lockbox 0.4.6 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2fb82c6baf0c56ae7f051c8363f7cb52554ebab8180b891d4aa25caf7505cec3
-  data.tar.gz: 64b6bda4259cc3fddd7e5635333b0b7c4a6680c4ff2da31bba735603ea50b010
+  metadata.gz: 77945cdf065bda9282a4a9cbffd77ebe518bcbe11c3e3ccaa91768bd1579f94c
+  data.tar.gz: ab052f812a91e1620dcc52ac578006b55e84d5aae1770ecb5c6c89c5119f9073
 SHA512:
-  metadata.gz: e1953d9159c2cb1f1ec55436d925738777ea0b78afedcb32864280f7772d1d9e12a48f65c69385fd6bcdab166668049b3889f1e17e3b316c696705bcb98650dd
-  data.tar.gz: a3559c399a385949526137eed03b73c38baae424bed3b597c89f287222e6e18fd2c5665b2cbba6b20dad71bf680f0840ee2753a68befd3af40fdb522e45e4088
+  metadata.gz: 8223d89af7efa1e4192c48512a45177d877df2c1878da425b05bf4e2b066c1f3a413b57f8f0fbdc73a04f000db191bfde2ef8bb0319c4bce7eee6a1985a3771f
+  data.tar.gz: 7bcb4b647f4abdc8141c571441ce1c8e47b5864aee3e043cd7f620ca7f9abc208ddb1134ac6f35700c73a30f934c56169ff5bca235ba32faba4a0d2325bc926a

data/CHANGELOG.md

@@ -1,3 +1,34 @@
+## 0.6.0 (2020-12-03)
+
+- Added `encrypted` flag to Active Storage metadata
+- Added encrypted columns to `filter_attributes`
+- Improved `inspect` method
+
+## 0.5.0 (2020-11-22)
+
+- Improved error messages for hybrid cryptography
+- Changed warning to error when no attributes specified
+- Fixed issue with `pluck` when migrating
+- Fixed error with `key_table` and `key_attribute` options with `previous_versions`
+
+## 0.4.9 (2020-10-01)
+
+- Added `key_table` and `key_attribute` options to `previous_versions`
+- Added `encrypted_attribute` option
+- Added support for encrypting empty string
+- Improved `inspect` for models with encrypted attributes
+
+## 0.4.8 (2020-08-30)
+
+- Added `key_table` and `key_attribute` options
+- Added warning when no attributes specified
+- Fixed error when Active Support partially loaded
+
+## 0.4.7 (2020-08-18)
+
+- Added `lockbox_options` method to encrypted CarrierWave uploaders
+- Improved attribute loading when no decryption key specified
+
 ## 0.4.6 (2020-07-02)
 
 - Added support for `update_column` and `update_columns`

data/README.md

@@ -1,16 +1,15 @@
 # Lockbox
 
-:package: Modern encryption for Rails
+:package: Modern encryption for Ruby and Rails
 
-- Uses state-of-the-art algorithms
 - Works with database fields, files, and strings
+- Maximizes compatibility with existing code and libraries
 - Makes migrating existing data and key rotation easy
-
-Lockbox aims to make encryption as friendly and intuitive as possible. Encrypted fields and files behave just like unencrypted ones for maximum compatibility with 3rd party libraries and existing code.
+- Has zero dependencies and many integrations
 
 Learn [the principles behind it](https://ankane.org/modern-encryption-rails), [how to secure emails with Devise](https://ankane.org/securing-user-emails-lockbox), and [how to secure sensitive data in Rails](https://ankane.org/sensitive-data-rails).
 
-[![Build Status](https://travis-ci.org/ankane/lockbox.svg?branch=master)](https://travis-ci.org/ankane/lockbox)
+[![Build Status](https://github.com/ankane/lockbox/workflows/build/badge.svg?branch=master)](https://github.com/ankane/lockbox/actions)
 
 ## Installation
 
@@ -89,6 +88,16 @@ User.create!(email: "hi@example.org")
 
 If you need to query encrypted fields, check out [Blind Index](https://github.com/ankane/blind_index).
 
+#### Multiple Fields
+
+You can specify multiple fields in single line.
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, :phone, :city
+end
+```
+
 #### Types
 
 Fields are strings by default. Specify the type of a field with:
@@ -188,8 +197,46 @@ class User < ApplicationRecord
 end
 ```
 
+#### Model Changes
+
+If tracking changes to model attributes, be sure to remove or redact encrypted attributes.
+
+PaperTrail
+
+```ruby
+class User < ApplicationRecord
+  # for an encrypted history (still tracks ciphertext changes)
+  has_paper_trail skip: [:email]
+
+  # for no history (add blind indexes as well)
+  has_paper_trail skip: [:email, :email_ciphertext]
+end
+```
+
+Audited
+
+```ruby
+class User < ApplicationRecord
+  # for an encrypted history (still tracks ciphertext changes)
+  audited except: [:email]
+
+  # for no history (add blind indexes as well)
+  audited except: [:email, :email_ciphertext]
+end
+```
+
+#### Decryption
+
+To decrypt data outside the model, use:
+
+```ruby
+User.decrypt_email_ciphertext(user.email_ciphertext)
+```
+
 ## Action Text
 
+**Note:** Action Text uses direct uploads for files, which cannot be encrypted with application-level encryption like Lockbox. This only encrypts the database field.
+
 Create a migration with:
 
 ```ruby
@@ -220,6 +267,10 @@ Lockbox.encrypts_action_text_body
 
 And drop the unencrypted column.
 
+#### Options
+
+You can pass any Lockbox options to the `encrypts_action_text_body` method.
+
 ## Mongoid
 
 Add to your model:
@@ -264,8 +315,9 @@ end
 
 There are a few limitations to be aware of:
 
-- Metadata like image width and height are not extracted when encrypted
-- Direct uploads cannot be encrypted
+- Variants and previews aren’t supported when encrypted
+- Metadata like image width and height aren’t extracted when encrypted
+- Direct uploads can’t be encrypted with application-level encryption like Lockbox, but can use server-side encryption
 
 To serve encrypted files, use a controller action.
 
@@ -390,44 +442,58 @@ Finally, delete the unencrypted files and drop the column for the original uploa
 
 ## Shrine
 
-Generate a key
+#### Models
+
+Include the attachment as normal:
 
 ```ruby
-key = Lockbox.generate_key
+class User < ApplicationRecord
+  include LicenseUploader::Attachment(:license)
+end
 ```
 
-Create a lockbox
+And encrypt in a controller (or background job, etc) with:
 
 ```ruby
-lockbox = Lockbox.new(key: key)
+license = params.require(:user).fetch(:license)
+lockbox = Lockbox.new(key: Lockbox.attribute_key(table: "users", attribute: "license"))
+user.license = lockbox.encrypt_io(license)
 ```
 
-Encrypt files before passing them to Shrine
+To serve encrypted files, use a controller action.
 
 ```ruby
-LicenseUploader.upload(lockbox.encrypt_io(file), :store)
+def license
+  user = User.find(params[:id])
+  lockbox = Lockbox.new(key: Lockbox.attribute_key(table: "users", attribute: "license"))
+  send_data lockbox.decrypt(user.license.read), type: user.license.mime_type
+end
 ```
 
-And decrypt them after reading
+#### Non-Models
+
+Generate a key
 
 ```ruby
-lockbox.decrypt(uploaded_file.read)
+key = Lockbox.generate_key
 ```
 
-For models, encrypt with:
+Create a lockbox
 
 ```ruby
-license = params.require(:user).fetch(:license)
-user.license = lockbox.encrypt_io(license)
+lockbox = Lockbox.new(key: key)
 ```
 
-To serve encrypted files, use a controller action.
+Encrypt files before passing them to Shrine
 
 ```ruby
-def license
-  user = User.find(params[:id])
-  send_data lockbox.decrypt(user.license.read), type: user.license.mime_type
-end
+LicenseUploader.upload(lockbox.encrypt_io(file), :store)
+```
+
+And decrypt them after reading
+
+```ruby
+lockbox.decrypt(uploaded_file.read)
 ```
 
 ## Local Files
@@ -508,6 +574,24 @@ Lockbox.rotate(User, attributes: [:email])
 
 Once all records are rotated, you can remove `previous_versions` from the model.
 
+### Action Text
+
+Update your initializer:
+
+```ruby
+Lockbox.encrypts_action_text_body(previous_versions: [{key: previous_key}])
+```
+
+Use `master_key` instead of `key` if passing the master key.
+
+To rotate existing records, use:
+
+```ruby
+Lockbox.rotate(ActionText::RichText, attributes: [:body])
+```
+
+Once all records are rotated, you can remove `previous_versions` from the initializer.
+
 ### Active Storage
 
 Update your model:
@@ -550,6 +634,14 @@ User.find_each do |user|
 end
 ```
 
+For multiple files, use:
+
+```ruby
+User.find_each do |user|
+  user.licenses.map(&:rotate_encryption!)
+end
+```
+
 Once all files are rotated, you can remove `previous_versions` from the model.
 
 ### Local Files & Strings
@@ -606,6 +698,8 @@ This is the default algorithm. It’s:
 - an IETF standard
 - fast thanks to a [dedicated instruction set](https://en.wikipedia.org/wiki/AES_instruction_set)
 
+Lockbox uses 256-bit keys.
+
 **For users who do a lot of encryptions:** You should rotate an individual key after 2 billion encryptions to minimize the chance of a [nonce collision](https://www.cryptologie.net/article/402/is-symmetric-security-solved/), which will expose the key. Each database field and file uploader use a different key (derived from the master key) to extend this window.
 
 ### XSalsa20
@@ -659,6 +753,22 @@ For Ubuntu 16.04, use:
 sudo apt-get install libsodium18
 ```
 
+##### GitHub Actions
+
+For Ubuntu 20.04 and 18.04, use:
+
+```yml
+    - name: Install Libsodium
+      run: sudo apt-get update && sudo apt-get install libsodium23
+```
+
+For Ubuntu 16.04, use:
+
+```yml
+    - name: Install Libsodium
+      run: sudo apt-get update && sudo apt-get install libsodium18
+```
+
 ##### Travis CI
 
 On Bionic, add to `.travis.yml`:
@@ -686,8 +796,7 @@ Add a step to `.circleci/config.yml`:
 ```yml
 - run:
     name: install Libsodium
-    command: |
-      sudo apt-get install -y libsodium18
+    command: sudo apt-get install -y libsodium18
 ```
 
 ## Hybrid Cryptography
@@ -714,15 +823,43 @@ Make sure `decryption_key` is `nil` on servers that shouldn’t decrypt.
 
 This uses X25519 for key exchange and XSalsa20 for encryption.
 
-## Key Separation
+## Key Configuration
+
+Lockbox supports a few different ways to set keys for database fields and files.
+
+1. Master key
+2. Per field/uploader
+3. Per record
 
-The master key is used to generate unique keys for each column. This technique comes from [CipherSweet](https://ciphersweet.paragonie.com/internals/key-hierarchy). The table name and column name are both used in this process. If you need to rename a table with encrypted columns, or an encrypted column itself, get the key:
+### Master Key
+
+By default, the master key is used to generate unique keys for each field/uploader. This technique comes from [CipherSweet](https://ciphersweet.paragonie.com/internals/key-hierarchy). The table name and column/uploader name are both used in this process.
+
+You can get an individual key with:
 
 ```ruby
 Lockbox.attribute_key(table: "users", attribute: "email_ciphertext")
 ```
 
-And set it directly before renaming:
+To rename a table with encrypted columns/uploaders, use:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, key_table: "original_table"
+end
+```
+
+To rename an encrypted column itself, use:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, key_attribute: "original_column"
+end
+```
+
+### Per Field/Uploader
+
+To set a key for an individual field/uploader, use a string:
 
 ```ruby
 class User < ApplicationRecord
@@ -730,16 +867,62 @@ class User < ApplicationRecord
 end
 ```
 
+Or a proc:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, key: -> { code }
+end
+```
+
+### Per Record
+
+To use a different key for each record, use a symbol:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, key: :some_method
+end
+```
+
+Or a proc:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, key: -> { some_method }
+end
+```
+
 ## Key Management
 
 You can use a key management service to manage your keys with [KMS Encrypted](https://github.com/ankane/kms_encrypted).
 
+For Active Record and Mongoid, use:
+
 ```ruby
 class User < ApplicationRecord
   encrypts :email, key: :kms_key
 end
 ```
 
+For Action Text, use:
+
+```ruby
+ActiveSupport.on_load(:action_text_rich_text) do
+  ActionText::RichText.has_kms_key
+end
+
+Lockbox.encrypts_action_text_body(key: :kms_key)
+```
+
+For Active Storage, use:
+
+```ruby
+class User < ApplicationRecord
+  encrypts_attached :license, key: :kms_key
+end
+```
+
 For CarrierWave, use:
 
 ```ruby
@@ -772,7 +955,7 @@ lockbox.encrypt("clear").bytesize     # 44
 lockbox.encrypt("consider").bytesize  # 44
 ```
 
-The block size for padding is 16 bytes by default. If we have a status larger than 15 bytes, it will have a different length than the others.
+The block size for padding is 16 bytes by default. Lockbox uses [ISO/IEC 7816-4](https://en.wikipedia.org/wiki/Padding_(cryptography)#ISO/IEC_7816-4) padding, which uses at least one byte, so if we have a status larger than 15 bytes, it will have a different length than the others.
 
 ```ruby
 box.encrypt("length15status!").bytesize   # 44
@@ -785,9 +968,25 @@ Change the block size with:
 Lockbox.new(padding: 32) # bytes
 ```
 
+## Associated Data
+
+You can pass extra context during encryption to make sure encrypted data isn’t moved to a different context.
+
+```ruby
+lockbox = Lockbox.new(key: key)
+ciphertext = lockbox.encrypt(message, associated_data: "somecontext")
+```
+
+Without the same context, decryption will fail.
+
+```ruby
+lockbox.decrypt(ciphertext, associated_data: "somecontext")  # success
+lockbox.decrypt(ciphertext, associated_data: "othercontext") # fails
+```
+
 ## Binary Columns
 
-You can use `binary` columns for the ciphertext instead of `text` columns to save space.
+You can use `binary` columns for the ciphertext instead of `text` columns.
 
 ```ruby
 class AddEmailCiphertextToUsers < ActiveRecord::Migration[6.0]
@@ -797,7 +996,7 @@ class AddEmailCiphertextToUsers < ActiveRecord::Migration[6.0]
 end
 ```
 
-You should disable Base64 encoding if you do this.
+Disable Base64 encoding to save space.
 
 ```ruby
 class User < ApplicationRecord
@@ -805,12 +1004,6 @@ class User < ApplicationRecord
 end
 ```
 
-or set it globally:
-
-```ruby
-Lockbox.default_options = {encode: false}
-```
-
 ## Compatibility
 
 It’s easy to read encrypted data in another language if needed.

data/lib/lockbox.rb

@@ -4,6 +4,7 @@ require "openssl"
 require "securerandom"
 
 # modules
+require "lockbox/aes_gcm"
 require "lockbox/box"
 require "lockbox/calculations"
 require "lockbox/encryptor"
@@ -19,10 +20,12 @@ require "lockbox/version"
 require "lockbox/carrier_wave_extensions" if defined?(CarrierWave)
 require "lockbox/railtie" if defined?(Rails)
 
-if defined?(ActiveSupport)
+if defined?(ActiveSupport::LogSubscriber)
   require "lockbox/log_subscriber"
   Lockbox::LogSubscriber.attach_to :lockbox
+end
 
+if defined?(ActiveSupport.on_load)
   ActiveSupport.on_load(:active_record) do
     extend Lockbox::Model
     extend Lockbox::Model::Attached

data/lib/lockbox/active_storage_extensions.rb

@@ -1,7 +1,22 @@
-# ideally encrypt and decrypt would happen at the blob/service level
-# however, there isn't really a great place to define encryption settings there
-# instead, we encrypt and decrypt at the attachment level,
-# and we define encryption settings at the model level
+# Ideally encryption and decryption would happen at the blob/service level.
+# However, Active Storage < 6.1 only supports a single service (per environment).
+# This means all attachments need to be encrypted or none of them,
+# which is often not practical.
+#
+# Active Storage 6.1 adds support for multiple services, which changes this.
+# We could have a Lockbox service:
+#
+# lockbox:
+#   service: Lockbox
+#   backend: local    # delegate to another service, like mirror service
+#   key:     ...      # Lockbox options
+#
+# However, the checksum is computed *and stored on the blob*
+# before the file is passed to the service.
+# We don't want the MD5 checksum of the plaintext stored in the database.
+#
+# Instead, we encrypt and decrypt at the attachment level,
+# and we define encryption settings at the model level.
 module Lockbox
   module ActiveStorageExtensions
     module Attached
@@ -74,6 +89,10 @@ module Lockbox
     module CreateOne
       def initialize(name, record, attachable)
         # this won't encrypt existing blobs
+        # ideally we'd check metadata for the encrypted flag
+        # and disallow unencrypted blobs
+        # since they'll raise an error on decryption
+        # but earlier versions of Lockbox won't have it
         attachable = Lockbox::Utils.encrypt_attachable(record, name, attachable) if Lockbox::Utils.encrypted?(record, name) && !attachable.is_a?(ActiveStorage::Blob)
         super(name, record, attachable)
       end
@@ -95,6 +114,16 @@ module Lockbox
         result
       end
 
+      def variant(*args)
+        raise Lockbox::Error, "Variant not supported for encrypted files" if Utils.encrypted_options(record, name)
+        super
+      end
+
+      def preview(*args)
+        raise Lockbox::Error, "Preview not supported for encrypted files" if Utils.encrypted_options(record, name)
+        super
+      end
+
       if ActiveStorage::VERSION::MAJOR >= 6
         def open(**options)
           blob.open(**options) do |file|

data/lib/lockbox/aes_gcm.rb

@@ -18,9 +18,10 @@ module Lockbox
       # In encryption mode, it must be set after calling #encrypt and setting #key= and #iv=
       cipher.auth_data = associated_data || ""
 
-      ciphertext = cipher.update(message) + cipher.final
+      ciphertext = String.new
+      ciphertext << cipher.update(message) unless message.empty?
+      ciphertext << cipher.final
       ciphertext << cipher.auth_tag
-
       ciphertext
     end
 
@@ -29,7 +30,6 @@ module Lockbox
 
       fail_decryption if nonce.to_s.bytesize != nonce_bytes
       fail_decryption if auth_tag.to_s.bytesize != auth_tag_bytes
-      fail_decryption if ciphertext.to_s.bytesize == 0
 
       cipher = OpenSSL::Cipher.new("aes-256-gcm")
       # do not change order of operations
@@ -43,7 +43,10 @@ module Lockbox
       cipher.auth_data = associated_data || ""
 
       begin
-        cipher.update(ciphertext) + cipher.final
+        message = String.new
+        message << cipher.update(ciphertext) unless ciphertext.to_s.empty?
+        message << cipher.final
+        message
       rescue OpenSSL::Cipher::CipherError
         fail_decryption
       end

data/lib/lockbox/box.rb

@@ -1,7 +1,7 @@
 module Lockbox
   class Box
     def initialize(key: nil, algorithm: nil, encryption_key: nil, decryption_key: nil, padding: false)
-      raise ArgumentError, "Cannot pass both key and public/private key" if key && (encryption_key || decryption_key)
+      raise ArgumentError, "Cannot pass both key and encryption/decryption key" if key && (encryption_key || decryption_key)
 
       key = Lockbox::Utils.decode_key(key) if key
       encryption_key = Lockbox::Utils.decode_key(encryption_key, size: 64) if encryption_key
@@ -12,7 +12,6 @@ module Lockbox
       case algorithm
       when "aes-gcm"
         raise ArgumentError, "Missing key" unless key
-        require "lockbox/aes_gcm"
         @box = AES_GCM.new(key)
       when "xchacha20"
         raise ArgumentError, "Missing key" unless key
@@ -39,7 +38,7 @@ module Lockbox
       message = Lockbox.pad(message, size: @padding) if @padding
       case @algorithm
       when "hybrid"
-        raise ArgumentError, "No public key set" unless @encryption_box
+        raise ArgumentError, "No encryption key set" unless defined?(@encryption_box)
         raise ArgumentError, "Associated data not supported with this algorithm" if associated_data
         nonce = generate_nonce(@encryption_box)
         ciphertext = @encryption_box.encrypt(nonce, message)
@@ -58,7 +57,7 @@ module Lockbox
       message =
         case @algorithm
         when "hybrid"
-          raise ArgumentError, "No private key set" unless @decryption_box
+          raise ArgumentError, "No decryption key set" unless defined?(@decryption_box)
           raise ArgumentError, "Associated data not supported with this algorithm" if associated_data
           nonce, ciphertext = extract_nonce(@decryption_box, ciphertext)
           @decryption_box.decrypt(nonce, ciphertext)

data/lib/lockbox/calculations.rb

@@ -3,7 +3,8 @@ module Lockbox
     def pluck(*column_names)
       return super unless model.respond_to?(:lockbox_attributes)
 
-      lockbox_columns = column_names.map.with_index { |c, i| [model.lockbox_attributes[c.to_sym], i] }.select(&:first)
+      lockbox_columns = column_names.map.with_index { |c, i| [model.lockbox_attributes[c.to_sym], i] }.select { |la, _i| la && !la[:migrating] }
+
       return super unless lockbox_columns.any?
 
       # replace column with ciphertext column

data/lib/lockbox/carrier_wave_extensions.rb

@@ -2,9 +2,22 @@ module Lockbox
   module CarrierWaveExtensions
     def encrypt(**options)
       class_eval do
+        # uses same hook as process (before cache)
+        # processing can be disabled, so better to keep separate
         before :cache, :encrypt
 
+        define_singleton_method :lockbox_options do
+          options
+        end
+
         def encrypt(file)
+          # safety check
+          # see CarrierWave::Uploader::Cache#cache!
+          raise Lockbox::Error, "Expected files to be equal. Please report an issue." unless file && @file && file == @file
+
+          # processors in CarrierWave move updated file to current_path
+          # however, this causes versions to use the processed file
+          # we only want to change the file for the current version
           @file = CarrierWave::SanitizedFile.new(lockbox_notify("encrypt_file") { lockbox.encrypt_io(file) })
         end
 
@@ -14,6 +27,7 @@ module Lockbox
           lockbox_notify("decrypt_file") { lockbox.decrypt(r) } if r
         end
 
+        # use size of plaintext since read and content type use plaintext
         def size
           read.bytesize
         end
@@ -23,6 +37,7 @@ module Lockbox
           MimeMagic.by_magic(read).try(:type) || "invalid/invalid"
         end
 
+        # disable processing since already processed
         def rotate_encryption!
           io = Lockbox::IO.new(read)
           io.original_filename = file.filename
@@ -46,6 +61,8 @@ module Lockbox
           end
         end
 
+        # for mounted uploaders, use mounted name
+        # for others, use uploader name
         def lockbox_name
           if mounted_as
             mounted_as.to_s
@@ -58,6 +75,8 @@ module Lockbox
           end
         end
 
+        # Active Support notifications so it's easier
+        # to see when files are encrypted and decrypted
         def lockbox_notify(type)
           if defined?(ActiveSupport::Notifications)
             name = lockbox_name
@@ -78,4 +97,8 @@ module Lockbox
   end
 end
 
+if CarrierWave::VERSION.to_i > 2
+  raise "CarrierWave version not supported in this version of Lockbox: #{CarrierWave::VERSION}"
+end
+
 CarrierWave::Uploader::Base.extend(Lockbox::CarrierWaveExtensions)

data/lib/lockbox/migrator.rb

@@ -116,6 +116,13 @@ module Lockbox
       end
     end
 
+    # there's a small chance for this process to read data,
+    # another process to update the data, and
+    # this process to write the now stale data
+    # this time window can be reduced with smaller batch sizes
+    # locking individual records could eliminate this
+    # one option is: relation.in_batches { |batch| batch.lock }
+    # which runs SELECT ... FOR UPDATE in Postgres
     def migrate_records(records, fields:, blind_indexes:, restart:, rotate:)
       # do computation outside of transaction
       # especially expensive blind index computation

data/lib/lockbox/model.rb

@@ -27,11 +27,19 @@ module Lockbox
       activerecord = defined?(ActiveRecord::Base) && self < ActiveRecord::Base
       raise ArgumentError, "Type not supported yet with Mongoid" if options[:type] && !activerecord
 
+      raise ArgumentError, "No attributes specified" if attributes.empty?
+
+      raise ArgumentError, "Cannot use key_attribute with multiple attributes" if options[:key_attribute] && attributes.size > 1
+
+      original_options = options.dup
+
       attributes.each do |name|
-        # add default options
-        encrypted_attribute = "#{name}_ciphertext"
+        # per attribute options
+        # TODO use a different name
+        options = original_options.dup
 
-        options = options.dup
+        # add default options
+        encrypted_attribute = options.delete(:encrypted_attribute) || "#{name}_ciphertext"
 
         # migrating
         original_name = name.to_sym
@@ -47,6 +55,15 @@ module Lockbox
         decrypt_method_name = "decrypt_#{encrypted_attribute}"
 
         class_eval do
+          # Lockbox uses custom inspect
+          # but this could be useful for other gems
+          if activerecord && ActiveRecord::VERSION::MAJOR >= 6
+            # only add virtual attribute
+            # need to use regexp since strings do partial matching
+            # also, need to use += instead of <<
+            self.filter_attributes += [/\A#{Regexp.escape(options[:attribute])}\z/]
+          end
+
           @lockbox_attributes ||= {}
 
           if @lockbox_attributes.empty?
@@ -71,12 +88,42 @@ module Lockbox
               super(options)
             end
 
-            # use same approach as devise
+            # maintain order
+            # replace ciphertext attributes w/ virtual attributes (filtered)
             def inspect
-              inspection =
-                serializable_hash.map do |k,v|
-                  "#{k}: #{respond_to?(:attribute_for_inspect) ? attribute_for_inspect(k) : v.inspect}"
+              lockbox_attributes = {}
+              lockbox_encrypted_attributes = {}
+              self.class.lockbox_attributes.each do |_, lockbox_attribute|
+                lockbox_attributes[lockbox_attribute[:attribute]] = true
+                lockbox_encrypted_attributes[lockbox_attribute[:encrypted_attribute]] = lockbox_attribute[:attribute]
+              end
+
+              inspection = []
+              # use serializable_hash like Devise
+              values = serializable_hash
+              self.class.attribute_names.each do |k|
+                next if !has_attribute?(k) || lockbox_attributes[k]
+
+                # check for lockbox attribute
+                if lockbox_encrypted_attributes[k]
+                  # check if ciphertext attribute nil to avoid loading attribute
+                  v = send(k).nil? ? "nil" : "[FILTERED]"
+                  k = lockbox_encrypted_attributes[k]
+                elsif values.key?(k)
+                  v = respond_to?(:attribute_for_inspect) ? attribute_for_inspect(k) : values[k].inspect
+
+                  # fix for https://github.com/rails/rails/issues/40725
+                  # TODO only apply to Active Record 6.0
+                  if respond_to?(:inspection_filter, true) && v != "nil"
+                    v = inspection_filter.filter_param(k, v)
+                  end
+                else
+                  next
                 end
+
+                inspection << "#{k}: #{v}"
+              end
+
               "#<#{self.class} #{inspection.join(", ")}>"
             end
 
@@ -87,6 +134,9 @@ module Lockbox
                 # essentially a no-op if already loaded
                 # an exception is thrown if decryption fails
                 self.class.lockbox_attributes.each do |_, lockbox_attribute|
+                  # don't try to decrypt if no decryption key given
+                  next if lockbox_attribute[:algorithm] == "hybrid" && lockbox_attribute[:decryption_key].nil?
+
                   # it is possible that the encrypted attribute is not loaded, eg.
                   # if the record was fetched partially (`User.select(:id).first`).
                   # accessing a not loaded attribute raises an `ActiveModel::MissingAttributeError`.
@@ -161,6 +211,7 @@ module Lockbox
           end
 
           raise "Duplicate encrypted attribute: #{original_name}" if lockbox_attributes[original_name]
+          raise "Multiple encrypted attributes use the same column: #{encrypted_attribute}" if lockbox_attributes.any? { |_, v| v[:encrypted_attribute] == encrypted_attribute }
           @lockbox_attributes[original_name] = options
 
           if activerecord
@@ -263,12 +314,13 @@ module Lockbox
           define_method("#{name}=") do |message|
             # decrypt first for dirty tracking
             # don't raise error if can't decrypt previous
-            begin
-              send(name)
-            rescue Lockbox::DecryptionError
-              # this is expected for hybrid cryptography
-              warn "[lockbox] Decrypting previous value failed" unless options[:algorithm] == "hybrid"
-              nil
+            # don't try to decrypt if no decryption key given
+            unless options[:algorithm] == "hybrid" && options[:decryption_key].nil?
+              begin
+                send(name)
+              rescue Lockbox::DecryptionError
+                warn "[lockbox] Decrypting previous value failed"
+              end
             end
 
             send("lockbox_direct_#{name}=", message)
@@ -334,7 +386,7 @@ module Lockbox
             table = activerecord ? table_name : collection_name.to_s
 
             unless message.nil?
-              # TODO use attribute type class in 0.5.0
+              # TODO use attribute type class in 0.7.0
               case options[:type]
               when :boolean
                 message = ActiveRecord::Type::Boolean.new.serialize(message)
@@ -389,7 +441,7 @@ module Lockbox
               end
 
             unless message.nil?
-              # TODO use attribute type class in 0.5.0
+              # TODO use attribute type class in 0.7.0
               case options[:type]
               when :boolean
                 message = message == "t"

data/lib/lockbox/utils.rb

@@ -1,6 +1,7 @@
 module Lockbox
   class Utils
     def self.build_box(context, options, table, attribute)
+      # dup options (with except) since keys are sometimes changed or deleted
       options = options.except(:attribute, :encrypted_attribute, :migrating, :attached, :type)
       options[:encode] = false unless options.key?(:encode)
       options.each do |k, v|
@@ -16,14 +17,32 @@ module Lockbox
       end
 
       unless options[:key] || options[:encryption_key] || options[:decryption_key]
-        options[:key] = Lockbox.attribute_key(table: table, attribute: attribute, master_key: options.delete(:master_key))
+        options[:key] =
+          Lockbox.attribute_key(
+            table: options.delete(:key_table) || table,
+            attribute: options.delete(:key_attribute) || attribute,
+            master_key: options.delete(:master_key),
+            encode: false
+          )
       end
 
       if options[:previous_versions].is_a?(Array)
-        options[:previous_versions] = options[:previous_versions].dup
+        # dup previous versions array (with map) since elements are updated
+        # dup each version (with dup) since keys are sometimes deleted
+        options[:previous_versions] = options[:previous_versions].map(&:dup)
         options[:previous_versions].each_with_index do |version, i|
-          if !(version[:key] || version[:encryption_key] || version[:decryption_key]) && version[:master_key]
-            options[:previous_versions][i] = version.merge(key: Lockbox.attribute_key(table: table, attribute: attribute, master_key: version.delete(:master_key)))
+          if !(version[:key] || version[:encryption_key] || version[:decryption_key]) && (version[:master_key] || version[:key_table] || version[:key_attribute])
+            # could also use key_table and key_attribute from options
+            # when specified, but keep simple for now
+            # also, this change isn't backward compatible
+            key =
+              Lockbox.attribute_key(
+                table: version.delete(:key_table) || table,
+                attribute: version.delete(:key_attribute) || attribute,
+                master_key: version.delete(:master_key),
+                encode: false
+              )
+            options[:previous_versions][i] = version.merge(key: key)
           end
         end
       end
@@ -40,7 +59,7 @@ module Lockbox
         key = [key].pack("H*")
       end
 
-      raise Lockbox::Error, "#{name} must be 32 bytes (64 hex digits)" if key.bytesize != size
+      raise Lockbox::Error, "#{name} must be #{size} bytes (#{size * 2} hex digits)" if key.bytesize != size
       raise Lockbox::Error, "#{name} must use binary encoding" if key.encoding != Encoding::BINARY
 
       key
@@ -70,13 +89,11 @@ module Lockbox
           attachable = attachable.dup
           attachable[:io] = box.encrypt_io(io)
         else
-          # TODO raise ArgumentError
-          raise NotImplementedError, "Could not find or build blob: expected attachable, got #{attachable.inspect}"
+          raise ArgumentError, "Could not find or build blob: expected attachable, got #{attachable.inspect}"
         end
 
         # don't analyze encrypted data
-        metadata = {"analyzed" => true}
-        metadata["encrypted"] = true if options[:migrating]
+        metadata = {"analyzed" => true, "encrypted" => true}
         attachable[:metadata] = (attachable[:metadata] || {}).merge(metadata)
       end
 

data/lib/lockbox/version.rb

@@ -1,3 +1,3 @@
 module Lockbox
-  VERSION = "0.4.6"
+  VERSION = "0.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lockbox
 version: !ruby/object:Gem::Version
-  version: 0.4.6
+  version: 0.6.0
 platform: ruby
 authors:
 - Andrew Kane
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-03 00:00:00.000000000 Z
+date: 2020-12-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -150,6 +150,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: shrine
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: shrine-mongoid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
   requirement: !ruby/object:Gem::Requirement
@@ -164,7 +192,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 
+description:
 email: andrew@chartkick.com
 executables: []
 extensions: []
@@ -197,7 +225,7 @@ homepage: https://github.com/ankane/lockbox
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -212,8 +240,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
-summary: Modern encryption for Rails
+summary: Modern encryption for Ruby and Rails
 test_files: []