kms_encrypted 1.4.0 → 1.5.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +9 -0
  3. data/LICENSE.txt +1 -1
  4. data/README.md +7 -7
  5. data/lib/kms_encrypted/clients/vault.rb +1 -1
  6. data/lib/kms_encrypted/log_subscriber.rb +2 -2
  7. data/lib/kms_encrypted/model.rb +8 -2
  8. data/lib/kms_encrypted/version.rb +1 -1
  9. data/lib/kms_encrypted.rb +11 -11
  10. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 203e6f831854468ec07bc0aac59f0b51c68b9e767a20b5f94bb28e5437b93212
4
- data.tar.gz: 226b05f2da94c4d6ddd5c67e92e7114f0f6e6b8c2cf9c0a67d9be519e3b987aa
3
+ metadata.gz: b3cd6e5aed4d2b4abd0ea948b36a5d4d70e216f189dd24553329aefca77ada32
4
+ data.tar.gz: 9a54c6f72bcbc605d3a88ced3a1bd17b5b9a375824d22f61a9d47f98ff1595f9
5
5
  SHA512:
6
- metadata.gz: ce6cd1b82a6ed5a961b88e87fec1115fccd6e569db32de9e84ec83a9f42c1eb948ac2796a99cc931be380cce25fe65868bc20caf4685a2c388017330060ee85c
7
- data.tar.gz: 4c9909081f55fba296c6d183e3d871d50979b05594ae8a7519ffd8d6c9d58121a3cdf3d6f72d13623f2ce996698f91dd10acda116962d48e64e76dff90ed4d3e
6
+ metadata.gz: 41d90475acb864ab2c59b7cb8afb0ef86e46baf20bcadfcbabffb1a12770883e02a7254926c5fa2eb83a2b6802a3d586b7c567e3a127e3ef3946616d37590a1a
7
+ data.tar.gz: b8e15761db942481f13768f112d3adc2154b6c3647e24c8155ebf2a3138104eaec0d8f36a95a6cfc117a7014cb5e1936b372dcfe0dea20ea5a621db1bf0ae48d
data/CHANGELOG.md CHANGED
@@ -1,3 +1,12 @@
1
+ ## 1.5.1 (2023-09-05)
2
+
3
+ - Fixed deprecation warning with Active Support 7.1
4
+
5
+ ## 1.5.0 (2023-04-09)
6
+
7
+ - Added support for attr_encrypted 4
8
+ - Dropped support for Ruby < 3 and Rails < 6
9
+
1
10
  ## 1.4.0 (2022-01-10)
2
11
 
3
12
  - Dropped support for Ruby < 2.6 and Rails < 5.2
data/LICENSE.txt CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2017-2022 Andrew Kane
1
+ Copyright (c) 2017-2023 Andrew Kane
2
2
 
3
3
  MIT License
4
4
 
data/README.md CHANGED
@@ -29,7 +29,7 @@ To decrypt an attribute, we first decrypt the data key with the KMS. Once we hav
29
29
  Add this line to your application’s Gemfile:
30
30
 
31
31
  ```ruby
32
- gem 'kms_encrypted'
32
+ gem "kms_encrypted"
33
33
  ```
34
34
 
35
35
  And follow the instructions for your key management service:
@@ -43,7 +43,7 @@ And follow the instructions for your key management service:
43
43
  Add this line to your application’s Gemfile:
44
44
 
45
45
  ```ruby
46
- gem 'aws-sdk-kms'
46
+ gem "aws-sdk-kms"
47
47
  ```
48
48
 
49
49
  Create an [Amazon Web Services](https://aws.amazon.com/) account if you don’t have one. KMS works great whether or not you run your infrastructure on AWS.
@@ -67,7 +67,7 @@ KMS_KEY_ID=alias/my-alias
67
67
  Add this line to your application’s Gemfile:
68
68
 
69
69
  ```ruby
70
- gem 'google-cloud-kms'
70
+ gem "google-cloud-kms"
71
71
  ```
72
72
 
73
73
  Create a [Google Cloud Platform](https://cloud.google.com/) account if you don’t have one. KMS works great whether or not you run your infrastructure on GCP.
@@ -83,7 +83,7 @@ KMS_KEY_ID=projects/my-project/locations/global/keyRings/my-key-ring/cryptoKeys/
83
83
  Add this line to your application’s Gemfile:
84
84
 
85
85
  ```ruby
86
- gem 'vault'
86
+ gem "vault"
87
87
  ```
88
88
 
89
89
  Enable the [transit](https://www.vaultproject.io/docs/secrets/transit/index.html) secrets engine
@@ -121,7 +121,7 @@ class User < ApplicationRecord
121
121
  has_kms_key
122
122
 
123
123
  # Lockbox fields
124
- encrypts :email, key: :kms_key
124
+ has_encrypted :email, key: :kms_key
125
125
 
126
126
  # Lockbox files
127
127
  encrypts_attached :license, key: :kms_key
@@ -429,8 +429,8 @@ class User < ApplicationRecord
429
429
  has_kms_key name: :phone, key_id: "..."
430
430
 
431
431
  # Lockbox
432
- encrypts :email, key: :kms_key
433
- encrypts :phone, key: :kms_key_phone
432
+ has_encrypted :email, key: :kms_key
433
+ has_encrypted :phone, key: :kms_key_phone
434
434
 
435
435
  # attr_encrypted
436
436
  attr_encrypted :email, key: :kms_key
data/lib/kms_encrypted/clients/vault.rb CHANGED
@@ -28,7 +28,7 @@ module KmsEncrypted
28
28
  options
29
29
  )
30
30
  rescue ::Vault::HTTPClientError => e
31
- decryption_failed! if e.message.include?("unable to decrypt")
31
+ decryption_failed! if e.message.include?("unable to decrypt") || e.message.include?("message authentication failed")
32
32
  raise e
33
33
  rescue ::Vault::HTTPServerError => e
34
34
  decryption_failed! if e.message.include?("message authentication failed")
data/lib/kms_encrypted/log_subscriber.rb CHANGED
@@ -8,7 +8,7 @@ module KmsEncrypted
8
8
  name += " (#{event.duration.round(1)}ms)"
9
9
  context = event.payload[:context]
10
10
  context = context.inspect if context.is_a?(Hash)
11
- debug " #{color(name, YELLOW, true)} Context: #{context}"
11
+ debug " #{color(name, YELLOW, bold: true)} Context: #{context}"
12
12
  end
13
13
 
14
14
  def encrypt(event)
@@ -19,7 +19,7 @@ module KmsEncrypted
19
19
  name += " (#{event.duration.round(1)}ms)"
20
20
  context = event.payload[:context]
21
21
  context = context.inspect if context.is_a?(Hash)
22
- debug " #{color(name, YELLOW, true)} Context: #{context}"
22
+ debug " #{color(name, YELLOW, bold: true)} Context: #{context}"
23
23
  end
24
24
  end
25
25
  end
data/lib/kms_encrypted/model.rb CHANGED
@@ -122,8 +122,14 @@ module KmsEncrypted
122
122
  plaintext_attributes = {}
123
123
 
124
124
  # attr_encrypted
125
- if self.class.respond_to?(:encrypted_attributes)
126
- self.class.encrypted_attributes.to_a.each do |key, v|
125
+ encrypted_attributes_method =
126
+ if defined?(AttrEncrypted::Version::MAJOR) && AttrEncrypted::Version::MAJOR >= 4
127
+ :attr_encrypted_encrypted_attributes
128
+ else
129
+ :encrypted_attributes
130
+ end
131
+ if self.class.respond_to?(encrypted_attributes_method)
132
+ self.class.send(encrypted_attributes_method).to_a.each do |key, v|
127
133
  if v[:key] == key_method.to_sym
128
134
  plaintext_attributes[key] = send(key)
129
135
  elsif v[:key].respond_to?(:call)
data/lib/kms_encrypted/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module KmsEncrypted
2
- VERSION = "1.4.0"
2
+ VERSION = "1.5.1"
3
3
  end
data/lib/kms_encrypted.rb CHANGED
@@ -5,19 +5,19 @@ require "json"
5
5
  require "securerandom"
6
6
 
7
7
  # modules
8
- require "kms_encrypted/box"
9
- require "kms_encrypted/database"
10
- require "kms_encrypted/log_subscriber"
11
- require "kms_encrypted/model"
12
- require "kms_encrypted/version"
8
+ require_relative "kms_encrypted/box"
9
+ require_relative "kms_encrypted/database"
10
+ require_relative "kms_encrypted/log_subscriber"
11
+ require_relative "kms_encrypted/model"
12
+ require_relative "kms_encrypted/version"
13
13
 
14
14
  # clients
15
- require "kms_encrypted/client"
16
- require "kms_encrypted/clients/base"
17
- require "kms_encrypted/clients/aws"
18
- require "kms_encrypted/clients/google"
19
- require "kms_encrypted/clients/test"
20
- require "kms_encrypted/clients/vault"
15
+ require_relative "kms_encrypted/client"
16
+ require_relative "kms_encrypted/clients/base"
17
+ require_relative "kms_encrypted/clients/aws"
18
+ require_relative "kms_encrypted/clients/google"
19
+ require_relative "kms_encrypted/clients/test"
20
+ require_relative "kms_encrypted/clients/vault"
21
21
 
22
22
  module KmsEncrypted
23
23
  class Error < StandardError; end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: kms_encrypted
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0
4
+ version: 1.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-01-11 00:00:00.000000000 Z
11
+ date: 2023-09-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '5.2'
19
+ version: '6'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: '5.2'
26
+ version: '6'
27
27
  description:
28
28
  email: andrew@ankane.org
29
29
  executables: []
@@ -57,14 +57,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - ">="
59
59
  - !ruby/object:Gem::Version
60
- version: '2.6'
60
+ version: '3'
61
61
  required_rubygems_version: !ruby/object:Gem::Requirement
62
62
  requirements:
63
63
  - - ">="
64
64
  - !ruby/object:Gem::Version
65
65
  version: '0'
66
66
  requirements: []
67
- rubygems_version: 3.3.3
67
+ rubygems_version: 3.4.10
68
68
  signing_key:
69
69
  specification_version: 4
70
70
  summary: Simple, secure key management for Lockbox and attr_encrypted