lockbox 0.4.2 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cb4f05b7519d563c465c963893ded5f21063f666bdb41d4bfc69f23ea6b82374
4
- data.tar.gz: 0f13b613b16b15ca6514de06fc57ec62d98b94a06a01eb6d8e77fdce9d23343b
3
+ metadata.gz: c072d4c6e5935ff9e176c0fc705c0e36228da4b1fc530a7eaf0249db57c71ddc
4
+ data.tar.gz: a0d293cb80ea7050deeccd039b5e0be01d51c09577181c1d9bf9df8a520764ac
5
5
  SHA512:
6
- metadata.gz: bdb2f4cbf5977bd1e40c9055c6e166c819b8e13ccbdd2d870c80ee907608205f72f65faa9fe56e882fcf9eab155b506537f29bd7593c3fcf31e3a0f94740e0ec
7
- data.tar.gz: ef966eff17c633ee5b590742c33a107bd58da4d262fbaf1bea458c2e5146dc16993f75b6d783118f3ff7f7fd827913423c71558bf1e8d60df66e3de35627e1a1
6
+ metadata.gz: a46270931d8c21b25090be9d1825259e872eae678ba1d1df6ca7898f0e678f81edc2f590a4338502631686be3a7b2911e736c58d9704354918b707dbaafdba41
7
+ data.tar.gz: 7bd511b855d777da969ea03aa14d7ce336a9c96670f01ac3e20424bb6fe039d43f183e561a33acb5e320ac2b8230aae287d608c292c68c4a91b605dd2be0cdb9
@@ -1,3 +1,8 @@
1
+ ## 0.4.3 (2020-05-26)
2
+
3
+ - Improved error message for bad key length
4
+ - Fixed missing attribute error
5
+
1
6
  ## 0.4.2 (2020-05-11)
2
7
 
3
8
  - Added experimental support for migrating Active Storage files
data/README.md CHANGED
@@ -278,7 +278,7 @@ end
278
278
 
279
279
  #### Migrating Existing Files [experimental]
280
280
 
281
- **Note:** This feature is experimental. Please try it in a non-production environment and let us know how it goes.
281
+ **Note:** This feature is experimental. Please try it in a non-production environment and [share](https://github.com/ankane/lockbox/issues/44) how it goes.
282
282
 
283
283
  Lockbox makes it easy to encrypt existing files without downtime.
284
284
 
@@ -11,7 +11,7 @@ module Lockbox
11
11
  raise ArgumentError, "Missing attribute for key generation" if attribute.to_s.empty?
12
12
 
13
13
  c = "\xB4"*32
14
- hkdf(Lockbox::Utils.decode_key(@master_key), salt: table.to_s, info: "#{c}#{attribute}", length: 32, hash: "sha384")
14
+ hkdf(Lockbox::Utils.decode_key(@master_key, name: "Master key"), salt: table.to_s, info: "#{c}#{attribute}", length: 32, hash: "sha384")
15
15
  end
16
16
 
17
17
  private
@@ -87,7 +87,10 @@ module Lockbox
87
87
  # essentially a no-op if already loaded
88
88
  # an exception is thrown if decryption fails
89
89
  self.class.lockbox_attributes.each do |_, lockbox_attribute|
90
- send(lockbox_attribute[:attribute])
90
+ # it is possible that the encrypted attribute is not loaded, eg.
91
+ # if the record was fetched partially (`User.select(:id).first`).
92
+ # accessing a not loaded attribute raises an `ActiveModel::MissingAttributeError`.
93
+ send(lockbox_attribute[:attribute]) if has_attribute?(lockbox_attribute[:encrypted_attribute])
91
94
  end
92
95
  super
93
96
  end
@@ -31,13 +31,13 @@ module Lockbox
31
31
  record.class.respond_to?(:lockbox_attachments) ? record.class.lockbox_attachments[name.to_sym] : nil
32
32
  end
33
33
 
34
- def self.decode_key(key, size: 32)
34
+ def self.decode_key(key, size: 32, name: "Key")
35
35
  if key.encoding != Encoding::BINARY && key =~ /\A[0-9a-f]{#{size * 2}}\z/i
36
36
  key = [key].pack("H*")
37
37
  end
38
38
 
39
- raise Lockbox::Error, "Key must use binary encoding" if key.encoding != Encoding::BINARY
40
- raise Lockbox::Error, "Key must be 32 bytes" if key.bytesize != size
39
+ raise Lockbox::Error, "#{name} must be 32 bytes (64 hex digits)" if key.bytesize != size
40
+ raise Lockbox::Error, "#{name} must use binary encoding" if key.encoding != Encoding::BINARY
41
41
 
42
42
  key
43
43
  end
@@ -1,3 +1,3 @@
1
1
  module Lockbox
2
- VERSION = "0.4.2"
2
+ VERSION = "0.4.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.2
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-11 00:00:00.000000000 Z
11
+ date: 2020-05-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler