symmetric-encryption 4.0.0 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. checksums.yaml +5 -5
  2. data/Rakefile +2 -2
  3. data/bin/symmetric-encryption +1 -1
  4. data/lib/symmetric-encryption.rb +1 -1
  5. data/lib/symmetric_encryption.rb +2 -2
  6. data/lib/symmetric_encryption/cipher.rb +15 -18
  7. data/lib/symmetric_encryption/cli.rb +30 -36
  8. data/lib/symmetric_encryption/coerce.rb +3 -4
  9. data/lib/symmetric_encryption/config.rb +30 -34
  10. data/lib/symmetric_encryption/encoder.rb +0 -1
  11. data/lib/symmetric_encryption/exception.rb +0 -2
  12. data/lib/symmetric_encryption/extensions/active_record/base.rb +5 -2
  13. data/lib/symmetric_encryption/extensions/mongo_mapper/plugins/encrypted_key.rb +3 -5
  14. data/lib/symmetric_encryption/extensions/mongoid/encrypted.rb +0 -2
  15. data/lib/symmetric_encryption/generator.rb +3 -3
  16. data/lib/symmetric_encryption/header.rb +9 -4
  17. data/lib/symmetric_encryption/key.rb +3 -4
  18. data/lib/symmetric_encryption/keystore.rb +9 -9
  19. data/lib/symmetric_encryption/keystore/environment.rb +6 -7
  20. data/lib/symmetric_encryption/keystore/file.rb +5 -6
  21. data/lib/symmetric_encryption/keystore/memory.rb +2 -2
  22. data/lib/symmetric_encryption/railtie.rb +4 -7
  23. data/lib/symmetric_encryption/railties/symmetric_encryption_validator.rb +2 -1
  24. data/lib/symmetric_encryption/reader.rb +28 -39
  25. data/lib/symmetric_encryption/symmetric_encryption.rb +10 -8
  26. data/lib/symmetric_encryption/utils/re_encrypt_files.rb +5 -8
  27. data/lib/symmetric_encryption/version.rb +2 -2
  28. data/lib/symmetric_encryption/writer.rb +12 -17
  29. data/test/active_record_test.rb +237 -200
  30. data/test/cipher_test.rb +12 -6
  31. data/test/encoder_test.rb +1 -3
  32. data/test/header_test.rb +0 -4
  33. data/test/key_test.rb +0 -2
  34. data/test/keystore/environment_test.rb +10 -11
  35. data/test/keystore/file_test.rb +9 -10
  36. data/test/keystore_test.rb +2 -3
  37. data/test/mongoid_test.rb +37 -40
  38. data/test/reader_test.rb +24 -32
  39. data/test/symmetric_encryption_test.rb +17 -18
  40. data/test/test_db.sqlite3 +0 -0
  41. data/test/writer_test.rb +0 -1
  42. metadata +23 -23
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 1e1b5ae57f5d8cdffd7543b690a8dc1c56e3d3d2
4
- data.tar.gz: 8243a0f27600f82f27b098199292938b36c64f34
2
+ SHA256:
3
+ metadata.gz: a8b4f45cc7b6dca91b1eb5d8eb5df044485d0a484f93472ce38fee62559453e8
4
+ data.tar.gz: 973376b8363032b2a71aaf840a3012cf7485d7f6b16f2ea1ebf20f622eaf56f0
5
5
  SHA512:
6
- metadata.gz: 51199eae1a22f24db637e403b774ac501c9e5f10635cabde7fb65e42517dace89c6badbe7de2649c6fc9ea8fec4f0f7f9544892b288000c31aa3a73ef0908b12
7
- data.tar.gz: 8a912faebf87253678af05880029114dfe433edff0168207d200d9aefbffff9c3c1807d290904c1d1e22c9417ca0200849b77122bec26efc011dd82837753800
6
+ metadata.gz: ae3695e636ea98bcbfe489187e26244dee6116257afdf4383a234359c201974024d3180d1ea1851edbc1798343ce1ab862fea20691a01f8eb7993b58a7206921
7
+ data.tar.gz: cbe308f3287c77c32996551b8f4ace32fd803e123e32f906ed21d65bf6d3823b19ce5459623a445a4ffd4bb1b33a0377558ad6604e98d61ae17b206d4cef1892
data/Rakefile CHANGED
@@ -9,7 +9,7 @@ task :gem do
9
9
  system 'gem build symmetric-encryption.gemspec'
10
10
  end
11
11
 
12
- task :publish => :gem do
12
+ task publish: :gem do
13
13
  system "git tag -a v#{SymmetricEncryption::VERSION} -m 'Tagging #{SymmetricEncryption::VERSION}'"
14
14
  system 'git push --tags'
15
15
  system "gem push symmetric-encryption-#{SymmetricEncryption::VERSION}.gem"
@@ -23,7 +23,7 @@ Rake::TestTask.new(:test) do |t|
23
23
  end
24
24
 
25
25
  # By default run tests against all appraisals
26
- if !ENV["APPRAISAL_INITIALIZED"] && !ENV["TRAVIS"]
26
+ if !ENV['APPRAISAL_INITIALIZED'] && !ENV['TRAVIS']
27
27
  require 'appraisal'
28
28
  task default: :appraisal
29
29
  else
@@ -2,4 +2,4 @@
2
2
 
3
3
  require 'symmetric_encryption'
4
4
 
5
- SymmetricEncryption::CLI.run!(ARGV)
5
+ SymmetricEncryption::CLI.run!(ARGV)
@@ -1 +1 @@
1
- require 'symmetric_encryption'
1
+ require 'symmetric_encryption'
@@ -8,7 +8,7 @@ require 'symmetric_encryption/cipher'
8
8
  require 'symmetric_encryption/symmetric_encryption'
9
9
  require 'symmetric_encryption/exception'
10
10
 
11
- #@formatter:off
11
+ # @formatter:off
12
12
  module SymmetricEncryption
13
13
  autoload :Coerce, 'symmetric_encryption/coerce'
14
14
  autoload :Config, 'symmetric_encryption/config'
@@ -26,7 +26,7 @@ module SymmetricEncryption
26
26
  autoload :ReEncryptFiles, 'symmetric_encryption/utils/re_encrypt_files'
27
27
  end
28
28
  end
29
- #@formatter:on
29
+ # @formatter:on
30
30
 
31
31
  # Add support for other libraries only if they have already been loaded
32
32
  require 'symmetric_encryption/railtie' if defined?(Rails)
@@ -13,10 +13,10 @@ module SymmetricEncryption
13
13
 
14
14
  # Returns [Cipher] from a cipher config instance.
15
15
  def self.from_config(cipher_name: 'aes-256-cbc',
16
- version: 0,
17
- always_add_header: true,
18
- encoding: :base64strict,
19
- **config)
16
+ version: 0,
17
+ always_add_header: true,
18
+ encoding: :base64strict,
19
+ **config)
20
20
 
21
21
  Key.migrate_config!(config)
22
22
  key = Key.from_config(cipher_name: cipher_name, **config)
@@ -84,7 +84,7 @@ module SymmetricEncryption
84
84
  @version = version.to_i
85
85
  @always_add_header = always_add_header
86
86
 
87
- raise(ArgumentError, "Cipher version has a valid range of 0 to 255. #{@version} is too high, or negative") if (@version > 255) || (@version < 0)
87
+ raise(ArgumentError, "Cipher version has a valid range of 0 to 255. #{@version} is too high, or negative") if (@version > 255) || @version.negative?
88
88
  end
89
89
 
90
90
  # Change the encoding
@@ -136,7 +136,7 @@ module SymmetricEncryption
136
136
  str = str.to_s
137
137
  return str if str.empty?
138
138
  encrypted = binary_encrypt(str, random_iv: random_iv, compress: compress, header: header)
139
- self.encode(encrypted)
139
+ encode(encrypted)
140
140
  end
141
141
 
142
142
  # Decode and Decrypt string
@@ -157,16 +157,14 @@ module SymmetricEncryption
157
157
  # is thread-safe and can be called concurrently by multiple threads with
158
158
  # the same instance of Cipher
159
159
  def decrypt(str)
160
- decoded = self.decode(str)
160
+ decoded = decode(str)
161
161
  return unless decoded
162
162
 
163
163
  return decoded if decoded.empty?
164
164
  decrypted = binary_decrypt(decoded)
165
165
 
166
166
  # Try to force result to UTF-8 encoding, but if it is not valid, force it back to Binary
167
- unless decrypted.force_encoding(SymmetricEncryption::UTF8_ENCODING).valid_encoding?
168
- decrypted.force_encoding(SymmetricEncryption::BINARY_ENCODING)
169
- end
167
+ decrypted.force_encoding(SymmetricEncryption::BINARY_ENCODING) unless decrypted.force_encoding(SymmetricEncryption::UTF8_ENCODING).valid_encoding?
170
168
 
171
169
  decrypted
172
170
  end
@@ -249,7 +247,7 @@ module SymmetricEncryption
249
247
  return string if string.empty?
250
248
 
251
249
  # Header required when adding a random_iv or compressing
252
- header = Header.new(version: version, compress: compress) if (header == true) || random_iv || compress
250
+ header = Header.new(version: version, compress: compress) if header || random_iv || compress
253
251
 
254
252
  # Creates a new OpenSSL::Cipher with every call so that this call is thread-safe.
255
253
  openssl_cipher = ::OpenSSL::Cipher.new(cipher_name)
@@ -260,8 +258,8 @@ module SymmetricEncryption
260
258
  if header
261
259
  if random_iv
262
260
  openssl_cipher.iv = header.iv = openssl_cipher.random_iv
263
- elsif self.iv
264
- openssl_cipher.iv = self.iv
261
+ elsif iv
262
+ openssl_cipher.iv = iv
265
263
  end
266
264
  header.to_s + openssl_cipher.update(compress ? Zlib::Deflate.deflate(string) : string)
267
265
  else
@@ -307,12 +305,12 @@ module SymmetricEncryption
307
305
  return str if str.empty?
308
306
 
309
307
  offset = header.parse(str)
310
- data = offset > 0 ? str[offset..-1] : str
308
+ data = offset.positive? ? str[offset..-1] : str
311
309
 
312
310
  openssl_cipher = ::OpenSSL::Cipher.new(header.cipher_name || cipher_name)
313
311
  openssl_cipher.decrypt
314
312
  openssl_cipher.key = header.key || @key
315
- if iv = (header.iv || @iv)
313
+ if (iv = header.iv || @iv)
316
314
  openssl_cipher.iv = iv
317
315
  end
318
316
  result = openssl_cipher.update(data)
@@ -322,12 +320,12 @@ module SymmetricEncryption
322
320
 
323
321
  # Returns the magic header after applying the encoding in this cipher
324
322
  def encoded_magic_header
325
- @encoded_magic_header ||= encoder.encode(SymmetricEncryption::Header::MAGIC_HEADER).gsub('=', '').strip
323
+ @encoded_magic_header ||= encoder.encode(SymmetricEncryption::Header::MAGIC_HEADER).delete('=').strip
326
324
  end
327
325
 
328
326
  # Returns [String] object represented as a string, filtering out the key
329
327
  def inspect
330
- "#<#{self.class}:0x#{self.__id__.to_s(16)} @key=\"[FILTERED]\" @iv=#{iv.inspect} @cipher_name=#{cipher_name.inspect}, @version=#{version.inspect}, @encoding=#{encoding.inspect}, @always_add_header=#{always_add_header.inspect}>"
328
+ "#<#{self.class}:0x#{__id__.to_s(16)} @key=\"[FILTERED]\" @iv=#{iv.inspect} @cipher_name=#{cipher_name.inspect}, @version=#{version.inspect}, @encoding=#{encoding.inspect}, @always_add_header=#{always_add_header.inspect}>"
331
329
  end
332
330
 
333
331
  # DEPRECATED
@@ -350,6 +348,5 @@ module SymmetricEncryption
350
348
  private
351
349
 
352
350
  attr_reader :key
353
-
354
351
  end
355
352
  end
@@ -8,7 +8,7 @@ module SymmetricEncryption
8
8
  :environments, :cipher_name, :rolling_deploy, :rotate_keys, :rotate_kek, :prompt, :show_version,
9
9
  :cleanup_keys, :activate_key, :migrate
10
10
 
11
- KEYSTORES = [:heroku, :environment, :file]
11
+ KEYSTORES = %i[heroku environment file].freeze
12
12
 
13
13
  def self.run!(argv)
14
14
  new(argv).run!
@@ -16,7 +16,7 @@ module SymmetricEncryption
16
16
 
17
17
  def initialize(argv)
18
18
  @version = current_version
19
- @environment = ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
19
+ @environment = ENV['SYMMETRIC_ENCRYPTION_ENV'] || ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
20
20
  @config_file_path = File.expand_path(ENV['SYMMETRIC_ENCRYPTION_CONFIG'] || 'config/symmetric-encryption.yml')
21
21
  @app_name = 'symmetric-encryption'
22
22
  @key_path = '/etc/symmetric-encryption'
@@ -28,7 +28,7 @@ module SymmetricEncryption
28
28
 
29
29
  if argv.empty?
30
30
  puts parser
31
- exit -10
31
+ exit(-10)
32
32
  end
33
33
  parser.parse!(argv)
34
34
  end
@@ -71,17 +71,17 @@ module SymmetricEncryption
71
71
 
72
72
  def parser
73
73
  @parser ||= OptionParser.new do |opts|
74
- opts.banner = <<BANNER
75
- Symmetric Encryption v#{VERSION}
74
+ opts.banner = <<~BANNER
75
+ Symmetric Encryption v#{VERSION}
76
76
 
77
- For more information, see: https://rocketjob.github.io/symmetric-encryption/
77
+ For more information, see: https://rocketjob.github.io/symmetric-encryption/
78
78
 
79
- Note:
80
- It is recommended to backup the current configuration file, or place it in version control before running
81
- the configuration manipulation commands below.
79
+ Note:
80
+ It is recommended to backup the current configuration file, or place it in version control before running
81
+ the configuration manipulation commands below.
82
82
 
83
- symmetric-encryption [options]
84
- BANNER
83
+ symmetric-encryption [options]
84
+ BANNER
85
85
 
86
86
  opts.on '-e', '--encrypt [FILE_NAME]', 'Encrypt a file, or read from stdin if no file name is supplied.' do |file_name|
87
87
  @encrypt = file_name || STDIN
@@ -103,7 +103,7 @@ BANNER
103
103
  @compress = true
104
104
  end
105
105
 
106
- opts.on '-E', '--env ENVIRONMENT', "Environment to use in the config file. Default: RACK_ENV || RAILS_ENV || 'development'" do |environment|
106
+ opts.on '-E', '--env ENVIRONMENT', "Environment to use in the config file. Default: SYMMETRIC_ENCRYPTION_ENV || RACK_ENV || RAILS_ENV || 'development'" do |environment|
107
107
  @environment = environment
108
108
  end
109
109
 
@@ -116,7 +116,7 @@ BANNER
116
116
  end
117
117
 
118
118
  opts.on '-r', '--re-encrypt [PATTERN]', 'ReEncrypt all files matching the pattern. Default: "**/*.{yml,rb}"' do |pattern|
119
- @re_encrypt = pattern || "**/*.{yml,rb}"
119
+ @re_encrypt = pattern || '**/*.{yml,rb}'
120
120
  end
121
121
 
122
122
  opts.on '-n', '--new-password [SIZE]', 'Generate a new random password using only characters that are URL-safe base64. Default size is 22.' do |size|
@@ -139,11 +139,11 @@ BANNER
139
139
  @app_name = name
140
140
  end
141
141
 
142
- opts.on '-S', '--environments ENVIRONMENTS', "Comma separated list of environments for which to generate the config file. Default: development,test,release,production" do |environments|
142
+ opts.on '-S', '--environments ENVIRONMENTS', 'Comma separated list of environments for which to generate the config file. Default: development,test,release,production' do |environments|
143
143
  @environments = environments.split(',').collect(&:strip).collect(&:to_sym)
144
144
  end
145
145
 
146
- opts.on '-C', '--cipher-name NAME', "Name of the cipher to use when generating a new config file, or when rotating keys. Default: aes-256-cbc" do |name|
146
+ opts.on '-C', '--cipher-name NAME', 'Name of the cipher to use when generating a new config file, or when rotating keys. Default: aes-256-cbc' do |name|
147
147
  @cipher_name = name
148
148
  end
149
149
 
@@ -167,7 +167,7 @@ BANNER
167
167
  @cleanup_keys = true
168
168
  end
169
169
 
170
- opts.on '-V', '--key-version NUMBER', "Encryption key version to use when encrypting or re-encrypting. Default: (Current global version)." do |number|
170
+ opts.on '-V', '--key-version NUMBER', 'Encryption key version to use when encrypting or re-encrypting. Default: (Current global version).' do |number|
171
171
  @version = number.to_i
172
172
  end
173
173
 
@@ -185,7 +185,6 @@ BANNER
185
185
  puts opts
186
186
  exit
187
187
  end
188
-
189
188
  end
190
189
  end
191
190
 
@@ -199,8 +198,8 @@ BANNER
199
198
 
200
199
  def generate_new_config
201
200
  config_file_does_not_exist!
202
- self.environments ||= %i(development test release production)
203
- cfg =
201
+ self.environments ||= %i[development test release production]
202
+ cfg =
204
203
  if keystore == :file
205
204
  SymmetricEncryption::Keystore::File.new_config(
206
205
  key_path: key_path,
@@ -208,7 +207,7 @@ BANNER
208
207
  environments: environments,
209
208
  cipher_name: cipher_name
210
209
  )
211
- elsif [:heroku, :environment].include?(keystore)
210
+ elsif %i[heroku environment].include?(keystore)
212
211
  SymmetricEncryption::Keystore::Environment.new_config(
213
212
  app_name: app_name,
214
213
  environments: environments,
@@ -216,7 +215,7 @@ BANNER
216
215
  )
217
216
  else
218
217
  puts "Invalid keystore option: #{keystore}, must be one of #{KEYSTORES.join(', ')}"
219
- exit -3
218
+ exit(-3)
220
219
  end
221
220
  Config.write_file(config_file_path, cfg)
222
221
  puts "New configuration file created at: #{config_file_path}"
@@ -246,11 +245,10 @@ BANNER
246
245
  config = Config.read_file(config_file_path)
247
246
  config.each_pair do |env, cfg|
248
247
  next if environments && !environments.include?(env.to_sym)
249
- if ciphers = cfg[:ciphers]
250
- highest = ciphers.max_by { |i| i[:version] }
251
- ciphers.clear
252
- ciphers << highest
253
- end
248
+ next unless ciphers = cfg[:ciphers]
249
+ highest = ciphers.max_by { |i| i[:version] }
250
+ ciphers.clear
251
+ ciphers << highest
254
252
  end
255
253
 
256
254
  Config.write_file(config_file_path, config)
@@ -261,11 +259,10 @@ BANNER
261
259
  config = Config.read_file(config_file_path)
262
260
  config.each_pair do |env, cfg|
263
261
  next if environments && !environments.include?(env.to_sym)
264
- if ciphers = cfg[:ciphers]
265
- highest = ciphers.max_by { |i| i[:version] }
266
- ciphers.delete(highest)
267
- ciphers.unshift(highest)
268
- end
262
+ next unless ciphers = cfg[:ciphers]
263
+ highest = ciphers.max_by { |i| i[:version] }
264
+ ciphers.delete(highest)
265
+ ciphers.unshift(highest)
269
266
  end
270
267
 
271
268
  Config.write_file(config_file_path, config)
@@ -309,9 +306,7 @@ BANNER
309
306
  value1 = HighLine.new.ask('Enter the value to encrypt:') { |q| q.echo = '*' }
310
307
  value2 = HighLine.new.ask('Re-enter the value to encrypt:') { |q| q.echo = '*' }
311
308
 
312
- if value1 != value2
313
- puts('Values do not match, please try again')
314
- end
309
+ puts('Values do not match, please try again') if value1 != value2
315
310
  end
316
311
 
317
312
  encrypted = SymmetricEncryption.cipher(version).encrypt(value1, compress: compress)
@@ -336,8 +331,7 @@ BANNER
336
331
  def config_file_does_not_exist!
337
332
  return unless File.exist?(config_file_path)
338
333
  puts "\nConfiguration file already exists, please move or rename: #{config_file_path}\n\n"
339
- exit -1
334
+ exit(-1)
340
335
  end
341
-
342
336
  end
343
337
  end
@@ -9,7 +9,7 @@ module SymmetricEncryption
9
9
  datetime: DateTime,
10
10
  time: Time,
11
11
  date: Date
12
- }
12
+ }.freeze
13
13
 
14
14
  # Coerce given value into given type
15
15
  # Does not coerce json or yaml values
@@ -42,7 +42,7 @@ module SymmetricEncryption
42
42
  when :yaml
43
43
  YAML.load(value)
44
44
  else
45
- self.coerce(value, type, String)
45
+ coerce(value, type, String)
46
46
  end
47
47
  end
48
48
 
@@ -60,7 +60,7 @@ module SymmetricEncryption
60
60
  when :yaml
61
61
  value.to_yaml
62
62
  else
63
- self.coerce(value, :string, coercion_type(type, value))
63
+ coerce(value, :string, coercion_type(type, value))
64
64
  end
65
65
  end
66
66
 
@@ -72,6 +72,5 @@ module SymmetricEncryption
72
72
  TYPE_MAP[symbol]
73
73
  end
74
74
  end
75
-
76
75
  end
77
76
  end
@@ -29,7 +29,7 @@ module SymmetricEncryption
29
29
  def self.read_file(file_name)
30
30
  config = YAML.load(ERB.new(File.new(file_name).read).result)
31
31
  config = deep_symbolize_keys(config)
32
- config.each_pair { |env, cfg| SymmetricEncryption::Config.send(:migrate_old_formats!, cfg) }
32
+ config.each_pair { |_env, cfg| SymmetricEncryption::Config.send(:migrate_old_formats!, cfg) }
33
33
  config
34
34
  end
35
35
 
@@ -50,14 +50,12 @@ module SymmetricEncryption
50
50
  #
51
51
  # See: `.load!` for parameters.
52
52
  def initialize(file_name: nil, env: nil)
53
- unless env
54
- env = defined?(Rails) ? Rails.env : ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
55
- end
53
+ env ||= defined?(Rails) ? Rails.env : ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
56
54
 
57
55
  unless file_name
58
56
  root = defined?(Rails) ? Rails.root : '.'
59
57
  file_name =
60
- if env_var = ENV['SYMMETRIC_ENCRYPTION_CONFIG']
58
+ if (env_var = ENV['SYMMETRIC_ENCRYPTION_CONFIG'])
61
59
  File.expand_path(env_var)
62
60
  else
63
61
  File.join(root, 'config', 'symmetric-encryption.yml')
@@ -73,11 +71,12 @@ module SymmetricEncryption
73
71
  def config
74
72
  @config ||= begin
75
73
  raise(ConfigError, "Cannot find config file: #{file_name}") unless File.exist?(file_name)
76
- unless env_config = YAML.load(ERB.new(File.new(file_name).read).result)[env]
77
- raise(ConfigError, "Cannot find environment: #{env} in config file: #{file_name}")
78
- end
79
- env_config = self.class.deep_symbolize_keys(env_config)
80
- self.class.migrate_old_formats!(env_config)
74
+
75
+ env_config = YAML.load(ERB.new(File.new(file_name).read).result)[env]
76
+ raise(ConfigError, "Cannot find environment: #{env} in config file: #{file_name}") unless env_config
77
+
78
+ env_config = self.class.send(:deep_symbolize_keys, env_config)
79
+ self.class.send(:migrate_old_formats!, env_config)
81
80
  end
82
81
  end
83
82
 
@@ -86,49 +85,49 @@ module SymmetricEncryption
86
85
  @ciphers ||= config[:ciphers].collect { |cipher_config| Cipher.from_config(cipher_config) }
87
86
  end
88
87
 
89
- private
90
-
91
88
  # Iterate through the Hash symbolizing all keys.
92
- def self.deep_symbolize_keys(x)
93
- case x
89
+ def self.deep_symbolize_keys(object)
90
+ case object
94
91
  when Hash
95
92
  result = {}
96
- x.each_pair do |key, value|
93
+ object.each_pair do |key, value|
97
94
  key = key.to_sym if key.is_a?(String)
98
95
  result[key] = deep_symbolize_keys(value)
99
96
  end
100
97
  result
101
98
  when Array
102
- x.collect { |i| deep_symbolize_keys(i) }
99
+ object.collect { |i| deep_symbolize_keys(i) }
103
100
  else
104
- x
101
+ object
105
102
  end
106
103
  end
104
+ private_class_method :deep_symbolize_keys
107
105
 
108
106
  # Iterate through the Hash symbolizing all keys.
109
- def self.deep_stringify_keys(x)
110
- case x
107
+ def self.deep_stringify_keys(object)
108
+ case object
111
109
  when Hash
112
110
  result = {}
113
- x.each_pair do |key, value|
111
+ object.each_pair do |key, value|
114
112
  key = key.to_s if key.is_a?(Symbol)
115
113
  result[key] = deep_stringify_keys(value)
116
114
  end
117
115
  result
118
116
  when Array
119
- x.collect { |i| deep_stringify_keys(i) }
117
+ object.collect { |i| deep_stringify_keys(i) }
120
118
  else
121
- x
119
+ object
122
120
  end
123
121
  end
122
+ private_class_method :deep_stringify_keys
124
123
 
125
124
  # Migrate old configuration format for this environment
126
125
  def self.migrate_old_formats!(config)
127
126
  # Inline single cipher before :ciphers
128
- unless config.has_key?(:ciphers)
129
- cipher = {}
130
- config.keys.each { |key| cipher[key] = config.delete(key) }
131
- config[:ciphers] = [cipher]
127
+ unless config.key?(:ciphers)
128
+ inline_cipher = {}
129
+ config.keys.each { |key| inline_cipher[key] = config.delete(key) }
130
+ config[:ciphers] = [inline_cipher]
132
131
  end
133
132
 
134
133
  # Copy Old :private_rsa_key into each ciphers config
@@ -140,26 +139,23 @@ module SymmetricEncryption
140
139
 
141
140
  # Old :cipher_name
142
141
  config[:ciphers].each do |cipher|
143
- if old_key_name_cipher = cipher.delete(:cipher)
142
+ if (old_key_name_cipher = cipher.delete(:cipher))
144
143
  cipher[:cipher_name] = old_key_name_cipher
145
144
  end
146
145
 
147
146
  # Only temporarily used during v4 Beta process
148
- if cipher[:key_encrypting_key].is_a?(String)
149
- cipher[:private_rsa_key] = cipher.delete(:key_encrypting_key)
150
- end
147
+ cipher[:private_rsa_key] = cipher.delete(:key_encrypting_key) if cipher[:key_encrypting_key].is_a?(String)
151
148
 
152
149
  # Check for a prior env var in encrypted key
153
150
  # Example:
154
151
  # encrypted_key: <%= ENV['VAR'] %>
155
- if cipher.has_key?(:encrypted_key) && cipher[:encrypted_key].nil?
152
+ if cipher.key?(:encrypted_key) && cipher[:encrypted_key].nil?
156
153
  cipher[:key_env_var] = :placeholder
157
- puts "WARNING: :encrypted_key resolved to nil. Please see the migrated config file for the new option :key_env_var."
154
+ puts 'WARNING: :encrypted_key resolved to nil. Please see the migrated config file for the new option :key_env_var.'
158
155
  end
159
-
160
156
  end
161
157
  config
162
158
  end
163
-
159
+ private_class_method :migrate_old_formats!
164
160
  end
165
161
  end