symmetric-encryption 4.2.1 → 4.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (36) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +5 -7
  3. data/Rakefile +9 -9
  4. data/bin/symmetric-encryption +1 -1
  5. data/lib/symmetric-encryption.rb +1 -1
  6. data/lib/symmetric_encryption/{railties → active_record}/attr_encrypted.rb +16 -5
  7. data/lib/symmetric_encryption/active_record/encrypted_attribute.rb +37 -0
  8. data/lib/symmetric_encryption/cipher.rb +20 -14
  9. data/lib/symmetric_encryption/cli.rb +72 -54
  10. data/lib/symmetric_encryption/coerce.rb +3 -3
  11. data/lib/symmetric_encryption/config.rb +28 -27
  12. data/lib/symmetric_encryption/core.rb +25 -20
  13. data/lib/symmetric_encryption/encoder.rb +26 -8
  14. data/lib/symmetric_encryption/generator.rb +7 -3
  15. data/lib/symmetric_encryption/header.rb +24 -24
  16. data/lib/symmetric_encryption/key.rb +1 -1
  17. data/lib/symmetric_encryption/keystore/aws.rb +10 -13
  18. data/lib/symmetric_encryption/keystore/environment.rb +5 -5
  19. data/lib/symmetric_encryption/keystore/file.rb +27 -9
  20. data/lib/symmetric_encryption/keystore/gcp.rb +21 -18
  21. data/lib/symmetric_encryption/keystore/heroku.rb +1 -1
  22. data/lib/symmetric_encryption/keystore/memory.rb +3 -3
  23. data/lib/symmetric_encryption/keystore.rb +23 -23
  24. data/lib/symmetric_encryption/railtie.rb +12 -11
  25. data/lib/symmetric_encryption/railties/mongoid_encrypted.rb +5 -4
  26. data/lib/symmetric_encryption/railties/symmetric_encryption_validator.rb +1 -1
  27. data/lib/symmetric_encryption/reader.rb +13 -13
  28. data/lib/symmetric_encryption/rsa_key.rb +1 -1
  29. data/lib/symmetric_encryption/symmetric_encryption.rb +56 -36
  30. data/lib/symmetric_encryption/utils/aws.rb +8 -10
  31. data/lib/symmetric_encryption/utils/files.rb +3 -3
  32. data/lib/symmetric_encryption/utils/re_encrypt_files.rb +11 -11
  33. data/lib/symmetric_encryption/version.rb +1 -1
  34. data/lib/symmetric_encryption/writer.rb +20 -13
  35. data/lib/symmetric_encryption.rb +13 -9
  36. metadata +10 -10
data/lib/symmetric_encryption/utils/re_encrypt_files.rb CHANGED
@@ -55,26 +55,26 @@ module SymmetricEncryption
55
55
  lines = File.read(file_name)
56
56
  hits, output_lines = re_encrypt_lines(lines)
57
57
 
58
- File.open(file_name, 'wb') { |file| file.write(output_lines) } if hits.positive?
58
+ File.open(file_name, "wb") { |file| file.write(output_lines) } if hits.positive?
59
59
  hits
60
60
  end
61
61
 
62
62
  # Replaces instances of encrypted data within lines of text with re-encrypted values
63
63
  def re_encrypt_lines(lines)
64
64
  hits = 0
65
- output_lines = ''
65
+ output_lines = ""
66
66
  r = regexp
67
67
  lines.each_line do |line|
68
68
  line.force_encoding(SymmetricEncryption::UTF8_ENCODING)
69
69
  output_lines <<
70
70
  if line.valid_encoding? && (result = line.match(r))
71
- encrypted = result[0]
72
- new_value = re_encrypt(encrypted)
73
- if new_value != encrypted
71
+ encrypted = result[0]
72
+ new_value = re_encrypt(encrypted)
73
+ if new_value == encrypted
74
+ line
75
+ else
74
76
  hits += 1
75
77
  line.gsub(encrypted, new_value)
76
- else
77
- line
78
78
  end
79
79
  else
80
80
  line
@@ -117,8 +117,8 @@ module SymmetricEncryption
117
117
  begin
118
118
  count = re_encrypt_contents(file_name)
119
119
  puts "Re-encrypted #{count} encrypted value(s) in: #{file_name}" if count.positive?
120
- rescue StandardError => exc
121
- puts "Failed re-encrypting the file contents of: #{file_name}. #{exc.class.name}: #{exc.message}"
120
+ rescue StandardError => e
121
+ puts "Failed re-encrypting the file contents of: #{file_name}. #{e.class.name}: #{e.message}"
122
122
  end
123
123
  end
124
124
  end
@@ -127,13 +127,13 @@ module SymmetricEncryption
127
127
  private
128
128
 
129
129
  def regexp
130
- @regexp ||= /#{SymmetricEncryption.cipher.encoded_magic_header}([A-Za-z0-9+\/]+[=\\n]*)/
130
+ @regexp ||= %r{#{SymmetricEncryption.cipher.encoded_magic_header}([A-Za-z0-9+/]+[=\\n]*)}
131
131
  end
132
132
 
133
133
  # Returns [Integer] encrypted file key version.
134
134
  # Returns [nil] if the file is not encrypted or does not have a header.
135
135
  def encrypted_file_version(file_name)
136
- ::File.open(file_name, 'rb') do |file|
136
+ ::File.open(file_name, "rb") do |file|
137
137
  reader = SymmetricEncryption::Reader.new(file)
138
138
  reader.version if reader.header_present?
139
139
  end
data/lib/symmetric_encryption/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SymmetricEncryption
2
- VERSION = '4.2.1'.freeze
2
+ VERSION = "4.4.0".freeze
3
3
  end
data/lib/symmetric_encryption/writer.rb CHANGED
@@ -1,4 +1,4 @@
1
- require 'openssl'
1
+ require "openssl"
2
2
 
3
3
  module SymmetricEncryption
4
4
  # Write to encrypted files and other IO streams.
@@ -49,10 +49,10 @@ module SymmetricEncryption
49
49
  # end
50
50
  def self.open(file_name_or_stream, compress: nil, **args)
51
51
  if file_name_or_stream.is_a?(String)
52
- file_name_or_stream = ::File.open(file_name_or_stream, 'wb')
52
+ file_name_or_stream = ::File.open(file_name_or_stream, "wb")
53
53
  compress = !(/\.(zip|gz|gzip|xls.|)\z/i === file_name_or_stream) if compress.nil?
54
- else
55
- compress = true if compress.nil?
54
+ elsif compress.nil?
55
+ compress = true
56
56
  end
57
57
 
58
58
  begin
@@ -97,15 +97,22 @@ module SymmetricEncryption
97
97
  def initialize(ios, version: nil, cipher_name: nil, header: true, random_key: true, random_iv: true, compress: false)
98
98
  # Compress is only used at this point for setting the flag in the header
99
99
  @ios = ios
100
- raise(ArgumentError, 'When :random_key is true, :random_iv must also be true') if random_key && !random_iv
101
- raise(ArgumentError, 'Cannot supply a :cipher_name unless both :random_key and :random_iv are true') if cipher_name && !random_key && !random_iv
100
+ raise(ArgumentError, "When :random_key is true, :random_iv must also be true") if random_key && !random_iv
101
+ if cipher_name && !random_key && !random_iv
102
+ raise(ArgumentError, "Cannot supply a :cipher_name unless both :random_key and :random_iv are true")
103
+ end
102
104
 
103
105
  # Cipher to encrypt the random_key, or the entire file
104
106
  cipher = SymmetricEncryption.cipher(version)
105
- raise(SymmetricEncryption::CipherError, "Cipher with version:#{version} not found in any of the configured SymmetricEncryption ciphers") unless cipher
107
+ unless cipher
108
+ raise(SymmetricEncryption::CipherError,
109
+ "Cipher with version:#{version} not found in any of the configured SymmetricEncryption ciphers")
110
+ end
106
111
 
107
112
  # Force header if compressed or using random iv, key
108
- header = Header.new(version: cipher.version, compress: compress, cipher_name: cipher_name) if (header == true) || compress || random_key || random_iv
113
+ if (header == true) || compress || random_key || random_iv
114
+ header = Header.new(version: cipher.version, compress: compress, cipher_name: cipher_name)
115
+ end
109
116
 
110
117
  @stream_cipher = ::OpenSSL::Cipher.new(cipher_name || cipher.cipher_name)
111
118
  @stream_cipher.encrypt
@@ -158,8 +165,8 @@ module SymmetricEncryption
158
165
  def write(data)
159
166
  return unless data
160
167
 
161
- bytes = data.to_s
162
- @size += bytes.size
168
+ bytes = data.to_s
169
+ @size += bytes.size
163
170
  partial = @stream_cipher.update(bytes)
164
171
  @ios.write(partial) unless partial.empty?
165
172
  data.length
@@ -168,9 +175,9 @@ module SymmetricEncryption
168
175
  def write(data)
169
176
  return unless data
170
177
 
171
- bytes = data.to_s
172
- @size += bytes.size
173
- partial = @stream_cipher.update(bytes, @cipher_buffer ||= ''.b)
178
+ bytes = data.to_s
179
+ @size += bytes.size
180
+ partial = @stream_cipher.update(bytes, @cipher_buffer ||= "".b)
174
181
  @ios.write(partial) unless partial.empty?
175
182
  data.length
176
183
  end
data/lib/symmetric_encryption.rb CHANGED
@@ -1,24 +1,28 @@
1
- require 'symmetric_encryption/core'
1
+ require "symmetric_encryption/core"
2
2
 
3
3
  # Add extensions. Gems are no longer order dependent.
4
4
  begin
5
- require 'rails'
6
- require 'symmetric_encryption/railtie'
5
+ require "rails"
6
+ require "symmetric_encryption/railtie"
7
7
  rescue LoadError
8
8
  end
9
9
 
10
10
  begin
11
- require 'active_support'
11
+ require "active_support"
12
12
  ActiveSupport.on_load(:active_record) do
13
- require 'symmetric_encryption/railties/attr_encrypted'
14
- require 'symmetric_encryption/railties/symmetric_encryption_validator'
13
+ require "symmetric_encryption/active_record/attr_encrypted"
14
+ require "symmetric_encryption/railties/symmetric_encryption_validator"
15
15
 
16
- ActiveRecord::Base.include(SymmetricEncryption::Railties::AttrEncrypted)
16
+ if ActiveRecord.version >= Gem::Version.new("5.0.0")
17
+ ActiveRecord::Type.register(:encrypted, SymmetricEncryption::ActiveRecord::EncryptedAttribute)
18
+ end
19
+
20
+ ActiveRecord::Base.include(SymmetricEncryption::ActiveRecord::AttrEncrypted)
17
21
  end
18
22
 
19
23
  ActiveSupport.on_load(:mongoid) do
20
- require 'symmetric_encryption/railties/mongoid_encrypted'
21
- require 'symmetric_encryption/railties/symmetric_encryption_validator'
24
+ require "symmetric_encryption/railties/mongoid_encrypted"
25
+ require "symmetric_encryption/railties/symmetric_encryption_validator"
22
26
  end
23
27
  rescue LoadError
24
28
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: symmetric-encryption
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.2.1
4
+ version: 4.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Reid Morrison
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-04-04 00:00:00.000000000 Z
11
+ date: 2021-10-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: coercible
@@ -24,9 +24,8 @@ dependencies:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: '1.0'
27
- description:
27
+ description:
28
28
  email:
29
- - reidmo@gmail.com
30
29
  executables:
31
30
  - symmetric-encryption
32
31
  extensions: []
@@ -38,6 +37,8 @@ files:
38
37
  - bin/symmetric-encryption
39
38
  - lib/symmetric-encryption.rb
40
39
  - lib/symmetric_encryption.rb
40
+ - lib/symmetric_encryption/active_record/attr_encrypted.rb
41
+ - lib/symmetric_encryption/active_record/encrypted_attribute.rb
41
42
  - lib/symmetric_encryption/cipher.rb
42
43
  - lib/symmetric_encryption/cli.rb
43
44
  - lib/symmetric_encryption/coerce.rb
@@ -56,7 +57,6 @@ files:
56
57
  - lib/symmetric_encryption/keystore/heroku.rb
57
58
  - lib/symmetric_encryption/keystore/memory.rb
58
59
  - lib/symmetric_encryption/railtie.rb
59
- - lib/symmetric_encryption/railties/attr_encrypted.rb
60
60
  - lib/symmetric_encryption/railties/mongoid_encrypted.rb
61
61
  - lib/symmetric_encryption/railties/symmetric_encryption_validator.rb
62
62
  - lib/symmetric_encryption/reader.rb
@@ -67,11 +67,11 @@ files:
67
67
  - lib/symmetric_encryption/utils/re_encrypt_files.rb
68
68
  - lib/symmetric_encryption/version.rb
69
69
  - lib/symmetric_encryption/writer.rb
70
- homepage: http://rocketjob.github.io/symmetric-encryption/
70
+ homepage: https://encryption.rocketjob.io
71
71
  licenses:
72
72
  - Apache-2.0
73
73
  metadata: {}
74
- post_install_message:
74
+ post_install_message:
75
75
  rdoc_options: []
76
76
  require_paths:
77
77
  - lib
@@ -86,8 +86,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
86
86
  - !ruby/object:Gem::Version
87
87
  version: '0'
88
88
  requirements: []
89
- rubygems_version: 3.0.2
90
- signing_key:
89
+ rubygems_version: 3.2.22
90
+ signing_key:
91
91
  specification_version: 4
92
92
  summary: Encrypt ActiveRecord and Mongoid attributes, files and passwords in configuration
93
93
  files.