loggable_activity 0.1.47 → 0.1.48

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +1 -1
  3. data/lib/loggable_activity/encryption.rb +25 -18
  4. data/lib/loggable_activity/encryption_key.rb +4 -1
  5. data/lib/loggable_activity/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 769f6634b248e3b70df41eb296770debee95b28e4e80f16f5c1b548f594dfde2
4
- data.tar.gz: 9edc8cbb35e16e0738e747ddb3cd8b953929a3cb4524ea623d118fed8bf38022
3
+ metadata.gz: ee3e20a374ac054a343ce5ff1c35c5fcce765fb631788fb6d9b738e52161a16a
4
+ data.tar.gz: 042cc1db90cf6b99eeb2c8d5ab3f16a5473178c00085f42400c4eec344a99731
5
5
  SHA512:
6
- metadata.gz: cd00a44dff499dd739c210a6d15ebf30b8a281f6f20006922f39cb0411f939be982abd1b4c82bc39257237ea804422b358f5ba2b63a9d7531a0a3164fdf37240
7
- data.tar.gz: 0f2e77814f90963fb65c322cc28e3be34faf62d079e7c7bfce98d80700d5a6c31fea40761e1ee62e85e2e0ae7b16852e1ff822374d684cdc029460a62ee2c82f
6
+ metadata.gz: 1f4063eb4cd98a16061d151759735e0b5cc98e7747151dc2c56856f2010f23936c2c338991c5cc85dfd3c72af4f60133a4e39271f29ec76e5ee04383ad6dd073
7
+ data.tar.gz: 8be57a52cfd948825e273648ffaec5809975dc14863f49206ee8f364f07b58a193758d80d867155f21760522a24bc2cf49d183ba757c503af1fdf51317b78202
data/CHANGELOG.md CHANGED
@@ -1,7 +1,7 @@
1
1
  ## [Unreleased]
2
2
  - nothing so far
3
3
 
4
- ## [0.1.47] - 2024-02-16
4
+ ## [0.1.48] - 2024-02-16
5
5
  ### Breaking change
6
6
  - Updated encryption_key to be 32 bytes
7
7
  - Updated README.md
data/lib/loggable_activity/encryption.rb CHANGED
@@ -19,17 +19,21 @@ module LoggableActivity
19
19
  # Returns:
20
20
  # "SOME_ENCRYPTED_STRING"
21
21
  #
22
- def self.encrypt(data, encryption_key)
23
- return nil if data.nil?
24
- return nil if encryption_key.nil?
25
- raise EncryptionError, 'Encryption failed: Invalid encryption key length' unless encryption_key.bytesize == 32
22
+ def self.encrypt(data, encoded_key)
23
+ return nil if data.nil? || encoded_key.nil?
24
+
25
+ encryption_key = Base64.decode64(encoded_key)
26
+ raise EncryptionError, "Encryption failed: Invalid encryption key length #{encryption_key.bytesize}" unless encryption_key.bytesize == 32
27
+
28
+ cipher = OpenSSL::Cipher.new('AES-256-CBC').encrypt
29
+ cipher.key = encryption_key
30
+ cipher.iv = iv = cipher.random_iv
26
31
 
27
- cipher = OpenSSL::Cipher.new('AES-128-CBC').encrypt
28
- cipher.key = Digest::SHA1.hexdigest(encryption_key)[0..15]
29
32
  encrypted = cipher.update(data.to_s) + cipher.final
30
- Base64.encode64(encrypted)
33
+ # Combine IV with encrypted data, encode with Base64 for storage/transmission
34
+ Base64.encode64(iv + encrypted)
31
35
  rescue OpenSSL::Cipher::CipherError => e
32
- raise EncryptionError, "Encryption failed: #{e.message} ***"
36
+ raise EncryptionError, "Encryption failed: #{e.message}"
33
37
  end
34
38
 
35
39
  # Decrypts the given data using the given encryption key
@@ -40,19 +44,22 @@ module LoggableActivity
40
44
  # Returns:
41
45
  # "my secret data"
42
46
  #
43
- def self.decrypt(data, encryption_key)
44
- return '' if data.nil?
45
- return I18n.t('loggable.activity.deleted') if encryption_key.nil?
47
+ def self.decrypt(data, encoded_key)
48
+ return '' if data.nil? || encoded_key.nil?
49
+
50
+ encryption_key = Base64.decode64(encoded_key)
51
+ raise EncryptionError, 'Decryption failed: Invalid encryption key length' unless encryption_key.bytesize == 32
52
+
53
+ cipher = OpenSSL::Cipher.new('AES-256-CBC').decrypt
54
+ cipher.key = encryption_key
46
55
 
47
- cipher = OpenSSL::Cipher.new('AES-128-CBC').decrypt
48
- cipher.key = Digest::SHA1.hexdigest(encryption_key)[0..15]
49
- decrypted_data = Base64.decode64(data)
50
- decrypted_output = cipher.update(decrypted_data) + cipher.final
51
- raise 'Decryption failed: Invalid UTF-8 output' unless decrypted_output.valid_encoding?
56
+ raw_data = Base64.decode64(data)
57
+ cipher.iv = raw_data[0...cipher.iv_len] # Extract IV from the beginning of raw_data
58
+ decrypted_data = cipher.update(raw_data[cipher.iv_len..]) + cipher.final
52
59
 
53
- decrypted_output.force_encoding('UTF-8')
60
+ decrypted_data.force_encoding('UTF-8')
54
61
  rescue OpenSSL::Cipher::CipherError => e
55
- raise EncryptionError, e.message
62
+ raise EncryptionError, "Decryption failed: #{e.message}"
56
63
  end
57
64
 
58
65
  def self.blank?(value)
data/lib/loggable_activity/encryption_key.rb CHANGED
@@ -107,7 +107,10 @@ module LoggableActivity
107
107
  # "a8f4774e7f42eb253045a4db7de7b79e"
108
108
  #
109
109
  def self.random_key
110
- SecureRandom.hex(32)
110
+ # Generate 32 random bytes (256 bits) directly
111
+ encryption_key = SecureRandom.random_bytes(32)
112
+ # Encode the key in Base64 to ensure it's in a transferable format
113
+ Base64.encode64(encryption_key).strip
111
114
  end
112
115
  end
113
116
  end
data/lib/loggable_activity/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module LoggableActivity
4
- VERSION = '0.1.47'
4
+ VERSION = '0.1.48'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: loggable_activity
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.47
4
+ version: 0.1.48
5
5
  platform: ruby
6
6
  authors:
7
7
  - "Max \nGroenlund"