lockbox 0.4.2 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +1 -1
- data/lib/lockbox/key_generator.rb +1 -1
- data/lib/lockbox/model.rb +4 -1
- data/lib/lockbox/utils.rb +3 -3
- data/lib/lockbox/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c072d4c6e5935ff9e176c0fc705c0e36228da4b1fc530a7eaf0249db57c71ddc
|
|
4
|
+
data.tar.gz: a0d293cb80ea7050deeccd039b5e0be01d51c09577181c1d9bf9df8a520764ac
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a46270931d8c21b25090be9d1825259e872eae678ba1d1df6ca7898f0e678f81edc2f590a4338502631686be3a7b2911e736c58d9704354918b707dbaafdba41
|
|
7
|
+
data.tar.gz: 7bd511b855d777da969ea03aa14d7ce336a9c96670f01ac3e20424bb6fe039d43f183e561a33acb5e320ac2b8230aae287d608c292c68c4a91b605dd2be0cdb9
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -278,7 +278,7 @@ end
|
|
|
278
278
|
|
|
279
279
|
#### Migrating Existing Files [experimental]
|
|
280
280
|
|
|
281
|
-
**Note:** This feature is experimental. Please try it in a non-production environment and
|
|
281
|
+
**Note:** This feature is experimental. Please try it in a non-production environment and [share](https://github.com/ankane/lockbox/issues/44) how it goes.
|
|
282
282
|
|
|
283
283
|
Lockbox makes it easy to encrypt existing files without downtime.
|
|
284
284
|
|
|
@@ -11,7 +11,7 @@ module Lockbox
|
|
|
11
11
|
raise ArgumentError, "Missing attribute for key generation" if attribute.to_s.empty?
|
|
12
12
|
|
|
13
13
|
c = "\xB4"*32
|
|
14
|
-
hkdf(Lockbox::Utils.decode_key(@master_key), salt: table.to_s, info: "#{c}#{attribute}", length: 32, hash: "sha384")
|
|
14
|
+
hkdf(Lockbox::Utils.decode_key(@master_key, name: "Master key"), salt: table.to_s, info: "#{c}#{attribute}", length: 32, hash: "sha384")
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
private
|
data/lib/lockbox/model.rb
CHANGED
|
@@ -87,7 +87,10 @@ module Lockbox
|
|
|
87
87
|
# essentially a no-op if already loaded
|
|
88
88
|
# an exception is thrown if decryption fails
|
|
89
89
|
self.class.lockbox_attributes.each do |_, lockbox_attribute|
|
|
90
|
-
|
|
90
|
+
# it is possible that the encrypted attribute is not loaded, eg.
|
|
91
|
+
# if the record was fetched partially (`User.select(:id).first`).
|
|
92
|
+
# accessing a not loaded attribute raises an `ActiveModel::MissingAttributeError`.
|
|
93
|
+
send(lockbox_attribute[:attribute]) if has_attribute?(lockbox_attribute[:encrypted_attribute])
|
|
91
94
|
end
|
|
92
95
|
super
|
|
93
96
|
end
|
data/lib/lockbox/utils.rb
CHANGED
|
@@ -31,13 +31,13 @@ module Lockbox
|
|
|
31
31
|
record.class.respond_to?(:lockbox_attachments) ? record.class.lockbox_attachments[name.to_sym] : nil
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
-
def self.decode_key(key, size: 32)
|
|
34
|
+
def self.decode_key(key, size: 32, name: "Key")
|
|
35
35
|
if key.encoding != Encoding::BINARY && key =~ /\A[0-9a-f]{#{size * 2}}\z/i
|
|
36
36
|
key = [key].pack("H*")
|
|
37
37
|
end
|
|
38
38
|
|
|
39
|
-
raise Lockbox::Error, "
|
|
40
|
-
raise Lockbox::Error, "
|
|
39
|
+
raise Lockbox::Error, "#{name} must be 32 bytes (64 hex digits)" if key.bytesize != size
|
|
40
|
+
raise Lockbox::Error, "#{name} must use binary encoding" if key.encoding != Encoding::BINARY
|
|
41
41
|
|
|
42
42
|
key
|
|
43
43
|
end
|
data/lib/lockbox/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lockbox
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-05-
|
|
11
|
+
date: 2020-05-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|