easy-crypto 0.1.7 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 31671eab7f89fa8fc412441808f40e9d9e4ccbe1a969070b5249d56a5cef5bcc
-  data.tar.gz: 36d78c9ef113c69143b7588a3bf9a9884e0c9b2c0179efd6936622b9b41da401
+  metadata.gz: 32927f958e449242beee9d34653cfca538a61dfd1a7ab50c100144937377b420
+  data.tar.gz: 1088bc0207174f7b69cbc2e19125744a27e7ad0a7d603cd9cac6faa8267039b0
 SHA512:
-  metadata.gz: c5ce234ec34ea19d1701f6c2810539013bb64c7af5ea9b19692995012f1db6398b199bbd9b7c830eb9de80513f58c724a4b4a336cfa552742251b0f4c1bc0e26
-  data.tar.gz: 48282d3f7edef07f465e33e5adad4cfe8e597cfd8c4e5c497032eecc23fb23a82dc744efafc4745eab566e8470519b454e70fe9e2487d9994d1d5ead89b04d98
+  metadata.gz: f6b11db29f050998cd316ca0669819958cc5d78b21efd037a93b8f8858cb9eec652a3e7b1e8070ecdfe74e65728eae240216abe776d7ef16bf6071f0c8e03afa
+  data.tar.gz: 359e29a491171b1f5c1ae2c1c21651da73d4e96bf039f26eb7f20167ee6733c399ec5a62f6716bdede961990411a8c625e0a797544f0ebaacb64fc9a435448a2

data/.github/workflows/ruby.yml

@@ -0,0 +1,31 @@
+name: Ruby
+
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-versions: ['2.6', '2.7', '3.0', 'jruby']
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-versions }}
+    - name: Install dependencies
+      run: bundle install
+    - name: Run tests
+      run: bundle exec rake
+    - name: Deploy
+      if : github.event_name == 'push' && startsWith(github.ref, 'refs/tags') && matrix.ruby-versions == '3.0'
+      run: |
+          mkdir -p $HOME/.gem
+          touch $HOME/.gem/credentials
+          chmod 0600 $HOME/.gem/credentials
+          printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+          gem build *.gemspec
+          gem push *.gem
+      env:
+        GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/Gemfile

@@ -1,2 +1,5 @@
 source "https://rubygems.org"
-gemspec
+gemspec
+
+gem 'jruby-openssl', '~> 0.9', :platform => :jruby
+gem 'openssl', '~> 2.1.2', :platform => :ruby

data/Gemfile.lock

@@ -1,39 +1,40 @@
 PATH
   remote: .
   specs:
-    easy-crypto (0.1.7)
-      openssl (~> 2.1.1, >= 2.1.1)
+    easy-crypto (0.2.4)
 
 GEM
   remote: https://rubygems.org/
   specs:
     diff-lcs (1.3)
-    ipaddr (1.2.2)
+    jruby-openssl (0.10.2-java)
     openssl (2.1.2)
-      ipaddr
-    rake (12.3.2)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rake (12.3.3)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.1)
+      rspec-support (~> 3.9.1)
+    rspec-expectations (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.2)
 
 PLATFORMS
+  java
   ruby
 
 DEPENDENCIES
-  bundler (~> 1.16)
+  bundler (~> 2.2.23)
   easy-crypto!
+  jruby-openssl (~> 0.9)
+  openssl (~> 2.1.2)
   rake (~> 12.3)
   rspec (~> 3.0)
 
 BUNDLED WITH
-   1.17.3
+   2.2.23

data/README.md

@@ -31,7 +31,7 @@ plaintext = 'some data'
 ecrypto = EasyCrypto::Crypto.new
 
 encrypted = ecrypto.encrypt(password, plaintext)
-decrypted = ecrypto.encrypt(password, encrypted)
+decrypted = ecrypto.decrypt(password, encrypted)
 
 decrypted == plaintext
 ```

data/easy-crypto.gemspec

@@ -15,9 +15,7 @@ Gem::Specification.new do |spec|
   spec.files         = `git ls-files -z`.split("\x0")
   spec.require_paths = ['lib']
 
-  spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'bundler', '~> 2.2.23'
   spec.add_development_dependency 'rake', '~> 12.3'
   spec.add_development_dependency 'rspec', '~> 3.0'
-
-  spec.add_runtime_dependency 'openssl', '~> 2.1.1', '>= 2.1.1'
 end

data/lib/easycrypto/key.rb

@@ -22,12 +22,12 @@ module EasyCrypto
     end
 
     def self.generate_with_salt(password, salt)
-      key = OpenSSL::KDF.pbkdf2_hmac(
+      key = OpenSSL::PKCS5.pbkdf2_hmac(
         password,
-        salt: salt,
-        iterations: Key::ITERATION_COUNT,
-        length: Key::KEY_LENGTH,
-        hash: Key::HASH_ALGO
+        salt,
+        Key::ITERATION_COUNT,
+        Key::KEY_LENGTH,
+        Key::HASH_ALGO
       )
 
       new(key, salt)

data/lib/easycrypto/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module EasyCrypto
-  VERSION = '0.1.7'
+  VERSION = '0.2.4'
 end

data/repo-info.json

@@ -0,0 +1,7 @@
+{
+   "is_in_production": false,
+   "is_scannable": true,
+   "is_critical": false,
+   "contact": "G-GSUITE-Security@emarsys.com",
+   "hosted": null
+}

data/spec/easycrypto/key_spec.rb

@@ -24,6 +24,13 @@ RSpec.describe EasyCrypto::Key do
       expect(key.salt).to eq salt
     end
 
+    it 'generates the expected key' do
+      key = EasyCrypto::Key.generate_with_salt('key password', salt)
+
+      expected_key = "\xC7\xE4\x89\xCB5\x86\xE0)Q)[u\xD6P\x87i\xC6\x13\xBE\xFE|\x19\x8A\xDB\xFB0\xB4\xE50\x12\x00\x95".force_encoding('ASCII-8BIT')
+      expect(key.key).to eq expected_key
+    end
+
     it 'generates the same key with the same password and salt' do
       key_1 = EasyCrypto::Key.generate_with_salt('key password', salt)
       key_2 = EasyCrypto::Key.generate_with_salt('key password', salt)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: easy-crypto
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.2.4
 platform: ruby
 authors:
 - Emarsys Security
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-15 00:00:00.000000000 Z
+date: 2021-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: 2.2.23
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: 2.2.23
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -52,26 +52,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: openssl
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.1.1
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.1.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.1.1
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.1.1
 description: 
 email:
 - security@emarsys.com
@@ -79,8 +59,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ruby.yml"
 - ".gitignore"
-- ".travis.yml"
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
@@ -91,6 +71,7 @@ files:
 - lib/easycrypto/crypto.rb
 - lib/easycrypto/key.rb
 - lib/easycrypto/version.rb
+- repo-info.json
 - spec/easycrypto/crypto_spec.rb
 - spec/easycrypto/key_spec.rb
 - spec/spec_helper.rb
@@ -113,7 +94,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.2
+rubygems_version: 3.2.22
 signing_key: 
 specification_version: 4
 summary: Provides simple wrappers around openssl crypto implementation.

data/.travis.yml

@@ -1,13 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-- 2.4.1
-before_install: gem install bundler -v 1.16.1
-deploy:
-  provider: rubygems
-  api_key: ${RUBYGEMS_API_KEY}
-  gem: easy-crypto
-  gemspec: easy-crypto.gemspec
-  skip_cleanup: true
-  on:
-    tags: true