RubyGems - ncypher - Versions diffs - 1.1.0 → 1.3.1 - Mend

ncypher 1.1.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4f5677085002a6face9c3bd0fc903a133083a78ef690e960fc24c8386e8061b8
-  data.tar.gz: 3e834ad55b6e82f468a386b8bb1b882dff6867b45c0890ed1d232b9c7c82ada5
+  metadata.gz: 77245507ddd567cc836702a8a3bef443a6c8a935f1609c5c2cde7dce87ac14ca
+  data.tar.gz: 905b47d4f2cbe7b795d0434fd7acf26ad9961e0c11d8bcc7c0b87813ceed951b
 SHA512:
-  metadata.gz: 9ac7263205dc795be80d00b3f6afc8e61bd27fb184b06adf041e9d11e79a789a25c15d803c8e1dcb351a32a797b41858893a338be66eb55ce8cff02f68c0a094
-  data.tar.gz: c33dded92dd324931b7d945c27473065687a1009a584db95fa4b7c79aaf77eb8f33e8429dc2f8a17c446d3d9203d73a2c69c093d41eb77f99b935736ddb863b5
+  metadata.gz: d8309bcfe3731ff257c75e6a4d6ef7688b9d81cb5352d25d4c36576a8cca4a61cf25eceba4e22b8d5c1ed44f46c7f8d056339829116db54b1200531bdc2250a8
+  data.tar.gz: 5373a0ebe1771ceb457806773a4947fd183eed235de9f359eb8c52ab6cfc2f208a7be3ef41e3d86ded6f16be2de69fb10e8aba31081884ea7ed93bed68129b24

data/.github/workflows/main.yml ADDED Viewed

@@ -0,0 +1,44 @@
+name: Ruby CI
+on:
+  push:
+    branches: [ master ]
+    tags:
+      - v*
+  pull_request:
+    branches: [ master ]
+jobs:
+  test:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install bundler
+      run: sudo gem install bundler -v 2.0
+    - name: Install dependencies
+      run: |
+        sudo apt-get update -y
+        sudo apt-get install -y libsodium23
+        bundle install
+    - name: Run tests
+      run: bundle exec rake
+  deploy:
+    needs: test
+    runs-on: ubuntu-20.04
+    if: startsWith(github.ref, 'refs/tags/')
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build and publish gem
+      env:
+        GEM_HOST_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }}
+      run: |
+        gem build ncypher.gemspec
+        gem push ncypher-*.gem

data/README.md CHANGED Viewed

@@ -3,7 +3,7 @@
 # Ncypher
-Ncypher is a gem to help you to encrypt your credentials in your ruby apps in a safe manner.
+Ncypher is a gem to help you to encrypt your credentials in your projects in a safe manner.
 ## Upgrade from versions before 1.0
 Versions before 1.0 were using rbnacl-libsodium gem which is now deprecated.
@@ -40,8 +40,8 @@ You can also set the env variable `NCYPHER_KEY` to that generated key (i.e `expo
 To encrypt a new password (or anything else), ncypher supports stdin. So you can do:
 ```
-$> cat secret_file | ncypher encrypt > secret_file.encrypted
-$> cat secret_file.encrypted | ncypher decrypt > secret_file
+$> ncypher encrypt < secret_file > secret_file.encrypted
+$> ncypher decrypt < secret_file.encrypted > secret_file
 $> ncypher encrypt
 mypassword
 <CTRL+D>
@@ -69,7 +69,7 @@ p4$$w0rd
 :)
-And Ncypher::Ncypher.decrypt will magically use your key in `.ncypher_key` to decrypt that password at runtime.
+And if you are using ruby, Ncypher::Ncypher.decrypt will magically use your key in `.ncypher_key` to decrypt that password at runtime.
 Now you can directy put in your .yaml files:
 ```
 defaults: &defaults
@@ -94,8 +94,14 @@ $> ncypher derive_key p4$$w0rd > .ncypher_key
 SALT: WKCAkJcS65nx3lA/w1BmBw==
 ```
-Then you have the ncypher\_key in .ncypher\_key. Be sure to save the salt if you want to be able to derive back the exact same key in the future.
+Then you have the ncypher\_key in .ncypher\_key. Be sure to save the salt if you want to be able to derive back the exact same key in the future.
+The derive_key command also listen to stdin so for safety you can instead do:
+```
+$> ncypher derive_key > .ncypher_key
+```
+And enter your password then CTRL+D.
 ## Contributing

data/exe/ncypher CHANGED Viewed

@@ -7,8 +7,6 @@ rescue NameError
   require "bundler/setup"
 end
-SUB_COMMANDS = %w(generate_key encrypt decrypt)
 if ARGV.empty?
   STDERR.puts "Ncypher a credential encryption tool"
   STDERR.puts "usage: ncypher generate_key"
@@ -24,11 +22,11 @@ case cmd
 when "generate_key"
   puts Ncypher::Ncypher.new.generate_key
 when "derive_key"
-  password = ARGV.shift
+  password = (ARGV.shift || STDIN.read)
   unless password
     abort "ncypher derive_key <password> [salt]"
   end
-  salt = File.exists?(".ncypher_salt") ? File.read(".ncypher_salt")&.strip : ARGV.shift
+  salt = File.exist?(".ncypher_salt") ? File.read(".ncypher_salt")&.strip : ARGV.shift
   key, used_salt = Ncypher::Ncypher.new.derive_key(password.strip, salt)
   STDOUT.puts key
   STDERR.puts "SALT: #{used_salt}" # Put salt on stderr so we can do ncypher deriver_key password > .ncypher_key

data/lib/ncypher/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Ncypher
-  VERSION = "1.1.0"
+  VERSION = "1.3.1"
 end

data/lib/ncypher.rb CHANGED Viewed

@@ -20,7 +20,8 @@ module Ncypher
     end
     def generate_key
-      generated_key = RbNaCl::Random.random_bytes(RbNaCl::SecretBox.key_bytes)
+      digest_size = 32 # RbNaCl::SecretBox.key_bytes
+      generated_key = RbNaCl::Random.random_bytes(digest_size)
       Base64.strict_encode64(generated_key)
     end

data/ncypher.gemspec CHANGED Viewed

@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
   spec.license       = 'WTFPL'
   spec.add_development_dependency "bundler", "~> 2.0"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rake", "~> 12.3.3"
   spec.add_development_dependency "minitest", "~> 5.0"
   spec.add_dependency 'rbnacl', '~> 7.0'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ncypher
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.3.1
 platform: ruby
 authors:
 - David Hagege
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-01-15 00:00:00.000000000 Z
+date: 2023-05-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -74,6 +74,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/main.yml"
 - ".gitignore"
 - ".travis.yml"
 - CODE_OF_CONDUCT.md
@@ -106,7 +107,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: Ncypher lets you encrypt/decrypt credentials in a safe and transparent way