relishable 0.41 → 0.44

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +5 -5
  2. data/Gemfile +1 -1
  3. data/Gemfile.lock +60 -56
  4. data/lib/relish/encryption_helper.rb +10 -48
  5. data/lib/relish/version.rb +1 -1
  6. metadata +15 -30
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 29dda1bae467029b5b8fa1bf9e571c346369cb67
4
- data.tar.gz: fc53164b682a045c484a7915da717971714f7acf
2
+ SHA256:
3
+ metadata.gz: f86a33178d81efd6d22a01cda3f4e254251b8f153afd1e4bddb6581c56468972
4
+ data.tar.gz: ad2c949dad4dcd6e6bb51c9f9c8f71eab32990ccc6d7ac82104a2bd90225772e
5
5
  SHA512:
6
- metadata.gz: 5b32c9440b0600e7b2d82cce500bbf8a691193348659a61d6dcccc2656e9da17f79a699c5f9750477f073c11f6656630e8355f4c10f1793fabc6e96f1a9a4f31
7
- data.tar.gz: a2dc8f10b4297603ff3d74da4ac355ddba222962a7606dd2b498fa5a196668e374382ff43fee600173fa0f65750cc32bef81799e717bb44d68aa7e2481b2ef0b
6
+ metadata.gz: d8f999b98885c32e2b6c3382fe24dd5f1c2a35b792dc2698839d316a9a82dec9a8c8d03e7f633ac1967a7a1ed1547d1b48dee26ea65d6ac594859c5e16a3f9f6
7
+ data.tar.gz: 81c2ba2e9622151895c271f16927e46ac3a506c0cb568253ba50f7586f4b1661e06c5e059db3a4b6e5f10305fd2f48f4e76d491c6f0c792182ef77deb6fd31a0
data/Gemfile CHANGED
@@ -1,3 +1,3 @@
1
- source "http://rubygems.org"
1
+ source "https://rubygems.org"
2
2
 
3
3
  gemspec
data/Gemfile.lock CHANGED
@@ -1,88 +1,92 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- relishable (0.41)
4
+ relishable (0.44)
5
5
  fernet (~> 2.3)
6
- fog-aws (~> 0.8.0)
7
- legacy-fernet (~> 1.6.3)
8
- net-ssh (~> 3.0.2)
6
+ fog-aws (~> 3.12.0)
7
+ net-ssh (~> 6.1.0)
9
8
 
10
9
  GEM
11
- remote: http://rubygems.org/
10
+ remote: https://rubygems.org/
12
11
  specs:
13
- addressable (2.3.8)
14
- builder (3.2.3)
15
- byebug (10.0.0)
16
- coderay (1.1.2)
17
- crack (0.4.2)
18
- safe_yaml (~> 1.0.0)
19
- diff-lcs (1.2.5)
20
- excon (0.62.0)
12
+ addressable (2.8.0)
13
+ public_suffix (>= 2.0.2, < 5.0)
14
+ builder (3.2.4)
15
+ coderay (1.1.3)
16
+ crack (0.4.5)
17
+ rexml
18
+ diff-lcs (1.5.0)
19
+ excon (0.92.3)
21
20
  fernet (2.3)
22
21
  valcro (~> 0.1)
23
- fog-aws (0.8.1)
24
- fog-core (~> 1.27)
25
- fog-json (~> 1.0)
22
+ fog-aws (3.12.0)
23
+ fog-core (~> 2.1)
24
+ fog-json (~> 1.1)
26
25
  fog-xml (~> 0.1)
27
26
  ipaddress (~> 0.8)
28
- fog-core (1.45.0)
27
+ fog-core (2.3.0)
29
28
  builder
30
- excon (~> 0.58)
31
- formatador (~> 0.2)
29
+ excon (~> 0.71)
30
+ formatador (>= 0.2, < 2.0)
31
+ mime-types
32
32
  fog-json (1.2.0)
33
33
  fog-core
34
34
  multi_json (~> 1.10)
35
- fog-xml (0.1.3)
35
+ fog-xml (0.1.4)
36
36
  fog-core
37
37
  nokogiri (>= 1.5.11, < 2.0.0)
38
- formatador (0.2.5)
38
+ formatador (1.1.0)
39
+ hashdiff (1.0.1)
39
40
  ipaddress (0.8.3)
40
- legacy-fernet (1.6.4)
41
- multi_json (~> 1.0)
42
- method_source (0.9.1)
43
- mini_portile2 (2.3.0)
44
- multi_json (1.13.1)
45
- net-ssh (3.0.2)
46
- nokogiri (1.8.5)
47
- mini_portile2 (~> 2.3.0)
48
- power_assert (0.2.2)
49
- pry (0.11.3)
50
- coderay (~> 1.1.0)
51
- method_source (~> 0.9.0)
52
- pry-byebug (3.6.0)
53
- byebug (~> 10.0)
54
- pry (~> 0.10)
55
- rake (10.4.2)
56
- rspec (3.1.0)
57
- rspec-core (~> 3.1.0)
58
- rspec-expectations (~> 3.1.0)
59
- rspec-mocks (~> 3.1.0)
60
- rspec-core (3.1.7)
61
- rspec-support (~> 3.1.0)
62
- rspec-expectations (3.1.2)
41
+ method_source (1.0.0)
42
+ mime-types (3.4.1)
43
+ mime-types-data (~> 3.2015)
44
+ mime-types-data (3.2022.0105)
45
+ mini_portile2 (2.8.0)
46
+ multi_json (1.15.0)
47
+ net-ssh (6.1.0)
48
+ nokogiri (1.13.6)
49
+ mini_portile2 (~> 2.8.0)
50
+ racc (~> 1.4)
51
+ power_assert (2.0.1)
52
+ pry (0.14.1)
53
+ coderay (~> 1.1)
54
+ method_source (~> 1.0)
55
+ public_suffix (4.0.7)
56
+ racc (1.6.0)
57
+ rake (13.0.6)
58
+ rexml (3.2.5)
59
+ rspec (3.10.0)
60
+ rspec-core (~> 3.10.0)
61
+ rspec-expectations (~> 3.10.0)
62
+ rspec-mocks (~> 3.10.0)
63
+ rspec-core (3.10.2)
64
+ rspec-support (~> 3.10.0)
65
+ rspec-expectations (3.10.2)
63
66
  diff-lcs (>= 1.2.0, < 2.0)
64
- rspec-support (~> 3.1.0)
65
- rspec-mocks (3.1.3)
66
- rspec-support (~> 3.1.0)
67
- rspec-support (3.1.2)
68
- safe_yaml (1.0.4)
69
- test-unit (3.0.8)
67
+ rspec-support (~> 3.10.0)
68
+ rspec-mocks (3.10.3)
69
+ diff-lcs (>= 1.2.0, < 2.0)
70
+ rspec-support (~> 3.10.0)
71
+ rspec-support (3.10.3)
72
+ test-unit (3.5.3)
70
73
  power_assert
71
74
  valcro (0.1.1)
72
- webmock (1.19.0)
73
- addressable (>= 2.3.6)
75
+ webmock (3.14.0)
76
+ addressable (>= 2.8.0)
74
77
  crack (>= 0.3.2)
78
+ hashdiff (>= 0.4.0, < 2.0.0)
75
79
 
76
80
  PLATFORMS
77
81
  ruby
78
82
 
79
83
  DEPENDENCIES
80
- pry-byebug
84
+ pry
81
85
  rake (> 0)
82
86
  relishable!
83
- rspec (~> 3.1.0)
87
+ rspec (~> 3.10.0)
84
88
  test-unit
85
- webmock (~> 1.19.0)
89
+ webmock (~> 3.14.0)
86
90
 
87
91
  BUNDLED WITH
88
- 1.17.1
92
+ 2.3.14
data/lib/relish/encryption_helper.rb CHANGED
@@ -1,5 +1,4 @@
1
1
  require "relish/release"
2
- require "fernet/legacy"
3
2
  require "fernet"
4
3
  require "openssl"
5
4
 
@@ -8,27 +7,19 @@ class RelishDecryptionFailed < RuntimeError; end
8
7
  class Relish
9
8
  class EncryptionHelper
10
9
 
11
- LEGACY_MATCHER = /.+?\|.+?\|.+?/.freeze
12
-
13
- def initialize(static_secret, secrets)
14
- @static_secret = static_secret
10
+ def initialize(static_secrets, secrets)
11
+ @static_secrets = static_secrets.is_a?(String) ? [static_secrets] : static_secrets
15
12
  @secrets = secrets
16
13
  end
17
14
 
18
- def encrypt(_key = 'env', value)
19
- current_encrypt(value)
20
- end
21
-
22
- def legacy_encrypt(key, value)
23
- Fernet::Legacy.generate(hmac_secrets.first) do |gen|
24
- gen.data = { key => value }
25
- end
15
+ def encrypt(value)
16
+ Fernet.generate(hmac_secrets.first[0, 32], value)
26
17
  end
27
18
 
28
- def decrypt(key = 'env', token)
19
+ def decrypt(token)
29
20
  plain = nil
30
21
  hmac_secrets.each do |secret|
31
- plain = decrypt_with_secret(secret, token, key)
22
+ plain = decrypt_with_secret(secret, token)
32
23
  break if plain
33
24
  end
34
25
  raise RelishDecryptionFailed unless plain
@@ -43,46 +34,17 @@ class Relish
43
34
 
44
35
  protected
45
36
 
46
- def current_encrypt(value)
47
- Fernet.generate(hmac_secrets.first[0, 32], value)
48
- end
49
-
50
- def legacy?(token)
51
- !!(token =~ LEGACY_MATCHER)
52
- end
53
-
54
37
  def hmac_secrets
55
- @hmac_secrets ||= @secrets.map do |secret|
56
- OpenSSL::HMAC.hexdigest('sha256', @static_secret, secret)
57
- end
58
- end
59
-
60
- def legacy_decrypt(secret, token, key)
61
- verifier = Fernet::Legacy.verifier(secret, token)
62
- verifier.enforce_ttl = false
63
- verifier.verify_token(token)
64
- return nil unless verifier.valid?
65
- verifier.data[key]
66
- rescue OpenSSL::Cipher::CipherError
67
- # Certain combinations of keys and encrypted data cause decryption with an
68
- # incorrect key to succeed (no CipherError) but produce garbage data which
69
- # cannot be decoded into JSON, and thus fail with a ParseError instead.
70
- rescue MultiJson::ParseError
38
+ @hmac_secrets ||= @static_secrets.product(@secrets).map {|static_secret, secret|
39
+ OpenSSL::HMAC.hexdigest('sha256', static_secret, secret)}
71
40
  end
72
41
 
73
- def current_decrypt(secret, token)
42
+ def decrypt_with_secret(secret, token)
74
43
  verifier = Fernet.verifier(secret[0, 32], token)
75
44
  verifier.enforce_ttl = false
76
45
  return nil unless verifier.valid?
77
- verifier.message
78
- end
79
46
 
80
- def decrypt_with_secret(secret, token, key)
81
- if legacy?(token)
82
- legacy_decrypt(secret, token, key)
83
- else
84
- current_decrypt(secret, token)
85
- end
47
+ verifier.message
86
48
  end
87
49
  end
88
50
  end
data/lib/relish/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  class Relish
2
- VERSION = "0.41"
2
+ VERSION = "0.44"
3
3
  end
metadata CHANGED
@@ -1,17 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: relishable
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.41'
4
+ version: '0.44'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mark Fine
8
8
  - Blake Gentry
9
9
  - Pedro Belo
10
10
  - Joshua Tobin
11
- autorequire:
11
+ autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2018-11-28 00:00:00.000000000 Z
14
+ date: 2022-06-09 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: fog-aws
@@ -19,28 +19,14 @@ dependencies:
19
19
  requirements:
20
20
  - - "~>"
21
21
  - !ruby/object:Gem::Version
22
- version: 0.8.0
22
+ version: 3.12.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - "~>"
28
28
  - !ruby/object:Gem::Version
29
- version: 0.8.0
30
- - !ruby/object:Gem::Dependency
31
- name: legacy-fernet
32
- requirement: !ruby/object:Gem::Requirement
33
- requirements:
34
- - - "~>"
35
- - !ruby/object:Gem::Version
36
- version: 1.6.3
37
- type: :runtime
38
- prerelease: false
39
- version_requirements: !ruby/object:Gem::Requirement
40
- requirements:
41
- - - "~>"
42
- - !ruby/object:Gem::Version
43
- version: 1.6.3
29
+ version: 3.12.0
44
30
  - !ruby/object:Gem::Dependency
45
31
  name: fernet
46
32
  requirement: !ruby/object:Gem::Requirement
@@ -61,14 +47,14 @@ dependencies:
61
47
  requirements:
62
48
  - - "~>"
63
49
  - !ruby/object:Gem::Version
64
- version: 3.0.2
50
+ version: 6.1.0
65
51
  type: :runtime
66
52
  prerelease: false
67
53
  version_requirements: !ruby/object:Gem::Requirement
68
54
  requirements:
69
55
  - - "~>"
70
56
  - !ruby/object:Gem::Version
71
- version: 3.0.2
57
+ version: 6.1.0
72
58
  - !ruby/object:Gem::Dependency
73
59
  name: rake
74
60
  requirement: !ruby/object:Gem::Requirement
@@ -89,14 +75,14 @@ dependencies:
89
75
  requirements:
90
76
  - - "~>"
91
77
  - !ruby/object:Gem::Version
92
- version: 3.1.0
78
+ version: 3.10.0
93
79
  type: :development
94
80
  prerelease: false
95
81
  version_requirements: !ruby/object:Gem::Requirement
96
82
  requirements:
97
83
  - - "~>"
98
84
  - !ruby/object:Gem::Version
99
- version: 3.1.0
85
+ version: 3.10.0
100
86
  - !ruby/object:Gem::Dependency
101
87
  name: test-unit
102
88
  requirement: !ruby/object:Gem::Requirement
@@ -117,16 +103,16 @@ dependencies:
117
103
  requirements:
118
104
  - - "~>"
119
105
  - !ruby/object:Gem::Version
120
- version: 1.19.0
106
+ version: 3.14.0
121
107
  type: :development
122
108
  prerelease: false
123
109
  version_requirements: !ruby/object:Gem::Requirement
124
110
  requirements:
125
111
  - - "~>"
126
112
  - !ruby/object:Gem::Version
127
- version: 1.19.0
113
+ version: 3.14.0
128
114
  - !ruby/object:Gem::Dependency
129
- name: pry-byebug
115
+ name: pry
130
116
  requirement: !ruby/object:Gem::Requirement
131
117
  requirements:
132
118
  - - ">="
@@ -160,7 +146,7 @@ files:
160
146
  homepage: http://github.com/heroku/relish
161
147
  licenses: []
162
148
  metadata: {}
163
- post_install_message:
149
+ post_install_message:
164
150
  rdoc_options: []
165
151
  require_paths:
166
152
  - lib
@@ -175,9 +161,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
175
161
  - !ruby/object:Gem::Version
176
162
  version: '0'
177
163
  requirements: []
178
- rubyforge_project:
179
- rubygems_version: 2.5.1
180
- signing_key:
164
+ rubygems_version: 3.2.22
165
+ signing_key:
181
166
  specification_version: 4
182
167
  summary: releases
183
168
  test_files: []