block_io 1.0.3 → 1.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4d6707d92cd82ae2d2ac1fa8fac10003e2428c38
-  data.tar.gz: f039eddd8e676ecd72483c0b6009eca69adf1d3a
+  metadata.gz: a4070e3d1b972162366367a130966c3eb5c22e51
+  data.tar.gz: ba5d436f001c72a584ecb63e74e66edfc2817896
 SHA512:
-  metadata.gz: 1c86cf460f1e41c8f54dbfa4112229c35236286eb68110357e8e755c4e2b88792349ae2efc924c59fd98328ac28f5493303b3250676d8c49f89adcfee6a4ae0d
-  data.tar.gz: 7ecb21200297d0719e76238ce6e45294689f4576769786917999cc51531a1be536f780c4bd1db9510f5e1bcfe86076bed7c38372d00a808a6f2908a44562c26c
+  metadata.gz: 63988cad8c218661843facfe58065e1f3eb0ec260ddea3cc4b07295012e8a3a2924e34a0b8e2662464895f20021dcdcf89d688281845be99944f3a7846bfa38c
+  data.tar.gz: e4434f2ccc1158b618dd19ea00df54a1da2e3da73f8ab8f0e4e7c660341b2c2fb3f07e366ba3173f4b3cc76843a3151c981b0cb2644d4ed98e8ef57f11430897

data/README.md

@@ -14,10 +14,11 @@ And then execute:
 
 Or install it yourself as:
 
-    $ gem install block_io -v=1.0.2
+    $ gem install block_io -v=1.0.4
 
 ## Changelog
 
+*11/03/14*: Reduce dependence on OpenSSL. PBKDF2 function is now Ruby-based. Should work well with Heroku's libraries.
 *10/18/14*: Now using deterministic signatures (RFC6979), and BIP62 to hinder transaction malleability.  
 
 

data/block_io.gemspec

@@ -24,4 +24,5 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency "httpclient", "~> 2.4", '>= 2.4.0'
   spec.add_runtime_dependency "json", "~> 1.8", '>= 1.8.1'
   spec.add_runtime_dependency "connection_pool", "~> 2.0", '>= 2.0.0'
+  spec.add_runtime_dependency "pbkdf2-ruby", '~> 0.2', '>= 0.2.1'
 end

data/lib/block_io.rb

@@ -5,6 +5,7 @@ require 'connection_pool'
 require 'ecdsa'
 require 'openssl'
 require 'digest'
+require 'pbkdf2'
 require 'securerandom'
 require 'base64'
 
@@ -267,9 +268,11 @@ module BlockIo
       # converts the pincode string to PBKDF2
       # returns a base64 version of PBKDF2 pincode
       salt = ""
-      aes_key_bin = OpenSSL::PKCS5.pbkdf2_hmac(secret_pin, salt, iterations/2, 16, OpenSSL::Digest::SHA256.new)
-      aes_key_bin = OpenSSL::PKCS5.pbkdf2_hmac(aes_key_bin.unpack("H*")[0], salt, iterations/2, 32, OpenSSL::Digest::SHA256.new)
-      
+
+      # pbkdf2-ruby gem uses SHA256 as the default hash function
+      aes_key_bin = PBKDF2.new(:password => secret_pin, :salt => salt, :iterations => iterations/2, :key_length => 128/8).value
+      aes_key_bin = PBKDF2.new(:password => aes_key_bin.unpack("H*")[0], :salt => salt, :iterations => iterations/2, :key_length => 256/8).value
+
       return Base64.strict_encode64(aes_key_bin) # the base64 encryption key
     end
     

data/lib/block_io/version.rb

@@ -1,3 +1,3 @@
 module BlockIo
-  VERSION = "1.0.3"
+  VERSION = "1.0.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: block_io
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.0.4
 platform: ruby
 authors:
 - Atif Nazir
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-10-18 00:00:00.000000000 Z
+date: 2014-11-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -118,6 +118,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: pbkdf2-ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.2.1
 description: This Ruby Gem is the official reference client for the Block.io payments
   API. To use this, you will need the Dogecoin, Bitcoin, or Litecoin API key(s) from
   Block.io. Go ahead, sign up :)