lib/lockbox/utils.rb in lockbox-0.4.9 vs lib/lockbox/utils.rb in lockbox-0.5.0

@@ -1,8 +1,9 @@
 module Lockbox
   class Utils
     def self.build_box(context, options, table, attribute)
+      # dup options (with except) since keys are sometimes changed or deleted
       options = options.except(:attribute, :encrypted_attribute, :migrating, :attached, :type)
       options[:encode] = false unless options.key?(:encode)
       options.each do |k, v|
         if v.respond_to?(:call)
           # context not present for pluck
@@ -24,13 +25,15 @@
             encode: false
           )
       end
 
       if options[:previous_versions].is_a?(Array)
-        options[:previous_versions] = options[:previous_versions].dup
+        # dup previous versions array (with map) since elements are updated
+        # dup each version (with dup) since keys are sometimes deleted
+        options[:previous_versions] = options[:previous_versions].map(&:dup)
         options[:previous_versions].each_with_index do |version, i|
-          if !(version[:key] || version[:encryption_key] || version[:decryption_key]) && version[:master_key]
+          if !(version[:key] || version[:encryption_key] || version[:decryption_key]) && (version[:master_key] || version[:key_table] || version[:key_attribute])
             # could also use key_table and key_attribute from options
             # when specified, but keep simple for now
             # also, this change isn't backward compatible
             key =
               Lockbox.attribute_key(
@@ -54,11 +57,11 @@
     def self.decode_key(key, size: 32, name: "Key")
       if key.encoding != Encoding::BINARY && key =~ /\A[0-9a-f]{#{size * 2}}\z/i
         key = [key].pack("H*")
       end
 
-      raise Lockbox::Error, "#{name} must be 32 bytes (64 hex digits)" if key.bytesize != size
+      raise Lockbox::Error, "#{name} must be #{size} bytes (#{size * 2} hex digits)" if key.bytesize != size
       raise Lockbox::Error, "#{name} must use binary encoding" if key.encoding != Encoding::BINARY
 
       key
     end
 
@@ -84,11 +87,10 @@
         when Hash
           io = attachable[:io]
           attachable = attachable.dup
           attachable[:io] = box.encrypt_io(io)
         else
-          # TODO raise ArgumentError
-          raise NotImplementedError, "Could not find or build blob: expected attachable, got #{attachable.inspect}"
+          raise ArgumentError, "Could not find or build blob: expected attachable, got #{attachable.inspect}"
         end
 
         # don't analyze encrypted data
         metadata = {"analyzed" => true}
         metadata["encrypted"] = true if options[:migrating]