symmetric-encryption 3.9.1 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +72 -0
- data/bin/symmetric-encryption +5 -0
- data/lib/symmetric_encryption/cipher.rb +162 -419
- data/lib/symmetric_encryption/cli.rb +343 -0
- data/lib/symmetric_encryption/coerce.rb +5 -20
- data/lib/symmetric_encryption/config.rb +128 -50
- data/lib/symmetric_encryption/extensions/mongo_mapper/plugins/encrypted_key.rb +2 -2
- data/lib/symmetric_encryption/generator.rb +3 -2
- data/lib/symmetric_encryption/header.rb +260 -0
- data/lib/symmetric_encryption/key.rb +106 -0
- data/lib/symmetric_encryption/keystore/environment.rb +90 -0
- data/lib/symmetric_encryption/keystore/file.rb +102 -0
- data/lib/symmetric_encryption/keystore/memory.rb +53 -0
- data/lib/symmetric_encryption/keystore.rb +126 -0
- data/lib/symmetric_encryption/railtie.rb +5 -7
- data/lib/symmetric_encryption/reader.rb +74 -55
- data/lib/symmetric_encryption/rsa_key.rb +24 -0
- data/lib/symmetric_encryption/symmetric_encryption.rb +64 -102
- data/lib/symmetric_encryption/utils/re_encrypt_files.rb +141 -0
- data/lib/symmetric_encryption/version.rb +1 -1
- data/lib/symmetric_encryption/writer.rb +104 -117
- data/lib/symmetric_encryption.rb +9 -4
- data/test/active_record_test.rb +61 -40
- data/test/cipher_test.rb +179 -236
- data/test/config/symmetric-encryption.yml +140 -82
- data/test/header_test.rb +218 -0
- data/test/key_test.rb +240 -0
- data/test/keystore/environment_test.rb +119 -0
- data/test/keystore/file_test.rb +125 -0
- data/test/keystore_test.rb +59 -0
- data/test/mongoid_test.rb +13 -13
- data/test/reader_test.rb +52 -53
- data/test/symmetric_encryption_test.rb +50 -135
- data/test/test_db.sqlite3 +0 -0
- data/test/writer_test.rb +52 -31
- metadata +24 -12
- data/examples/symmetric-encryption.yml +0 -108
- data/lib/rails/generators/symmetric_encryption/config/config_generator.rb +0 -22
- data/lib/rails/generators/symmetric_encryption/config/templates/symmetric-encryption.yml +0 -50
- data/lib/rails/generators/symmetric_encryption/heroku_config/heroku_config_generator.rb +0 -20
- data/lib/rails/generators/symmetric_encryption/heroku_config/templates/symmetric-encryption.yml +0 -78
- data/lib/rails/generators/symmetric_encryption/new_keys/new_keys_generator.rb +0 -14
- data/lib/symmetric_encryption/key_encryption_key.rb +0 -32
- data/lib/symmetric_encryption/railties/symmetric_encryption.rake +0 -84
- data/lib/symmetric_encryption/utils/re_encrypt_config_files.rb +0 -82
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1e1b5ae57f5d8cdffd7543b690a8dc1c56e3d3d2
|
4
|
+
data.tar.gz: 8243a0f27600f82f27b098199292938b36c64f34
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 51199eae1a22f24db637e403b774ac501c9e5f10635cabde7fb65e42517dace89c6badbe7de2649c6fc9ea8fec4f0f7f9544892b288000c31aa3a73ef0908b12
|
7
|
+
data.tar.gz: 8a912faebf87253678af05880029114dfe433edff0168207d200d9aefbffff9c3c1807d290904c1d1e22c9417ca0200849b77122bec26efc011dd82837753800
|
data/README.md
CHANGED
@@ -36,6 +36,78 @@ Symmetric Encryption works with the following Ruby VMs:
|
|
36
36
|
- Ruby 2.1 and higher.
|
37
37
|
- JRuby 9.1 and higher.
|
38
38
|
|
39
|
+
## Upgrading to SymmetricEncryption V4
|
40
|
+
|
41
|
+
Version 4 of Symmetric Encryption has completely adopted the Ruby keyword arguments on most API's where
|
42
|
+
multiple arguments are being passed, or where a Hash was being used before.
|
43
|
+
|
44
|
+
The encrypt and decrypt API now require keyword arguments for any optional arguments.
|
45
|
+
|
46
|
+
The following does _not_ change:
|
47
|
+
|
48
|
+
~~~ruby
|
49
|
+
encrypted = SymmetricEncryption.encrypt('Hello World')
|
50
|
+
SymmetricEncryption.decrypt(encrypted)
|
51
|
+
~~~
|
52
|
+
|
53
|
+
The following is _not_ backward compatible:
|
54
|
+
~~~ruby
|
55
|
+
SymmetricEncryption.encrypt('Hello World', false, false, :date)
|
56
|
+
~~~
|
57
|
+
|
58
|
+
Needs to be changed to:
|
59
|
+
~~~ruby
|
60
|
+
SymmetricEncryption.encrypt('Hello World', random_iv: false, compress: false, type: :date)
|
61
|
+
~~~
|
62
|
+
|
63
|
+
Or, just to change the type:
|
64
|
+
~~~ruby
|
65
|
+
SymmetricEncryption.encrypt('Hello World', type: :date)
|
66
|
+
~~~
|
67
|
+
|
68
|
+
Similarly the `decrypt` api has also changed:
|
69
|
+
~~~ruby
|
70
|
+
SymmetricEncryption.decrypt(encrypted, 2, :date)
|
71
|
+
~~~
|
72
|
+
|
73
|
+
Needs to be changed to:
|
74
|
+
~~~ruby
|
75
|
+
SymmetricEncryption.decrypt(encrypted, version: 2, type: :string)
|
76
|
+
~~~
|
77
|
+
|
78
|
+
The Rake tasks have been replaced with a new command line interface for managing key configuration and generation.
|
79
|
+
For more info:
|
80
|
+
~~~
|
81
|
+
symmetric-encryption --help
|
82
|
+
~~~
|
83
|
+
|
84
|
+
#### Configuration changes
|
85
|
+
|
86
|
+
In Symmetric Encryption V4 the configuration file is now modified directly instead
|
87
|
+
of using templates. This change is necessary to allow the command line interface to
|
88
|
+
generate new keys and automatically update the configuration file.
|
89
|
+
|
90
|
+
Please backup your existing `symmetric-encryption.yml` prior to upgrading if it is not
|
91
|
+
already in a version control system. This is critical for configurations that have custom
|
92
|
+
code or for prior configurations targeting heroku.
|
93
|
+
|
94
|
+
In Symmetric Encryption V4 the defaults for `encoding` and `always_add_header` have changed.
|
95
|
+
If these values are not explicitly set in the `symmetric-encryption.yml` file, set them
|
96
|
+
prior to upgrading.
|
97
|
+
|
98
|
+
Prior defaults, set explicitly to these values if missing for all environments:
|
99
|
+
~~~yaml
|
100
|
+
encoding: :base64
|
101
|
+
always_add_header: false
|
102
|
+
~~~
|
103
|
+
|
104
|
+
New defaults are:
|
105
|
+
~~~yaml
|
106
|
+
encoding: :base64strict
|
107
|
+
always_add_header: true
|
108
|
+
~~~
|
109
|
+
|
110
|
+
|
39
111
|
## Upgrading to SymmetricEncryption V3
|
40
112
|
|
41
113
|
In version 3 of SymmetricEncryption, the following changes have been made that
|