Explicitely pass only 32 bytes of key to encryptor (Ruby 2.4 compat)

Closes #19
janlelis · Feb 6, 2017 · 9cc728a · 9cc728a
1 parent a32a4c5
commit 9cc728a
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+== 1.0.7
+* Ruby 2.4 compat (explicitely only pass 32 bytes of the encryption key)
+
 == 1.0.6
 * Ruby 2.2 compat (remove digest/hmac)
 

diff --git a/lib/pws/format/0.9.rb b/lib/pws/format/0.9.rb
@@ -21,7 +21,7 @@ def decrypt(saved_data, options = {})
           iv, encrypted_data = saved_data.unpack('a16 a*')
           PWS::Encryptor.decrypt(
             encrypted_data,
-            key: sha(options[:password]),
+            key: sha(options[:password])[0...32],
             iv:   iv,
           )
         end

diff --git a/lib/pws/format/1.0.rb b/lib/pws/format/1.0.rb
@@ -41,7 +41,7 @@ def encrypt(unencrypted_data, options = {})
 
           encrypted_data = Encryptor.encrypt(
             unencrypted_data,
-            key: encryption_key,
+            key: encryption_key[0...32],
             iv:  iv,
           )
 
@@ -90,7 +90,7 @@ def decrypt(saved_data, options = {})
           begin
             unencrypted_data = Encryptor.decrypt(
               encrypted_data,
-              key: encryption_key,
+              key: encryption_key[0...32],
               iv:  iv,
             )
           rescue OpenSSL::Cipher::CipherError