lockbox 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/README.md +1 -0
  4. data/lib/lockbox.rb +4 -1
  5. data/lib/lockbox/aes_gcm.rb +0 -2
  6. data/lib/lockbox/box.rb +1 -3
  7. data/lib/lockbox/key_generator.rb +1 -1
  8. data/lib/lockbox/model.rb +12 -2
  9. data/lib/lockbox/version.rb +1 -1
  10. metadata +16 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7ff8aec789f8ef6d6e8ec99c0c7a2d0d79e2a1c673042eeaf6cd04ab4e8b04ca
4
- data.tar.gz: dc552daada840ec604a9e36c4c98a11e4079e5da41be66bff9fd66619e3804f9
3
+ metadata.gz: 10f6fa1f09a73c4fb740dce62478c0abc65dbfa6ed5434801429bf5d990e2e38
4
+ data.tar.gz: b6975e18f7f9c28ce7397f982a6f3900fc6af7938883e0631afbd72e32d5caec
5
5
  SHA512:
6
- metadata.gz: 0c42c4e685a33bf56639b111ee7d815084580ee37d4bbc9e5ed3120f1651c15dbeabc976d705d95870f9d271e32765898992cb5853936c8752c0dcf03fb89d2f
7
- data.tar.gz: 9edb22666740c150f8eeda4a3e6b02ccb662abaa8775aa74beb104d90c0c15fc27d2420521f2312ce25bb724323cb45645cb954386dcfaca5be6237c77609bcc
6
+ metadata.gz: 322b03e672c6e389f26311e57625b6f6e633c64dbd27904a6c5c59105b809b295edd2d49171965ad6c6f6707e8a7d4ddf191b2612b7563326a9c867cabcc9b57
7
+ data.tar.gz: 2a4cec96d5b0388bae885cb817aba5ada8ac1c65d74f3fc310800a207f500eba15d5de475c7b94e81027f7b4f09599c9a4b5c65145b6996e6ca9eda7215704a4
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## 0.2.3
2
+
3
+ - Added time type
4
+ - Added support for rotating padding with same key
5
+ - Fixed `OpenSSL::KDF` error on some platforms
6
+ - Fixed UTF-8 error
7
+
1
8
  ## 0.2.2
2
9
 
3
10
  - Fixed error with models that have attachments but no encrypted attachments
data/README.md CHANGED
@@ -80,6 +80,7 @@ Specify the type of a field with:
80
80
  class User < ApplicationRecord
81
81
  encrypts :born_on, type: :date
82
82
  encrypts :signed_at, type: :datetime
83
+ encrypts :opens_at, type: :time
83
84
  encrypts :active, type: :boolean
84
85
  encrypts :salary, type: :integer
85
86
  encrypts :latitude, type: :float
data/lib/lockbox.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  # dependencies
2
+ require "openssl"
2
3
  require "securerandom"
3
4
 
4
5
  # modules
@@ -97,7 +98,9 @@ class Lockbox
97
98
  begin
98
99
  return box.decrypt(ciphertext, **options)
99
100
  rescue => e
100
- error_classes = [DecryptionError]
101
+ # returning DecryptionError instead of PaddingError
102
+ # is for end-user convenience, not for security
103
+ error_classes = [DecryptionError, PaddingError]
101
104
  error_classes << RbNaCl::LengthError if defined?(RbNaCl::LengthError)
102
105
  error_classes << RbNaCl::CryptoError if defined?(RbNaCl::CryptoError)
103
106
  if error_classes.any? { |ec| e.is_a?(ec) }
data/lib/lockbox/aes_gcm.rb CHANGED
@@ -1,5 +1,3 @@
1
- require "openssl"
2
-
3
1
  class Lockbox
4
2
  class AES_GCM
5
3
  def initialize(key)
data/lib/lockbox/box.rb CHANGED
@@ -1,5 +1,3 @@
1
- require "securerandom"
2
-
3
1
  class Lockbox
4
2
  class Box
5
3
  def initialize(key: nil, algorithm: nil, encryption_key: nil, decryption_key: nil, padding: false)
@@ -74,7 +72,7 @@ class Lockbox
74
72
  message
75
73
  end
76
74
 
77
- # protect key for xchacha20 and hybrid
75
+ # protect key for xsalsa20, xchacha20, and hybrid
78
76
  def inspect
79
77
  to_s
80
78
  end
data/lib/lockbox/key_generator.rb CHANGED
@@ -21,7 +21,7 @@ class Lockbox
21
21
  end
22
22
 
23
23
  def hkdf(ikm, salt:, info:, length:, hash:)
24
- if OpenSSL::KDF.respond_to?(:hkdf)
24
+ if defined?(OpenSSL::KDF.hkdf)
25
25
  return OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: length, hash: hash)
26
26
  end
27
27
 
data/lib/lockbox/model.rb CHANGED
@@ -50,7 +50,7 @@ class Lockbox
50
50
  # options[:type] = :float
51
51
  # end
52
52
 
53
- raise ArgumentError, "Unknown type: #{options[:type]}" unless [nil, :string, :boolean, :date, :datetime, :integer, :float, :binary, :json, :hash].include?(options[:type])
53
+ raise ArgumentError, "Unknown type: #{options[:type]}" unless [nil, :string, :boolean, :date, :datetime, :time, :integer, :float, :binary, :json, :hash].include?(options[:type])
54
54
 
55
55
  attribute_type =
56
56
  case options[:type]
@@ -156,6 +156,11 @@ class Lockbox
156
156
  message = ActiveRecord::Type::DateTime.new.serialize(message)
157
157
  message = nil unless message.respond_to?(:iso8601) # for Active Record < 5.2
158
158
  message = message.iso8601(9) unless message.nil?
159
+ when :time
160
+ message = ActiveRecord::Type::Time.new.serialize(message)
161
+ message = nil unless message.respond_to?(:strftime)
162
+ message = message.strftime("%H:%M:%S.%N") unless message.nil?
163
+ message
159
164
  when :integer
160
165
  message = ActiveRecord::Type::Integer.new(limit: 8).serialize(message)
161
166
  message = 0 if message.nil?
@@ -216,12 +221,14 @@ class Lockbox
216
221
  message = ActiveRecord::Type::Date.new.deserialize(message)
217
222
  when :datetime
218
223
  message = ActiveRecord::Type::DateTime.new.deserialize(message)
224
+ when :time
225
+ message = ActiveRecord::Type::Time.new.deserialize(message)
219
226
  when :integer
220
227
  message = ActiveRecord::Type::Integer.new(limit: 8).deserialize(message.unpack("q>").first)
221
228
  when :float
222
229
  message = ActiveRecord::Type::Float.new.deserialize(message.unpack("G").first)
223
230
  when :string
224
- message = message.encode(Encoding::UTF_8)
231
+ message.force_encoding(Encoding::UTF_8)
225
232
  when :binary
226
233
  # do nothing
227
234
  # decrypt returns binary string
@@ -229,6 +236,9 @@ class Lockbox
229
236
  type = self.class.attribute_types[name.to_s]
230
237
  if type.is_a?(ActiveRecord::Type::Serialized)
231
238
  message = type.deserialize(message)
239
+ else
240
+ # default to string if not serialized
241
+ message.force_encoding(Encoding::UTF_8)
232
242
  end
233
243
  end
234
244
  end
data/lib/lockbox/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  class Lockbox
2
- VERSION = "0.2.2"
2
+ VERSION = "0.2.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-24 00:00:00.000000000 Z
11
+ date: 2019-07-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -136,6 +136,20 @@ dependencies:
136
136
  - - ">="
137
137
  - !ruby/object:Gem::Version
138
138
  version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: mysql2
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
139
153
  - !ruby/object:Gem::Dependency
140
154
  name: benchmark-ips
141
155
  requirement: !ruby/object:Gem::Requirement