lockbox 0.2.2 → 0.2.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/README.md +1 -0
  4. data/lib/lockbox.rb +4 -1
  5. data/lib/lockbox/aes_gcm.rb +0 -2
  6. data/lib/lockbox/box.rb +1 -3
  7. data/lib/lockbox/key_generator.rb +1 -1
  8. data/lib/lockbox/model.rb +12 -2
  9. data/lib/lockbox/version.rb +1 -1
  10. metadata +16 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7ff8aec789f8ef6d6e8ec99c0c7a2d0d79e2a1c673042eeaf6cd04ab4e8b04ca
4
- data.tar.gz: dc552daada840ec604a9e36c4c98a11e4079e5da41be66bff9fd66619e3804f9
3
+ metadata.gz: 10f6fa1f09a73c4fb740dce62478c0abc65dbfa6ed5434801429bf5d990e2e38
4
+ data.tar.gz: b6975e18f7f9c28ce7397f982a6f3900fc6af7938883e0631afbd72e32d5caec
5
5
  SHA512:
6
- metadata.gz: 0c42c4e685a33bf56639b111ee7d815084580ee37d4bbc9e5ed3120f1651c15dbeabc976d705d95870f9d271e32765898992cb5853936c8752c0dcf03fb89d2f
7
- data.tar.gz: 9edb22666740c150f8eeda4a3e6b02ccb662abaa8775aa74beb104d90c0c15fc27d2420521f2312ce25bb724323cb45645cb954386dcfaca5be6237c77609bcc
6
+ metadata.gz: 322b03e672c6e389f26311e57625b6f6e633c64dbd27904a6c5c59105b809b295edd2d49171965ad6c6f6707e8a7d4ddf191b2612b7563326a9c867cabcc9b57
7
+ data.tar.gz: 2a4cec96d5b0388bae885cb817aba5ada8ac1c65d74f3fc310800a207f500eba15d5de475c7b94e81027f7b4f09599c9a4b5c65145b6996e6ca9eda7215704a4
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## 0.2.3
2
+
3
+ - Added time type
4
+ - Added support for rotating padding with same key
5
+ - Fixed `OpenSSL::KDF` error on some platforms
6
+ - Fixed UTF-8 error
7
+
1
8
  ## 0.2.2
2
9
 
3
10
  - Fixed error with models that have attachments but no encrypted attachments
data/README.md CHANGED
@@ -80,6 +80,7 @@ Specify the type of a field with:
80
80
  class User < ApplicationRecord
81
81
  encrypts :born_on, type: :date
82
82
  encrypts :signed_at, type: :datetime
83
+ encrypts :opens_at, type: :time
83
84
  encrypts :active, type: :boolean
84
85
  encrypts :salary, type: :integer
85
86
  encrypts :latitude, type: :float
data/lib/lockbox.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  # dependencies
2
+ require "openssl"
2
3
  require "securerandom"
3
4
 
4
5
  # modules
@@ -97,7 +98,9 @@ class Lockbox
97
98
  begin
98
99
  return box.decrypt(ciphertext, **options)
99
100
  rescue => e
100
- error_classes = [DecryptionError]
101
+ # returning DecryptionError instead of PaddingError
102
+ # is for end-user convenience, not for security
103
+ error_classes = [DecryptionError, PaddingError]
101
104
  error_classes << RbNaCl::LengthError if defined?(RbNaCl::LengthError)
102
105
  error_classes << RbNaCl::CryptoError if defined?(RbNaCl::CryptoError)
103
106
  if error_classes.any? { |ec| e.is_a?(ec) }
data/lib/lockbox/aes_gcm.rb CHANGED
@@ -1,5 +1,3 @@
1
- require "openssl"
2
-
3
1
  class Lockbox
4
2
  class AES_GCM
5
3
  def initialize(key)
data/lib/lockbox/box.rb CHANGED
@@ -1,5 +1,3 @@
1
- require "securerandom"
2
-
3
1
  class Lockbox
4
2
  class Box
5
3
  def initialize(key: nil, algorithm: nil, encryption_key: nil, decryption_key: nil, padding: false)
@@ -74,7 +72,7 @@ class Lockbox
74
72
  message
75
73
  end
76
74
 
77
- # protect key for xchacha20 and hybrid
75
+ # protect key for xsalsa20, xchacha20, and hybrid
78
76
  def inspect
79
77
  to_s
80
78
  end
data/lib/lockbox/key_generator.rb CHANGED
@@ -21,7 +21,7 @@ class Lockbox
21
21
  end
22
22
 
23
23
  def hkdf(ikm, salt:, info:, length:, hash:)
24
- if OpenSSL::KDF.respond_to?(:hkdf)
24
+ if defined?(OpenSSL::KDF.hkdf)
25
25
  return OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: length, hash: hash)
26
26
  end
27
27
 
data/lib/lockbox/model.rb CHANGED
@@ -50,7 +50,7 @@ class Lockbox
50
50
  # options[:type] = :float
51
51
  # end
52
52
 
53
- raise ArgumentError, "Unknown type: #{options[:type]}" unless [nil, :string, :boolean, :date, :datetime, :integer, :float, :binary, :json, :hash].include?(options[:type])
53
+ raise ArgumentError, "Unknown type: #{options[:type]}" unless [nil, :string, :boolean, :date, :datetime, :time, :integer, :float, :binary, :json, :hash].include?(options[:type])
54
54
 
55
55
  attribute_type =
56
56
  case options[:type]
@@ -156,6 +156,11 @@ class Lockbox
156
156
  message = ActiveRecord::Type::DateTime.new.serialize(message)
157
157
  message = nil unless message.respond_to?(:iso8601) # for Active Record < 5.2
158
158
  message = message.iso8601(9) unless message.nil?
159
+ when :time
160
+ message = ActiveRecord::Type::Time.new.serialize(message)
161
+ message = nil unless message.respond_to?(:strftime)
162
+ message = message.strftime("%H:%M:%S.%N") unless message.nil?
163
+ message
159
164
  when :integer
160
165
  message = ActiveRecord::Type::Integer.new(limit: 8).serialize(message)
161
166
  message = 0 if message.nil?
@@ -216,12 +221,14 @@ class Lockbox
216
221
  message = ActiveRecord::Type::Date.new.deserialize(message)
217
222
  when :datetime
218
223
  message = ActiveRecord::Type::DateTime.new.deserialize(message)
224
+ when :time
225
+ message = ActiveRecord::Type::Time.new.deserialize(message)
219
226
  when :integer
220
227
  message = ActiveRecord::Type::Integer.new(limit: 8).deserialize(message.unpack("q>").first)
221
228
  when :float
222
229
  message = ActiveRecord::Type::Float.new.deserialize(message.unpack("G").first)
223
230
  when :string
224
- message = message.encode(Encoding::UTF_8)
231
+ message.force_encoding(Encoding::UTF_8)
225
232
  when :binary
226
233
  # do nothing
227
234
  # decrypt returns binary string
@@ -229,6 +236,9 @@ class Lockbox
229
236
  type = self.class.attribute_types[name.to_s]
230
237
  if type.is_a?(ActiveRecord::Type::Serialized)
231
238
  message = type.deserialize(message)
239
+ else
240
+ # default to string if not serialized
241
+ message.force_encoding(Encoding::UTF_8)
232
242
  end
233
243
  end
234
244
  end
data/lib/lockbox/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  class Lockbox
2
- VERSION = "0.2.2"
2
+ VERSION = "0.2.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-24 00:00:00.000000000 Z
11
+ date: 2019-07-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -136,6 +136,20 @@ dependencies:
136
136
  - - ">="
137
137
  - !ruby/object:Gem::Version
138
138
  version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: mysql2
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
139
153
  - !ruby/object:Gem::Dependency
140
154
  name: benchmark-ips
141
155
  requirement: !ruby/object:Gem::Requirement