gitlab-license 0.0.1 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 003f891e0c79c5dad69dd13991814fd337dd842f
-  data.tar.gz: 9a324afa2d6c474d654baddded5d8c8f06c06e2c
+SHA256:
+  metadata.gz: 383fa8e8886da54f66d4e605027ff68ce9b32427d9924d659e58c3c5035e6338
+  data.tar.gz: 502a4ea974f4299d9cd2d1a0c0a02780a79d15f56bdc8332806181227b3ef072
 SHA512:
-  metadata.gz: 902fe5b33b61f2c259a638c4ed9bfdb05cade11046e4c7913557df9030e547ea29e8fa3e363208fd0d4f13b460b3300d646a78ef3d133444106aee2209d9850f
-  data.tar.gz: 0ca91a33ad564337b64b691ddd7badb405899bc3a7b1d6d8c8e45e08397e59b4a031d30836553ea7568f9ba49ae7c7d49af86063f08e3379b58cb152f9e18161
+  metadata.gz: a4a4f59660c0aed25f811fa584a281dac4f14cd60ebbec4fdb6ecc47e6ec31f4e35ba5ac0000b20b418761dbdaf20f1a3a2b7a221a2b91480d94f87a57a97862
+  data.tar.gz: 29b852faadaf76f0d9064c414e954f425290b83618882a7a3bfd47b10babcd8ce7a8a76ebe8990a35688d24a3a9314f69f9a1faec1179d0c5490fde09370de01

data/.rubocop.yml

@@ -0,0 +1,22 @@
+inherit_from: .rubocop_todo.yml
+
+require: rubocop-rspec
+
+Metrics/BlockLength:
+  ExcludedMethods: ['describe', 'context']
+
+Style/Alias:
+  EnforcedStyle: prefer_alias_method
+  Enabled: true
+
+Style/HashEachMethods:
+  Enabled: true
+
+Style/HashTransformKeys:
+  Enabled: true
+
+Style/HashTransformValues:
+  Enabled: true
+
+RSpec/MultipleExpectations:
+  Enabled: false

data/.rubocop_todo.yml

@@ -0,0 +1,84 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2020-03-02 14:37:54 -0500 using RuboCop version 0.80.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 6
+Metrics/AbcSize:
+  Max: 36
+
+# Offense count: 1
+# Configuration parameters: CountComments.
+Metrics/ClassLength:
+  Max: 129
+
+# Offense count: 3
+Metrics/CyclomaticComplexity:
+  Max: 16
+
+# Offense count: 5
+# Configuration parameters: CountComments, ExcludedMethods.
+Metrics/MethodLength:
+  Max: 38
+
+# Offense count: 3
+Metrics/PerceivedComplexity:
+  Max: 16
+
+# Offense count: 3
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'lib/gitlab/license.rb'
+    - 'lib/gitlab/license/boundary.rb'
+    - 'lib/gitlab/license/encryptor.rb'
+
+# Offense count: 12
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: always, always_true, never
+Style/FrozenStringLiteralComment:
+  Exclude:
+    - 'Gemfile'
+    - 'Rakefile'
+    - 'bin/console'
+    - 'gitlab-license.gemspec'
+    - 'lib/gitlab/license.rb'
+    - 'lib/gitlab/license/boundary.rb'
+    - 'lib/gitlab/license/encryptor.rb'
+    - 'lib/gitlab/license/version.rb'
+    - 'spec/gitlab/license/boundary_spec.rb'
+    - 'spec/gitlab/license/encryptor_spec.rb'
+    - 'spec/gitlab/license_spec.rb'
+    - 'spec/spec_helper.rb'
+
+# Offense count: 1
+# Configuration parameters: MinBodyLength.
+Style/GuardClause:
+  Exclude:
+    - 'lib/gitlab/license.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: short, verbose
+Style/PreferredHashMethods:
+  Exclude:
+    - 'lib/gitlab/license.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Style/RescueModifier:
+  Exclude:
+    - 'lib/gitlab/license.rb'
+
+# Offense count: 14
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Layout/LineLength:
+  Max: 104

data/README.md

@@ -48,9 +48,9 @@ license.licensee = {
   "Email"   => "douwe@gitlab.com"
 }
 
-# The date the license was issued. 
+# The date the license starts. 
 # Required.
-license.issued_at         = Date.new(2015, 4, 24)
+license.starts_at         = Date.new(2015, 4, 24)
 # The date the license expires. 
 # Not required, to allow lifetime licenses.
 license.expires_at        = Date.new(2016, 4, 23)

data/Rakefile

@@ -1 +1 @@
-require "bundler/gem_tasks"
+require 'bundler/gem_tasks'

data/bin/console

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
 
-require "bundler/setup"
-require "gitlab/license"
+require 'bundler/setup'
+require 'gitlab/license'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +10,5 @@ require "gitlab/license"
 # require "pry"
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start

data/gitlab-license.gemspec

@@ -1,24 +1,28 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'gitlab/license/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "gitlab-license"
+  spec.name          = 'gitlab-license'
   spec.version       = Gitlab::License::VERSION
-  spec.authors       = ["Douwe Maan"]
-  spec.email         = ["douwe@gitlab.com"]
+  spec.authors       = ['Douwe Maan', 'Stan Hu', 'Tyler Amos']
+  spec.email         = ['douwe@gitlab.com', 'stanhu@gitlab.com', 'tamos@gitlab.com']
 
-  spec.summary       = %q{gitlab-license helps you generate, verify and enforce software licenses.}
-  spec.homepage      = "https://gitlab.com/gitlab-org/gitlab-license"
-  spec.license       = "MIT"
+  spec.summary       = 'gitlab-license helps you generate, verify and enforce software licenses.'
+  spec.homepage      = 'https://dev.gitlab.org/gitlab/gitlab-license'
+  spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = "exe"
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
 
-  spec.add_development_dependency "bundler", "~> 1.9"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "byebug"
+  spec.required_ruby_version = '>= 2.3.0'
+
+  spec.add_development_dependency 'bundler', '~> 1.9'
+  spec.add_development_dependency 'byebug'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.9'
+  spec.add_development_dependency 'rubocop', '~> 0.80.1'
+  spec.add_development_dependency 'rubocop-rspec', '~> 1.38.1'
 end

data/lib/gitlab/license.rb

@@ -1,46 +1,69 @@
-require "openssl"
-require "date"
-require "json"
-require "base64"
+require 'openssl'
+require 'date'
+require 'json'
+require 'base64'
 
-require "gitlab/license/version"
-require "gitlab/license/encryptor"
+require 'gitlab/license/version'
+require 'gitlab/license/encryptor'
+require 'gitlab/license/boundary'
 
 module Gitlab
   class License
+    class Error < StandardError; end
+    class ImportError < Error; end
+    class ValidationError < Error; end
+
     class << self
-      attr_accessor :encryption_key
+      attr_reader :encryption_key
       @encryption_key = nil
 
-      def encryptor
-        unless self.encryption_key && self.encryption_key.is_a?(OpenSSL::PKey::RSA)
-          raise "No RSA encryption key provided."
-        end
+      def encryption_key=(key)
+        raise ArgumentError, 'No RSA encryption key provided.' if key && !key.is_a?(OpenSSL::PKey::RSA)
 
-        Encryptor.new(self.encryption_key)
+        @encryption_key = key
+        @encryptor = nil
       end
 
-      def import(data)
-        from_json(encryptor.decrypt(data))
+      def encryptor
+        @encryptor ||= Encryptor.new(encryption_key)
       end
 
-      def from_json(license_json)
-        new(JSON.parse(license_json))
+      def import(data)
+        raise ImportError, 'No license data.' if data.nil?
+
+        data = Boundary.remove_boundary(data)
+
+        begin
+          license_json = encryptor.decrypt(data)
+        rescue Encryptor::Error
+          raise ImportError, 'License data could not be decrypted.'
+        end
+
+        begin
+          attributes = JSON.parse(license_json)
+        rescue JSON::ParseError
+          raise ImportError, 'License data is invalid JSON.'
+        end
+
+        new(attributes)
       end
     end
 
     attr_reader :version
-    attr_accessor :licensee, :issued_at, :expires_at
+    attr_accessor :licensee, :starts_at, :expires_at
     attr_accessor :notify_admins_at, :notify_users_at, :block_changes_at
     attr_accessor :restrictions
 
+    alias_method :issued_at, :starts_at
+    alias_method :issued_at=, :starts_at=
+
     def initialize(attributes = {})
       load_attributes(attributes)
     end
 
     def valid?
-      return false if !licensee         || !licensee.is_a?(Hash) || licensee.length == 0
-      return false if !issued_at        || !issued_at.is_a?(Date)
+      return false if !licensee         || !licensee.is_a?(Hash) || licensee.empty?
+      return false if !starts_at        || !starts_at.is_a?(Date)
       return false if expires_at        && !expires_at.is_a?(Date)
       return false if notify_admins_at  && !notify_admins_at.is_a?(Date)
       return false if notify_users_at   && !notify_users_at.is_a?(Date)
@@ -51,39 +74,39 @@ module Gitlab
     end
 
     def validate!
-      raise "License is invalid" unless valid?
+      raise ValidationError, 'License is invalid' unless valid?
     end
 
     def will_expire?
-      self.expires_at
+      expires_at
     end
 
     def will_notify_admins?
-      self.notify_admins_at
+      notify_admins_at
     end
 
     def will_notify_users?
-      self.notify_users_at
+      notify_users_at
     end
 
     def will_block_changes?
-      self.block_changes_at
+      block_changes_at
     end
 
     def expired?
-      will_expire? && Date.today >= self.expires_at
+      will_expire? && Date.today >= expires_at
     end
 
     def notify_admins?
-      will_notify_admins? && Date.today >= self.notify_admins_at
+      will_notify_admins? && Date.today >= notify_admins_at
     end
 
     def notify_users?
-      will_notify_users? && Date.today >= self.notify_users_at
+      will_notify_users? && Date.today >= notify_users_at
     end
 
     def block_changes?
-      will_block_changes? && Date.today >= self.block_changes_at
+      will_block_changes? && Date.today >= block_changes_at
     end
 
     def restricted?(key = nil)
@@ -94,32 +117,38 @@ module Gitlab
       end
     end
 
-    def attributes      
+    def attributes
       hash = {}
 
-      hash["version"]          = self.version
-      hash["licensee"]         = self.licensee
+      hash['version']          = version
+      hash['licensee']         = licensee
 
-      hash["issued_at"]        = self.issued_at
-      hash["expires_at"]       = self.expires_at       if self.will_expire?
+      # `issued_at` is the legacy name for starts_at.
+      # TODO: Move to starts_at in a next version.
+      hash['issued_at']        = starts_at
+      hash['expires_at']       = expires_at       if will_expire?
 
-      hash["notify_admins_at"] = self.notify_admins_at if self.will_notify_admins?
-      hash["notify_users_at"]  = self.notify_users_at  if self.will_notify_users?
-      hash["block_changes_at"] = self.block_changes_at if self.will_block_changes?
+      hash['notify_admins_at'] = notify_admins_at if will_notify_admins?
+      hash['notify_users_at']  = notify_users_at  if will_notify_users?
+      hash['block_changes_at'] = block_changes_at if will_block_changes?
 
-      hash["restrictions"]     = self.restrictions     if self.restricted?
+      hash['restrictions']     = restrictions     if restricted?
 
       hash
     end
 
-    def to_json
-      JSON.dump(self.attributes)
+    def to_json(*_args)
+      JSON.dump(attributes)
     end
 
-    def export
+    def export(boundary: nil)
       validate!
 
-      self.class.encryptor.encrypt(self.to_json)
+      data = self.class.encryptor.encrypt(to_json)
+
+      data = Boundary.add_boundary(data, boundary) if boundary
+
+      data
     end
 
     private
@@ -127,26 +156,26 @@ module Gitlab
     def load_attributes(attributes)
       attributes = Hash[attributes.map { |k, v| [k.to_s, v] }]
 
-      version = attributes["version"] || 1
-      unless version && version == 1
-        raise ArgumentError, "Version is too new"
-      end
+      version = attributes['version'] || 1
+      raise ArgumentError, 'Version is too new' unless version && version == 1
 
       @version = version
 
-      @licensee = attributes["licensee"]
+      @licensee = attributes['licensee']
 
-      %w(issued_at expires_at notify_admins_at notify_users_at block_changes_at).each do |attr|
+      # `issued_at` is the legacy name for starts_at.
+      # TODO: Move to starts_at in a next version.
+      %w[issued_at expires_at notify_admins_at notify_users_at block_changes_at].each do |attr|
         value = attributes[attr]
         value = Date.parse(value) rescue nil if value.is_a?(String)
-        
+
         next unless value
 
         send("#{attr}=", value)
       end
 
-      restrictions = attributes["restrictions"]
-      if restrictions && restrictions.is_a?(Hash)
+      restrictions = attributes['restrictions']
+      if restrictions&.is_a?(Hash)
         restrictions = Hash[restrictions.map { |k, v| [k.to_sym, v] }]
         @restrictions = restrictions
       end

data/lib/gitlab/license/boundary.rb

@@ -0,0 +1,40 @@
+module Gitlab
+  class License
+    module Boundary
+      BOUNDARY_START  = /(\A|\r?\n)-*BEGIN .+? LICENSE-*\r?\n/.freeze
+      BOUNDARY_END    = /\r?\n-*END .+? LICENSE-*(\r?\n|\z)/.freeze
+
+      class << self
+        def add_boundary(data, product_name)
+          data = remove_boundary(data)
+
+          product_name.upcase!
+
+          pad = lambda do |message, width|
+            total_padding = [width - message.length, 0].max
+
+            padding = total_padding / 2.0
+            [
+              '-' * padding.ceil,
+              message,
+              '-' * padding.floor
+            ].join
+          end
+
+          [
+            pad.call("BEGIN #{product_name} LICENSE", 60),
+            data.strip,
+            pad.call("END #{product_name} LICENSE", 60)
+          ].join("\n")
+        end
+
+        def remove_boundary(data)
+          after_boundary  = data.split(BOUNDARY_START).last
+          in_boundary     = after_boundary.split(BOUNDARY_END).first
+
+          in_boundary
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/license/encryptor.rb

@@ -1,16 +1,20 @@
 module Gitlab
   class License
     class Encryptor
+      class Error < StandardError; end
+      class KeyError < Error; end
+      class DecryptionError < Error; end
+
       attr_accessor :key
 
       def initialize(key)
+        raise KeyError, 'No RSA encryption key provided.' if key && !key.is_a?(OpenSSL::PKey::RSA)
+
         @key = key
       end
 
       def encrypt(data)
-        unless key.private?
-          raise "Provided key is not a private key."
-        end
+        raise KeyError, 'Provided key is not a private key.' unless key.private?
 
         # Encrypt the data using symmetric AES encryption.
         cipher = OpenSSL::Cipher::AES128.new(:CBC)
@@ -21,12 +25,12 @@ module Gitlab
         encrypted_data = cipher.update(data) + cipher.final
 
         # Encrypt the AES key using asymmetric RSA encryption.
-        encrypted_key = self.key.private_encrypt(aes_key)
+        encrypted_key = key.private_encrypt(aes_key)
 
         encryption_data = {
-          "data" => Base64.encode64(encrypted_data),
-          "key"  => Base64.encode64(encrypted_key),
-          "iv"   => Base64.encode64(aes_iv)
+          'data' => Base64.encode64(encrypted_data),
+          'key' => Base64.encode64(encrypted_key),
+          'iv' => Base64.encode64(aes_iv)
         }
 
         json_data = JSON.dump(encryption_data)
@@ -34,27 +38,52 @@ module Gitlab
       end
 
       def decrypt(data)
-        unless key.public?
-          raise "Provided key is not a public key."
+        raise KeyError, 'Provided key is not a public key.' unless key.public?
+
+        json_data = Base64.decode64(data.chomp)
+
+        begin
+          encryption_data = JSON.parse(json_data)
+        rescue JSON::ParserError
+          raise DecryptionError, 'Encryption data is invalid JSON.'
         end
 
-        json_data = Base64.decode64(data)
-        encryption_data = JSON.parse(json_data)
+        unless %w[data key iv].all? { |key| encryption_data[key] }
+          raise DecryptionError, 'Required field missing from encryption data.'
+        end
 
-        encrypted_data  = Base64.decode64(encryption_data["data"])
-        encrypted_key   = Base64.decode64(encryption_data["key"])
-        aes_iv          = Base64.decode64(encryption_data["iv"])
+        encrypted_data  = Base64.decode64(encryption_data['data'])
+        encrypted_key   = Base64.decode64(encryption_data['key'])
+        aes_iv          = Base64.decode64(encryption_data['iv'])
 
-        # Decrypt the AES key using asymmetric RSA encryption.
-        aes_key = self.key.public_decrypt(encrypted_key)
+        begin
+          # Decrypt the AES key using asymmetric RSA encryption.
+          aes_key = self.key.public_decrypt(encrypted_key)
+        rescue OpenSSL::PKey::RSAError
+          raise DecryptionError, 'AES encryption key could not be decrypted.'
+        end
 
         # Decrypt the data using symmetric AES encryption.
         cipher = OpenSSL::Cipher::AES128.new(:CBC)
         cipher.decrypt
-        cipher.key  = aes_key
-        cipher.iv   = aes_iv
 
-        data = cipher.update(encrypted_data) + cipher.final
+        begin
+          cipher.key = aes_key
+        rescue OpenSSL::Cipher::CipherError
+          raise DecryptionError, 'AES encryption key is invalid.'
+        end
+
+        begin
+          cipher.iv = aes_iv
+        rescue OpenSSL::Cipher::CipherError
+          raise DecryptionError, 'AES IV is invalid.'
+        end
+
+        begin
+          data = cipher.update(encrypted_data) + cipher.final
+        rescue OpenSSL::Cipher::CipherError
+          raise DecryptionError, 'Data could not be decrypted.'
+        end
 
         data
       end

data/lib/gitlab/license/version.rb

@@ -1,5 +1,5 @@
 module Gitlab
   class License
-    VERSION = "0.0.1"
+    VERSION = '1.0.1'.freeze
   end
 end

metadata

@@ -1,14 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-license
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 1.0.1
 platform: ruby
 authors:
 - Douwe Maan
+- Stan Hu
+- Tyler Amos
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2015-04-29 00:00:00.000000000 Z
+date: 2020-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -24,6 +26,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.9'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -39,28 +55,60 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: byebug
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.9'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.80.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.80.1
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.38.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.38.1
 description: 
 email:
 - douwe@gitlab.com
+- stanhu@gitlab.com
+- tamos@gitlab.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".travis.yml"
 - Gemfile
 - LICENSE.txt
@@ -70,9 +118,10 @@ files:
 - bin/setup
 - gitlab-license.gemspec
 - lib/gitlab/license.rb
+- lib/gitlab/license/boundary.rb
 - lib/gitlab/license/encryptor.rb
 - lib/gitlab/license/version.rb
-homepage: https://gitlab.com/gitlab-org/gitlab-license
+homepage: https://dev.gitlab.org/gitlab/gitlab-license
 licenses:
 - MIT
 metadata: {}
@@ -84,15 +133,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: gitlab-license helps you generate, verify and enforce software licenses.