loggable_activity 0.1.47 → 0.1.48

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +1 -1
  3. data/lib/loggable_activity/encryption.rb +25 -18
  4. data/lib/loggable_activity/encryption_key.rb +4 -1
  5. data/lib/loggable_activity/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 769f6634b248e3b70df41eb296770debee95b28e4e80f16f5c1b548f594dfde2
4
- data.tar.gz: 9edc8cbb35e16e0738e747ddb3cd8b953929a3cb4524ea623d118fed8bf38022
3
+ metadata.gz: ee3e20a374ac054a343ce5ff1c35c5fcce765fb631788fb6d9b738e52161a16a
4
+ data.tar.gz: 042cc1db90cf6b99eeb2c8d5ab3f16a5473178c00085f42400c4eec344a99731
5
5
  SHA512:
6
- metadata.gz: cd00a44dff499dd739c210a6d15ebf30b8a281f6f20006922f39cb0411f939be982abd1b4c82bc39257237ea804422b358f5ba2b63a9d7531a0a3164fdf37240
7
- data.tar.gz: 0f2e77814f90963fb65c322cc28e3be34faf62d079e7c7bfce98d80700d5a6c31fea40761e1ee62e85e2e0ae7b16852e1ff822374d684cdc029460a62ee2c82f
6
+ metadata.gz: 1f4063eb4cd98a16061d151759735e0b5cc98e7747151dc2c56856f2010f23936c2c338991c5cc85dfd3c72af4f60133a4e39271f29ec76e5ee04383ad6dd073
7
+ data.tar.gz: 8be57a52cfd948825e273648ffaec5809975dc14863f49206ee8f364f07b58a193758d80d867155f21760522a24bc2cf49d183ba757c503af1fdf51317b78202
data/CHANGELOG.md CHANGED
@@ -1,7 +1,7 @@
1
1
  ## [Unreleased]
2
2
  - nothing so far
3
3
 
4
- ## [0.1.47] - 2024-02-16
4
+ ## [0.1.48] - 2024-02-16
5
5
  ### Breaking change
6
6
  - Updated encryption_key to be 32 bytes
7
7
  - Updated README.md
data/lib/loggable_activity/encryption.rb CHANGED
@@ -19,17 +19,21 @@ module LoggableActivity
19
19
  # Returns:
20
20
  # "SOME_ENCRYPTED_STRING"
21
21
  #
22
- def self.encrypt(data, encryption_key)
23
- return nil if data.nil?
24
- return nil if encryption_key.nil?
25
- raise EncryptionError, 'Encryption failed: Invalid encryption key length' unless encryption_key.bytesize == 32
22
+ def self.encrypt(data, encoded_key)
23
+ return nil if data.nil? || encoded_key.nil?
24
+
25
+ encryption_key = Base64.decode64(encoded_key)
26
+ raise EncryptionError, "Encryption failed: Invalid encryption key length #{encryption_key.bytesize}" unless encryption_key.bytesize == 32
27
+
28
+ cipher = OpenSSL::Cipher.new('AES-256-CBC').encrypt
29
+ cipher.key = encryption_key
30
+ cipher.iv = iv = cipher.random_iv
26
31
 
27
- cipher = OpenSSL::Cipher.new('AES-128-CBC').encrypt
28
- cipher.key = Digest::SHA1.hexdigest(encryption_key)[0..15]
29
32
  encrypted = cipher.update(data.to_s) + cipher.final
30
- Base64.encode64(encrypted)
33
+ # Combine IV with encrypted data, encode with Base64 for storage/transmission
34
+ Base64.encode64(iv + encrypted)
31
35
  rescue OpenSSL::Cipher::CipherError => e
32
- raise EncryptionError, "Encryption failed: #{e.message} ***"
36
+ raise EncryptionError, "Encryption failed: #{e.message}"
33
37
  end
34
38
 
35
39
  # Decrypts the given data using the given encryption key
@@ -40,19 +44,22 @@ module LoggableActivity
40
44
  # Returns:
41
45
  # "my secret data"
42
46
  #
43
- def self.decrypt(data, encryption_key)
44
- return '' if data.nil?
45
- return I18n.t('loggable.activity.deleted') if encryption_key.nil?
47
+ def self.decrypt(data, encoded_key)
48
+ return '' if data.nil? || encoded_key.nil?
49
+
50
+ encryption_key = Base64.decode64(encoded_key)
51
+ raise EncryptionError, 'Decryption failed: Invalid encryption key length' unless encryption_key.bytesize == 32
52
+
53
+ cipher = OpenSSL::Cipher.new('AES-256-CBC').decrypt
54
+ cipher.key = encryption_key
46
55
 
47
- cipher = OpenSSL::Cipher.new('AES-128-CBC').decrypt
48
- cipher.key = Digest::SHA1.hexdigest(encryption_key)[0..15]
49
- decrypted_data = Base64.decode64(data)
50
- decrypted_output = cipher.update(decrypted_data) + cipher.final
51
- raise 'Decryption failed: Invalid UTF-8 output' unless decrypted_output.valid_encoding?
56
+ raw_data = Base64.decode64(data)
57
+ cipher.iv = raw_data[0...cipher.iv_len] # Extract IV from the beginning of raw_data
58
+ decrypted_data = cipher.update(raw_data[cipher.iv_len..]) + cipher.final
52
59
 
53
- decrypted_output.force_encoding('UTF-8')
60
+ decrypted_data.force_encoding('UTF-8')
54
61
  rescue OpenSSL::Cipher::CipherError => e
55
- raise EncryptionError, e.message
62
+ raise EncryptionError, "Decryption failed: #{e.message}"
56
63
  end
57
64
 
58
65
  def self.blank?(value)
data/lib/loggable_activity/encryption_key.rb CHANGED
@@ -107,7 +107,10 @@ module LoggableActivity
107
107
  # "a8f4774e7f42eb253045a4db7de7b79e"
108
108
  #
109
109
  def self.random_key
110
- SecureRandom.hex(32)
110
+ # Generate 32 random bytes (256 bits) directly
111
+ encryption_key = SecureRandom.random_bytes(32)
112
+ # Encode the key in Base64 to ensure it's in a transferable format
113
+ Base64.encode64(encryption_key).strip
111
114
  end
112
115
  end
113
116
  end
data/lib/loggable_activity/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module LoggableActivity
4
- VERSION = '0.1.47'
4
+ VERSION = '0.1.48'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: loggable_activity
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.47
4
+ version: 0.1.48
5
5
  platform: ruby
6
6
  authors:
7
7
  - "Max \nGroenlund"