symmetric-encryption 4.3.1 → 4.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. checksums.yaml +4 -4
  2. data/Rakefile +9 -9
  3. data/bin/symmetric-encryption +1 -1
  4. data/lib/symmetric-encryption.rb +1 -1
  5. data/lib/symmetric_encryption.rb +9 -9
  6. data/lib/symmetric_encryption/active_record/attr_encrypted.rb +1 -1
  7. data/lib/symmetric_encryption/cipher.rb +14 -10
  8. data/lib/symmetric_encryption/cli.rb +51 -51
  9. data/lib/symmetric_encryption/coerce.rb +3 -3
  10. data/lib/symmetric_encryption/config.rb +27 -26
  11. data/lib/symmetric_encryption/core.rb +22 -22
  12. data/lib/symmetric_encryption/encoder.rb +8 -8
  13. data/lib/symmetric_encryption/generator.rb +7 -3
  14. data/lib/symmetric_encryption/header.rb +12 -12
  15. data/lib/symmetric_encryption/key.rb +1 -1
  16. data/lib/symmetric_encryption/keystore.rb +20 -20
  17. data/lib/symmetric_encryption/keystore/aws.rb +6 -6
  18. data/lib/symmetric_encryption/keystore/environment.rb +4 -4
  19. data/lib/symmetric_encryption/keystore/file.rb +17 -3
  20. data/lib/symmetric_encryption/keystore/gcp.rb +6 -6
  21. data/lib/symmetric_encryption/keystore/heroku.rb +1 -1
  22. data/lib/symmetric_encryption/keystore/memory.rb +1 -1
  23. data/lib/symmetric_encryption/railtie.rb +6 -6
  24. data/lib/symmetric_encryption/railties/mongoid_encrypted.rb +3 -3
  25. data/lib/symmetric_encryption/railties/symmetric_encryption_validator.rb +1 -1
  26. data/lib/symmetric_encryption/reader.rb +13 -13
  27. data/lib/symmetric_encryption/rsa_key.rb +1 -1
  28. data/lib/symmetric_encryption/symmetric_encryption.rb +23 -17
  29. data/lib/symmetric_encryption/utils/aws.rb +8 -8
  30. data/lib/symmetric_encryption/utils/files.rb +3 -3
  31. data/lib/symmetric_encryption/utils/re_encrypt_files.rb +5 -5
  32. data/lib/symmetric_encryption/version.rb +1 -1
  33. data/lib/symmetric_encryption/writer.rb +17 -11
  34. metadata +3 -3
@@ -6,7 +6,7 @@ module SymmetricEncryption
6
6
  attr_reader :file_name
7
7
 
8
8
  def read_file_and_decode(file_name)
9
- raise(SymmetricEncryption::ConfigError, 'file_name is mandatory for each key_file entry') unless file_name
9
+ raise(SymmetricEncryption::ConfigError, "file_name is mandatory for each key_file entry") unless file_name
10
10
 
11
11
  raise(SymmetricEncryption::ConfigError, "File #{file_name} could not be found") unless ::File.exist?(file_name)
12
12
 
@@ -31,12 +31,12 @@ module SymmetricEncryption
31
31
  key_path = ::File.dirname(file_name)
32
32
  ::FileUtils.mkdir_p(key_path) unless ::File.directory?(key_path)
33
33
  ::File.rename(file_name, "#{file_name}.#{Time.now.to_i}") if ::File.exist?(file_name)
34
- ::File.open(file_name, 'wb', 0o600) { |file| file.write(data) }
34
+ ::File.open(file_name, "wb", 0o600) { |file| file.write(data) }
35
35
  end
36
36
 
37
37
  # Read from the file, raising an exception if it is not found
38
38
  def read_from_file(file_name)
39
- ::File.open(file_name, 'rb', &:read)
39
+ ::File.open(file_name, "rb", &:read)
40
40
  rescue Errno::ENOENT
41
41
  raise(SymmetricEncryption::ConfigError, "Symmetric Encryption key file: '#{file_name}' not found or readable")
42
42
  end
@@ -55,21 +55,21 @@ module SymmetricEncryption
55
55
  lines = File.read(file_name)
56
56
  hits, output_lines = re_encrypt_lines(lines)
57
57
 
58
- File.open(file_name, 'wb') { |file| file.write(output_lines) } if hits.positive?
58
+ File.open(file_name, "wb") { |file| file.write(output_lines) } if hits.positive?
59
59
  hits
60
60
  end
61
61
 
62
62
  # Replaces instances of encrypted data within lines of text with re-encrypted values
63
63
  def re_encrypt_lines(lines)
64
64
  hits = 0
65
- output_lines = ''
65
+ output_lines = ""
66
66
  r = regexp
67
67
  lines.each_line do |line|
68
68
  line.force_encoding(SymmetricEncryption::UTF8_ENCODING)
69
69
  output_lines <<
70
70
  if line.valid_encoding? && (result = line.match(r))
71
- encrypted = result[0]
72
- new_value = re_encrypt(encrypted)
71
+ encrypted = result[0]
72
+ new_value = re_encrypt(encrypted)
73
73
  if new_value != encrypted
74
74
  hits += 1
75
75
  line.gsub(encrypted, new_value)
@@ -133,7 +133,7 @@ module SymmetricEncryption
133
133
  # Returns [Integer] encrypted file key version.
134
134
  # Returns [nil] if the file is not encrypted or does not have a header.
135
135
  def encrypted_file_version(file_name)
136
- ::File.open(file_name, 'rb') do |file|
136
+ ::File.open(file_name, "rb") do |file|
137
137
  reader = SymmetricEncryption::Reader.new(file)
138
138
  reader.version if reader.header_present?
139
139
  end
@@ -1,3 +1,3 @@
1
1
  module SymmetricEncryption
2
- VERSION = '4.3.1'.freeze
2
+ VERSION = "4.3.2".freeze
3
3
  end
@@ -1,4 +1,4 @@
1
- require 'openssl'
1
+ require "openssl"
2
2
 
3
3
  module SymmetricEncryption
4
4
  # Write to encrypted files and other IO streams.
@@ -49,7 +49,7 @@ module SymmetricEncryption
49
49
  # end
50
50
  def self.open(file_name_or_stream, compress: nil, **args)
51
51
  if file_name_or_stream.is_a?(String)
52
- file_name_or_stream = ::File.open(file_name_or_stream, 'wb')
52
+ file_name_or_stream = ::File.open(file_name_or_stream, "wb")
53
53
  compress = !(/\.(zip|gz|gzip|xls.|)\z/i === file_name_or_stream) if compress.nil?
54
54
  else
55
55
  compress = true if compress.nil?
@@ -97,15 +97,21 @@ module SymmetricEncryption
97
97
  def initialize(ios, version: nil, cipher_name: nil, header: true, random_key: true, random_iv: true, compress: false)
98
98
  # Compress is only used at this point for setting the flag in the header
99
99
  @ios = ios
100
- raise(ArgumentError, 'When :random_key is true, :random_iv must also be true') if random_key && !random_iv
101
- raise(ArgumentError, 'Cannot supply a :cipher_name unless both :random_key and :random_iv are true') if cipher_name && !random_key && !random_iv
100
+ raise(ArgumentError, "When :random_key is true, :random_iv must also be true") if random_key && !random_iv
101
+ if cipher_name && !random_key && !random_iv
102
+ raise(ArgumentError, "Cannot supply a :cipher_name unless both :random_key and :random_iv are true")
103
+ end
102
104
 
103
105
  # Cipher to encrypt the random_key, or the entire file
104
106
  cipher = SymmetricEncryption.cipher(version)
105
- raise(SymmetricEncryption::CipherError, "Cipher with version:#{version} not found in any of the configured SymmetricEncryption ciphers") unless cipher
107
+ unless cipher
108
+ raise(SymmetricEncryption::CipherError, "Cipher with version:#{version} not found in any of the configured SymmetricEncryption ciphers")
109
+ end
106
110
 
107
111
  # Force header if compressed or using random iv, key
108
- header = Header.new(version: cipher.version, compress: compress, cipher_name: cipher_name) if (header == true) || compress || random_key || random_iv
112
+ if (header == true) || compress || random_key || random_iv
113
+ header = Header.new(version: cipher.version, compress: compress, cipher_name: cipher_name)
114
+ end
109
115
 
110
116
  @stream_cipher = ::OpenSSL::Cipher.new(cipher_name || cipher.cipher_name)
111
117
  @stream_cipher.encrypt
@@ -158,8 +164,8 @@ module SymmetricEncryption
158
164
  def write(data)
159
165
  return unless data
160
166
 
161
- bytes = data.to_s
162
- @size += bytes.size
167
+ bytes = data.to_s
168
+ @size += bytes.size
163
169
  partial = @stream_cipher.update(bytes)
164
170
  @ios.write(partial) unless partial.empty?
165
171
  data.length
@@ -168,9 +174,9 @@ module SymmetricEncryption
168
174
  def write(data)
169
175
  return unless data
170
176
 
171
- bytes = data.to_s
172
- @size += bytes.size
173
- partial = @stream_cipher.update(bytes, @cipher_buffer ||= ''.b)
177
+ bytes = data.to_s
178
+ @size += bytes.size
179
+ partial = @stream_cipher.update(bytes, @cipher_buffer ||= "".b)
174
180
  @ios.write(partial) unless partial.empty?
175
181
  data.length
176
182
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: symmetric-encryption
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.3.1
4
+ version: 4.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Reid Morrison
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-10-10 00:00:00.000000000 Z
11
+ date: 2020-04-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: coercible
@@ -87,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
87
  - !ruby/object:Gem::Version
88
88
  version: '0'
89
89
  requirements: []
90
- rubygems_version: 3.0.3
90
+ rubygems_version: 3.1.2
91
91
  signing_key:
92
92
  specification_version: 4
93
93
  summary: Encrypt ActiveRecord and Mongoid attributes, files and passwords in configuration