSLHelper::ALGORITHMS.each do |algorithm|
+    encrypted_value_with_iv = Encryptor.encrypt(:value => original_value, :key => key, :iv => iv, :algorithm => algorithm)
+    encrypted_value_without_iv = Encryptor.encrypt(:value => original_value, :key => key, :algorithm => algorithm)
+
+    define_method "test_should_crypt_with_the_#{algorithm}_algorithm_with_iv" do
+      assert_not_equal original_value, encrypted_value_with_iv
+      assert_not_equal encrypted_value_without_iv, encrypted_value_with_iv
+      assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_with_iv, :key => key, :iv => iv, :algorithm => algorithm)
+    end
+
+    define_method "test_should_crypt_with_the_#{algorithm}_algorithm_without_iv" do
+      assert_not_equal original_value, encrypted_value_without_iv
+      assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_without_iv, :key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
+      assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, :key => key, :iv => iv, :algorithm => algorithm)
+    end
+
+    define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
+      assert_equal encrypted_value_without_iv, Encryptor.encrypt(original_value, :key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
+      assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, :key => key, :iv => iv, :algorithm => algorithm)
+    end
+
+    define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
+      assert_equal original_value, Encryptor.decrypt(encrypted_value_without_iv, :key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      assert_equal encrypted_value_with_iv, original_value.encrypt(:key => key, :iv => iv, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      assert_equal encrypted_value_without_iv, original_value.encrypt(:key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      assert_equal original_value, encrypted_value_with_iv.decrypt(:key => key, :iv => iv, :algorithm => algorithm)
+    end
+
+    define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      assert_equal original_value, encrypted_value_without_iv.decrypt(:key => key, :algorithm => algorithm)
+    end
+
+    define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      original_value_dup = original_value.dup
+      original_value_dup.encrypt!(:key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal original_value.encrypt(:key => key, :iv => iv, :algorithm => algorithm), original_value_dup
+    end
+
+    define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      original_value_dup = original_value.dup
+      original_value_dup.encrypt!(:key => key, :algorithm => algorithm)
+      assert_equal original_value.encrypt(:key => key, :algorithm => algorithm), original_value_dup
+    end
+
+    define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
+      encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
+      encrypted_value_with_iv_dup.decrypt!(:key => key, :iv => iv, :algorithm => algorithm)
+      assert_equal original_value, encrypted_value_with_iv_dup
+    end
+
+    define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
+      encrypted_value_without_iv_dup = encrypted_value_without_iv.dup
+      encrypted_value_without_iv_dup.decrypt!(:key => key, :algorithm => algorithm)
+      assert_equal original_value, encrypted_value_without_iv_dup
+    end
+  end
+
+  define_method 'test_should_use_the_default_algorithm_if_one_is_not_specified' do
+    assert_equal Encryptor.encrypt(:value => original_value, :key => key, :algorithm => Encryptor.default_options[:algorithm]), Encryptor.encrypt(:value => original_value, :key => key)
+  end
+
+  def test_should_have_a_default_algorithm
+    assert !Encryptor.default_options[:algorithm].nil?
+    assert !Encryptor.default_options[:algorithm].empty?
+  end
+
+  def test_should_raise_argument_error_if_key_is_not_specified
+    assert_raises(ArgumentError) { Encryptor.encrypt('some value') }
+    assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string') }
+    assert_raises(ArgumentError) { Encryptor.encrypt('some value', :key => '') }
+    assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string', :key => '') }
+  end
+
+  def test_should_yield_block_with_cipher_and_options
+    called = false
+    Encryptor.encrypt('some value', :key => 'some key') { |cipher, options| called = true }
+    assert called
+  end
+
+end
+

data/test/openssl_helper.rb

@@ -0,0 +1,6 @@
+require File.expand_path('../test_helper', __FILE__)
+
+module OpenSSLHelper
+  ALGORITHMS = %x(openssl list-cipher-commands).split & OpenSSL::Cipher.ciphers
+end
+

data/test/test_helper.rb

@@ -1,3 +1,17 @@
+if RUBY_VERSION >= '1.9.3'
+  require 'simplecov'
+  require 'simplecov-rcov'
+
+  SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
+    SimpleCov::Formatter::HTMLFormatter,
+    SimpleCov::Formatter::RcovFormatter,
+  ]
+
+  SimpleCov.start do
+    add_filter 'test'
+  end
+end
+
 require 'test/unit'
 require 'digest/sha2'
 

metadata

@@ -1,75 +1,120 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: encryptor
-version: !ruby/object:Gem::Version 
-  hash: 21
+version: !ruby/object:Gem::Version
+  version: 1.3.0
   prerelease: 
-  segments: 
-  - 1
-  - 1
-  - 3
-  version: 1.1.3
 platform: ruby
-authors: 
+authors:
 - Sean Huber
+- S. Brent Faulkner
+- William Monk
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2011-04-12 00:00:00 -07:00
-default_executable: 
-dependencies: []
-
-description: A simple wrapper for the standard ruby OpenSSL library to encrypt and decrypt strings
-email: shuber@huberry.com
+date: 2013-11-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.9.2.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.9.2.2
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov-rcov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A simple wrapper for the standard ruby OpenSSL library to encrypt and
+  decrypt strings
+email:
+- shuber@huberry.com
+- sbfaulkner@gmail.com
+- billy.monk@gmail.com
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
 - lib/encryptor/string.rb
 - lib/encryptor/version.rb
 - lib/encryptor.rb
 - MIT-LICENSE
 - Rakefile
-- README.rdoc
+- README.md
+- test/compatibility_test.rb
 - test/encryptor_test.rb
+- test/legacy_encryptor_test.rb
+- test/openssl_helper.rb
 - test/test_helper.rb
-has_rdoc: true
-homepage: http://github.com/shuber/encryptor
+homepage: http://github.com/attr-encrypted/encryptor
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+      hash: -1331952118017536783
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
+      hash: -1331952118017536783
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.6.2
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: A simple wrapper for the standard ruby OpenSSL library
-test_files: 
+test_files:
+- test/compatibility_test.rb
 - test/encryptor_test.rb
+- test/legacy_encryptor_test.rb
+- test/openssl_helper.rb
 - test/test_helper.rb

data/README.rdoc

@@ -1,103 +0,0 @@
-= Encryptor
-
-A simple wrapper for the standard ruby OpenSSL library
-
-Used by http://github.com/shuber/attr_encrypted to easily encrypt/decrypt attributes in any class
-
-
-== Installation
-
-  gem install encryptor
-
-
-== Usage
-
-
-=== Basic
-
-  secret_key = Digest::SHA256.hexdigest('a secret key')
-  encrypted_value = Encryptor.encrypt('some string to encrypt', :key => secret_key) # '������{)��q�ށ�ܣ��q���Au/�ޜP'
-  decrypted_value = Encryptor.decrypt(encrypted_value, :key => secret_key) # 'some string to encrypt'
-
-The value to encrypt or decrypt may also be passed as the <tt>:value</tt> option if you'd like.
-
-  encrypted_value = Encryptor.encrypt(:value => 'some string to encrypt', :key => secret_key) # '������{)��q�ށ�ܣ��q���Au/�ޜP'
-  decrypted_value = Encryptor.decrypt(:value => encrypted_value, :key => secret_key) # 'some string to encrypt'
-
-You may also pass the <tt>:iv</tt> and <tt>:algorithm</tt> options but they are not required. If an algorithm is not specified, the Encryptor uses
-the algorithm found at <tt>Encryptor.default_options[:algorithm]</tt> which is <tt>aes-256-cbc</tt> by default. You can change the default options 
-by overwriting or merging this attribute:
-
-  Encryptor.default_options.merge!(:algorithm => 'bf', :key => 'some default secret key')
-
-
-=== Strings
-
-<tt>Encryptor</tt> adds <tt>encrypt</tt> and <tt>decrypt</tt> methods to <tt>String</tt> objects for your convenience. These two methods accept the same arguments as the associated ones in the <tt>Encryptor</tt> module. They're nice when you set the default options in the <tt>Encryptor.default_options</tt> attribute. For example:
-
-  Encryptor.default_options.merge!(:key => 'some default secret key')
-  credit_card = 'xxxx xxxx xxxx 1234'
-  encrypted_credit_card = credit_card.encrypt
-
-There's also <tt>encrypt!</tt> and <tt>decrypt!</tt> methods that replace the contents of a string with the encrypted or decrypted version of itself.
-
-
-=== Algorithms
-
-Run <tt>openssl list-cipher-commands</tt> in your terminal to view a list of all cipher algorithms that are supported on your platform.
-
-  aes-128-cbc
-  aes-128-ecb
-  aes-192-cbc
-  aes-192-ecb
-  aes-256-cbc
-  aes-256-ecb
-  bf
-  bf-cbc
-  bf-cfb
-  bf-ecb
-  bf-ofb
-  cast
-  cast-cbc
-  cast5-cbc
-  cast5-cfb
-  cast5-ecb
-  cast5-ofb
-  des
-  des-cbc
-  des-cfb
-  des-ecb
-  des-ede
-  des-ede-cbc
-  des-ede-cfb
-  des-ede-ofb
-  des-ede3
-  des-ede3-cbc
-  des-ede3-cfb
-  des-ede3-ofb
-  des-ofb
-  des3
-  desx
-  idea
-  idea-cbc
-  idea-cfb
-  idea-ecb
-  idea-ofb
-  rc2
-  rc2-40-cbc
-  rc2-64-cbc
-  rc2-cbc
-  rc2-cfb
-  rc2-ecb
-  rc2-ofb
-  rc4
-  rc4-40
-
-
-== Note on Patches/Pull Requests
-
-* Fork the project.
-* Make your feature addition or bug fix.
-* Add tests for it. This is important so I don't break it in a future version unintentionally.
-* Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
-* Send me a pull request. Bonus points for topic branches.