lib/authlogic/crypto_providers/aes256.rb in authlogic-3.7.0 vs lib/authlogic/crypto_providers/aes256.rb in authlogic-3.8.0
- old
+ new
@@ -36,11 +36,30 @@
end
private
def aes
- raise ArgumentError.new("You must provide a key like #{name}.key = my_key before using the #{name}") if @key.blank?
- @aes ||= OpenSSL::Cipher::Cipher.new("AES-256-ECB")
+ if @key.blank?
+ raise ArgumentError.new(
+ "You must provide a key like #{name}.key = my_key before using the #{name}"
+ )
+ end
+
+ @aes ||= openssl_cipher_class.new("AES-256-ECB")
+ end
+
+ # `::OpenSSL::Cipher::Cipher` has been deprecated since at least 2014,
+ # in favor of `::OpenSSL::Cipher`, but a deprecation warning was not
+ # printed until 2016
+ # (https://github.com/ruby/openssl/commit/5c20a4c014) when openssl
+ # became a gem. Its first release as a gem was 2.0.0, in ruby 2.4.
+ # (See https://github.com/ruby/ruby/blob/v2_4_0/NEWS)
+ def openssl_cipher_class
+ if ::Gem::Version.new(::OpenSSL::VERSION) < ::Gem::Version.new("2.0.0")
+ ::OpenSSL::Cipher::Cipher
+ else
+ ::OpenSSL::Cipher
+ end
end
end
end
end
end