symmetric-encryption 0.3.0 → 0.3.1

data/README.md

@@ -137,9 +137,8 @@ Create a configuration file in config/symmetric-encryption.yml per the following
     # can be placed directly in the source code.
     # And therefore no RSA private key is required
     development: &development_defaults
-      symmetric_key: 1234567890ABCDEF1234567890ABCDEF
-      symmetric_iv: 1234567890ABCDEF
-      encoding: base64
+      key: 1234567890ABCDEF1234567890ABCDEF
+      iv: 1234567890ABCDEF
       cipher: aes-128-cbc
 
     test:
@@ -182,40 +181,12 @@ Create a configuration file in config/symmetric-encryption.yml per the following
         -----END RSA PRIVATE KEY-----
 
       # List Symmetric Key files in the order of current / latest first
-      files:
+      ciphers:
         -
           # Filename containing Symmetric Encryption Key encrypted using the
           # RSA public key derived from the private key above
-          symmetric_key_filename: /etc/rails/.rails.key
-          symmetric_iv_filename: /etc/rails/.rails.iv
-
-          # By adding a version indicator all encrypted data will include
-          # an additional first Byte that includes this version number to
-          # assist with speeding up decryption when adding new encryption keys
-          # and to support old data decryption using older keys
-          #
-          # By not specifying a version, or setting it to 0 will disable version
-          # identification prior to decrypting data
-          # During decryption these Keys will be tried in the order listed in the
-          # configuration file starting with the first in the list
-          # Slower since a decryption attempt is made for every key until the
-          # correct key is located. However, all encrypted data does not require
-          # the 1 Byte version header prefix
-          #
-          # Default: 0
-          version: 0
-
-          # Set the way the encrypted data is encoded:
-          # base64
-          #   Encrypted data is returned in base64 encoding format
-          #   Symmetric::Encryption.decrypt will also base64 decode any data prior
-          #   to decrypting it
-          # binary
-          #   Encrypted data is returned as raw binary
-          #   Although smaller than base64 it cannot be stored in MySQL text columns
-          #   It can only be held in binary columns such as BINARY or BLOB
-          # Default: base64
-          encoding: base64
+          key_filename: /etc/rails/.rails.key
+          iv_filename: /etc/rails/.rails.iv
 
           # Encryption cipher
           #   Recommended values:
@@ -240,9 +211,9 @@ initialization vector.
 
 To generate the keys run the following Rake task in each environment:
 
-    RAILS_ENV=release rake symmetric_encryption:generate_symmetric_keys
+    RAILS_ENV=production rake symmetric_encryption:generate_symmetric_keys
 
-Replace 'release' as necessary for each environment.
+Replace 'production' as necessary for each environment.
 
 Make sure that the current user has read and write access to the folder listed
 in the configuration option symmetric_key_filename above.
@@ -284,7 +255,7 @@ Parameters:
 
 ## Supporting Multiple Encryption Keys
 
-According to the PCI Compliace documentation: "Cryptographic keys must be changed on an annual basis."
+According to the PCI Compliance documentation: "Cryptographic keys must be changed on an annual basis."
 
 During the transition period of moving from one encryption key to another
 symmetric-encryption supports multiple Symmetric Encryption keys. If decryption
@@ -308,9 +279,8 @@ Create a configuration file in config/symmetric-encryption.yml per the following
     # can be placed directly in the source code.
     # And therefore no RSA private key is required
     development: &development_defaults
-      symmetric_key: 1234567890ABCDEF1234567890ABCDEF
-      symmetric_iv: 1234567890ABCDEF
-      encoding: base64
+      key: 1234567890ABCDEF1234567890ABCDEF
+      iv: 1234567890ABCDEF
       cipher: aes-128-cbc
 
     test:
@@ -353,40 +323,12 @@ Create a configuration file in config/symmetric-encryption.yml per the following
         -----END RSA PRIVATE KEY-----
 
       # List Symmetric Key files in the order of current / latest first
-      files:
+      ciphers:
         -
           # Filename containing Symmetric Encryption Key encrypted using the
           # RSA public key derived from the private key above
-          symmetric_key_filename: /etc/rails/.rails.key
-          symmetric_iv_filename: /etc/rails/.rails.iv
-
-          # By adding a version indicator all encrypted data will include
-          # an additional first Byte that includes this version number to
-          # assist with speeding up decryption when adding new encryption keys
-          # and to support old data decryption using older keys
-          #
-          # By not specifying a version, or setting it to 0 will disable version
-          # identification prior to decrypting data
-          # During decryption these Keys will be tried in the order listed in the
-          # configuration file starting with the first in the list
-          # Slower since a decryption attempt is made for every key until the
-          # correct key is located. However, all encrypted data does not require
-          # the 1 Byte version header prefix
-          #
-          # Default: 0
-          version: 0
-
-          # Set the way the encrypted data is encoded:
-          # base64
-          #   Encrypted data is returned in base64 encoding format
-          #   Symmetric::Encryption.decrypt will also base64 decode any data prior
-          #   to decrypting it
-          # binary
-          #   Encrypted data is returned as raw binary
-          #   Although smaller than base64 it cannot be stored in MySQL text columns
-          #   It can only be held in binary columns such as BINARY or BLOB
-          # Default: base64
-          encoding: base64
+          key_filename: /etc/rails/.rails.key
+          iv_filename: /etc/rails/.rails.iv
 
           # Encryption cipher
           #   Recommended values:
@@ -399,7 +341,7 @@ Create a configuration file in config/symmetric-encryption.yml per the following
           #         Ruby 1.8.7 MRI Approximately 100,000 encryptions or decryptions per second
           #         JRuby 1.6.7 with Ruby 1.8.7 Approximately 22,000 encryptions or decryptions per second
           cipher: aes-256-cbc
-    
+
         -
           # OPTIONAL:
           #
@@ -407,10 +349,8 @@ Create a configuration file in config/symmetric-encryption.yml per the following
           #
           # Only used when old data still exists that requires old decryption keys
           # to be used
-          symmetric_key_filename: /etc/rails/.rails_old.key
-          symmetric_iv_filename: /etc/rails/.rails_old.iv
-          version:  0
-          encoding: base64
+          key_filename: /etc/rails/.rails_old.key
+          iv_filename: /etc/rails/.rails_old.iv
           cipher:   aes-256-cbc
 
 ## Possible Future Enhancements

data/examples/symmetric-encryption.yml

@@ -6,8 +6,8 @@
 # can be placed directly in the source code.
 # And therefore no RSA private key is required
 development: &development_defaults
-  symmetric_key: 1234567890ABCDEF1234567890ABCDEF
-  symmetric_iv:  1234567890ABCDEF
+  key: 1234567890ABCDEF1234567890ABCDEF
+  iv:  1234567890ABCDEF
   cipher:        aes-128-cbc
 
 test:
@@ -53,8 +53,8 @@ production:
   ciphers:
       # Filename containing Symmetric Encryption Key encrypted using the
       # RSA public key derived from the private key above
-    - symmetric_key_filename: /etc/rails/.rails.key
-      symmetric_iv_filename: /etc/rails/.rails.iv
+    - key_filename: /etc/rails/.rails.key
+      iv_filename: /etc/rails/.rails.iv
 
       # Encryption cipher
       #   Recommended values:
@@ -106,6 +106,6 @@ production:
       #
       # Only used when old data still exists that requires old decryption keys
       # to be used
-    - symmetric_key_filename: /etc/rails/.rails_old.key
-      symmetric_iv_filename:  /etc/rails/.rails_old.iv
+    - key_filename: /etc/rails/.rails_old.key
+      iv_filename:  /etc/rails/.rails_old.iv
       cipher:                 aes-256-cbc

data/lib/symmetric/encryption.rb

@@ -216,9 +216,9 @@ module Symmetric
 
       else
         # Migrate old format config
-        raise "Missing mandatory config parameter 'private_rsa_key'" unless cfg['private_rsa_key'] = config['private_rsa_key']
+        raise "Missing mandatory config parameter 'private_rsa_key'" unless cfg[:private_rsa_key] = config['private_rsa_key']
         cfg[:ciphers] = [ {
-            :cipher       => cipher['cipher'] || default_cipher,
+            :cipher       => default_cipher,
             :key_filename => config['symmetric_key_filename'],
             :iv_filename  => config['symmetric_iv_filename'],
           } ]

data/lib/symmetric/version.rb

@@ -1,4 +1,4 @@
 # encoding: utf-8
 module Symmetric #:nodoc
-  VERSION = "0.3.0"
+  VERSION = "0.3.1"
 end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 3
-  - 0
-  version: 0.3.0
+  - 1
+  version: 0.3.1
 platform: ruby
 authors: 
 - Reid Morrison
@@ -46,6 +46,7 @@ files:
 - nbproject/project.xml
 - Rakefile
 - README.md
+- symmetric-encryption-0.3.0.gem
 - test/attr_encrypted_test.rb
 - test/cipher_test.rb
 - test/config/database.yml