aes256gcm_decrypt 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0cd53e441e4de2f878cacf26642c881f10784dee
+  data.tar.gz: af758a6f954de18d0456030d8c3d18529338e2d2
+SHA512:
+  metadata.gz: 43380846a99f752fdf9ad4e81847ed2f4bd43c2336b81d938e8415e1d9e46987d131fdcdd29d1e5b368323ee19206faf0bbb0e267a3482a0db326e8d32217edb
+  data.tar.gz: 73ed2b8634cbd6c9f74e8b23098f10488c673b7173cec5d7c4d06bc38d987b8c70978c2875f2fca029d73e6918e04b02295d88b6a22cb6f10667ba5c341af469

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Clearhaus
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,40 @@
+# Aes256GcmDecrypt
+
+Decrypt AES256GCM-encrypted data in Apple Pay Payment Tokens.
+
+This library is necessary for Ruby < 2.4 (if you use the stdlib openssl rather than the [openssl gem](https://rubygems.org/gems/openssl)), as the OpenSSL bindings do not support setting the length of the initialisation vector (IV). Setting the IV length is necessary for decrypting Apple Pay data.
+
+The library becomes obsolete when we start using Ruby >= 2.4.
+
+## Usage
+
+```
+bundle install
+bundle exec rake test
+
+irb -r base64 -I lib -r aes256gcm_decrypt
+
+ciphertext_and_tag = Base64.decode64(File.read('spec/token_data_base64.txt'))
+key = [File.read('spec/key_hex.txt').strip].pack('H*')
+
+begin
+  puts Aes256GcmDecrypt::decrypt(ciphertext_and_tag, key)
+rescue Aes256GcmDecrypt::AuthenticationError => e
+  # somebody is up to something
+rescue Aes256GcmDecrypt::Error => e
+  # super class for the possible errors; Aes256GcmDecrypt::InputError and
+  # Aes256GcmDecrypt::OpenSSLError are left, i.e. either you supplied invalid
+  # input or we got an unexpected error from OpenSSL
+end
+```
+
+See also [the specs](spec/decrypt_spec.rb).
+
+## Inspirational sources
+
+* [Your first Ruby native extension: C](https://blog.jcoglan.com/2012/07/29/your-first-ruby-native-extension-c/)
+* [Step-by-Step Guide to Building Your First Ruby Gem](https://quickleft.com/blog/engineering-lunch-series-step-by-step-guide-to-building-your-first-ruby-gem/)
+* [OpenSSL EVP Authenticated Decryption using GCM](https://wiki.openssl.org/index.php/EVP_Authenticated_Encryption_and_Decryption#Authenticated_Decryption_using_GCM_mode)
+* [The Ruby C API](http://silverhammermba.github.io/emberb/c/)
+* [Apple Pay Payment Token Format Reference](https://developer.apple.com/library/content/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html)
+* [Spreedly's gala gem](https://github.com/spreedly/gala)

data/Rakefile

@@ -0,0 +1,13 @@
+require 'rake/extensiontask'
+require 'rspec/core/rake_task'
+
+spec = Gem::Specification.load('aes256gcm_decrypt.gemspec')
+Rake::ExtensionTask.new('aes256gcm_decrypt', spec)
+
+desc ''
+RSpec::Core::RakeTask.new(:spec) do |task|
+  task.pattern = './spec/**/*_spec.rb'
+end
+
+desc 'Compile extension and run specs'
+task :test => [:compile, :spec]

data/aes256gcm_decrypt.gemspec

@@ -0,0 +1,17 @@
+Gem::Specification.new do |s|
+  s.name     = 'aes256gcm_decrypt'
+  s.version  = '0.0.2'
+  s.summary  = 'Decrypt AES256GCM-encrypted data in Apple Pay Payment Tokens'
+  s.author   = 'Clearhaus'
+  s.homepage = 'https://github.com/clearhaus/aes256gcm_decrypt'
+  s.license  = 'MIT'
+
+  s.files    = `git ls-files -z`.split("\x0")
+
+  s.extensions << "ext/aes256gcm_decrypt/extconf.rb"
+
+  s.required_ruby_version = '< 2.4'
+
+  s.add_development_dependency "rake-compiler"
+  s.add_development_dependency "rspec"
+end

data/circle.yml

@@ -0,0 +1,8 @@
+---
+machine:
+  ruby:
+    version: 2.3.3
+
+test:
+  override:
+    - bundle exec rake test

data/ext/aes256gcm_decrypt/aes256gcm_decrypt.c

@@ -0,0 +1,136 @@
+#include <ruby.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/evp.h>
+
+VALUE aes256gcm_input_error;
+VALUE aes256gcm_openssl_error;
+VALUE aes256gcm_auth_error;
+
+VALUE aes256gcm_decrypt(VALUE self, VALUE rb_ciphertext_and_tag, VALUE rb_key) {
+
+  /* Declare variables */
+  VALUE result;
+  unsigned int ciphertext_and_tag_len, ciphertext_len, tag_len;
+  unsigned int block_len, key_len, iv_len;
+  int plaintext_len, len;
+  unsigned char *ciphertext, *tag, *key, *plaintext;
+  char *rb_ciphertext_p;
+  unsigned char iv[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
+  const char *openssl_error_message = "";
+  EVP_CIPHER_CTX *ctx;
+
+  /* Check parameters */
+  if (!RB_TYPE_P(rb_ciphertext_and_tag, T_STRING)) {
+    rb_raise(aes256gcm_input_error, "ciphertext_and_tag must be a string");
+  }
+  if (!RB_TYPE_P(rb_key, T_STRING)) {
+    rb_raise(aes256gcm_input_error, "key must be a string");
+  }
+  ciphertext_and_tag_len = RSTRING_LEN(rb_ciphertext_and_tag);
+  tag_len = 16;
+  if (ciphertext_and_tag_len <= tag_len) {
+    rb_raise(aes256gcm_input_error, "ciphertext_and_tag too short");
+  }
+  key_len = RSTRING_LEN(rb_key);
+  if (key_len != 32) {
+    rb_raise(aes256gcm_input_error, "length of key must be 32");
+  }
+
+  /* Prepare variables */
+  result = Qnil;
+  block_len = 16;
+  iv_len = 16;
+
+  ciphertext_len = ciphertext_and_tag_len - tag_len;
+  ciphertext = calloc(ciphertext_len, sizeof(unsigned char));
+  rb_ciphertext_p = StringValuePtr(rb_ciphertext_and_tag);
+  memcpy(ciphertext, rb_ciphertext_p, ciphertext_len);
+
+  tag = calloc(tag_len, sizeof(unsigned char));
+  memcpy(tag, &rb_ciphertext_p[ciphertext_len], tag_len);
+
+  key = calloc(key_len, sizeof(unsigned char));
+  memcpy(key, StringValuePtr(rb_key), key_len);
+
+  plaintext = calloc(ciphertext_len + block_len, sizeof(unsigned char));
+
+  /* Create and initialise context */
+  if (!(ctx = EVP_CIPHER_CTX_new())) {
+    openssl_error_message = "Could not create and initialise context";
+    goto cleanup1;
+  }
+
+  /* Initialise decryption operation */
+  if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL)) {
+    openssl_error_message = "Could not initialise decryption operation";
+    goto cleanup2;
+  }
+
+  /* Set initialisation vector (IV) length */
+  if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL)) {
+    openssl_error_message = "Could not set IV length";
+    goto cleanup2;
+  }
+
+  /* Initialise key and IV */
+  if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) {
+    openssl_error_message = "Could not initialise key and IV";
+    goto cleanup2;
+  }
+
+  /* Provide message to be decrypted */
+  if (!EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) {
+    openssl_error_message = "DecryptUpdate failed";
+    goto cleanup2;
+  }
+  plaintext_len = len;
+
+  /* Set expected tag */
+  if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) {
+    openssl_error_message = "Could not set expected tag";
+    goto cleanup2;
+  }
+
+  /* Finalise decryption */
+  if (EVP_DecryptFinal_ex(ctx, &plaintext[len], &len) > 0) {
+    plaintext_len += len;
+    if ((unsigned int)plaintext_len > ciphertext_len + block_len) {
+      fprintf(stderr, "Plaintext overflow in AES256GCM decryption! Aborting.\n");
+      abort();
+    }
+    result = rb_str_new((char *)plaintext, plaintext_len);
+  } else {
+    result = Qfalse;
+  }
+
+cleanup2:
+  EVP_CIPHER_CTX_free(ctx);
+
+cleanup1:
+  free(plaintext);
+  free(key);
+  free(tag);
+  free(ciphertext);
+
+  switch (result) {
+    case Qnil:
+      rb_raise(aes256gcm_openssl_error, "%s", openssl_error_message);
+    case Qfalse:
+      rb_raise(aes256gcm_auth_error, "Authentication failed");
+    default:
+      return result;
+  }
+}
+
+void Init_aes256gcm_decrypt() {
+  VALUE module, error;
+
+  module = rb_define_module("Aes256GcmDecrypt");
+  error = rb_define_class_under(module, "Error", rb_eStandardError);
+  aes256gcm_input_error = rb_define_class_under(module, "InputError", error);
+  aes256gcm_openssl_error = rb_define_class_under(module, "OpenSSLError", error);
+  aes256gcm_auth_error = rb_define_class_under(module, "AuthenticationError", error);
+  rb_define_singleton_method(module, "decrypt", aes256gcm_decrypt, 2);
+}

data/ext/aes256gcm_decrypt/extconf.rb

@@ -0,0 +1,6 @@
+require 'mkmf'
+extension_name = 'aes256gcm_decrypt'
+dir_config(extension_name)
+$CFLAGS << ' -Wall'
+$LDFLAGS << ' -lcrypto'
+create_makefile(extension_name)

data/spec/decrypt_spec.rb

@@ -0,0 +1,60 @@
+require 'aes256gcm_decrypt'
+require 'base64'
+
+describe 'Aes256GcmDecrypt::decrypt' do
+  before(:each) do
+    @ciphertext_and_tag = Base64.decode64(File.read('spec/token_data_base64.txt'))
+    @key = [File.read('spec/key_hex.txt').strip].pack('H*')
+  end
+
+  it 'decrypts correctly' do
+    plaintext = Aes256GcmDecrypt::decrypt(@ciphertext_and_tag, @key)
+    expect(plaintext).to eq \
+      '{"applicationPrimaryAccountNumber":"4109370251004320","applicationExp' +
+      'irationDate":"200731","currencyCode":"840","transactionAmount":100,"d' +
+      'eviceManufacturerIdentifier":"040010030273","paymentDataType":"3DSecu' +
+      're","paymentData":{"onlinePaymentCryptogram":"Af9x/QwAA/DjmU65oyc1MAA' +
+      'BAAA=","eciIndicator":"5"}}'
+  end
+
+  it 'detects wrong parameter types' do
+    expect{Aes256GcmDecrypt::decrypt(42, @key)}.to \
+      raise_error(Aes256GcmDecrypt::InputError, 'ciphertext_and_tag must be a string')
+    expect{Aes256GcmDecrypt::decrypt(@ciphertext_and_tag, 42)}.to \
+      raise_error(Aes256GcmDecrypt::InputError, 'key must be a string')
+  end
+
+  it 'detects too short ciphertext_and_tag' do
+    (0..16).each do |i|
+      ciphertext_and_tag = 'x' * i
+      expect{Aes256GcmDecrypt::decrypt(ciphertext_and_tag, @key)}.to \
+        raise_error(Aes256GcmDecrypt::InputError, 'ciphertext_and_tag too short')
+    end
+  end
+
+  it 'detects wrong key length' do
+    ((0..64).to_a - [32]).each do |i|
+      key = 'x' * i
+      expect{Aes256GcmDecrypt::decrypt(@ciphertext_and_tag, key)}.to \
+        raise_error(Aes256GcmDecrypt::InputError, 'length of key must be 32')
+    end
+  end
+
+  it 'detects tampering with the ciphertext' do
+    @ciphertext_and_tag[0] = 'x'
+    expect{Aes256GcmDecrypt::decrypt(@ciphertext_and_tag, @key)}.to \
+      raise_error(Aes256GcmDecrypt::AuthenticationError, 'Authentication failed')
+  end
+
+  it 'detects an incorrect tag' do
+    @ciphertext_and_tag[-1] = 'x'
+    expect{Aes256GcmDecrypt::decrypt(@ciphertext_and_tag, @key)}.to \
+      raise_error(Aes256GcmDecrypt::AuthenticationError, 'Authentication failed')
+  end
+
+  it 'detects an incorrect key' do
+    @key[0] = 'x'
+    expect{Aes256GcmDecrypt::decrypt(@ciphertext_and_tag, @key)}.to \
+      raise_error(Aes256GcmDecrypt::AuthenticationError, 'Authentication failed')
+  end
+end

data/spec/key_hex.txt

@@ -0,0 +1 @@
+1ce49a828f59d43861ba442fce6829b8218fbb0ab55b40206ac31058d66f5086

data/spec/token_data_base64.txt

@@ -0,0 +1 @@
+4OZho15e9Yp5K0EtKergKzeRpPAjnKHwmSNnagxhjwhKQ5d29sfTXjdbh1CtTJ4DYjsD6kfulNUnYmBTsruphBz7RRVI1WI8P0LrmfTnImjcq1mi+BRN7EtR2y6MkDmAr78anff91hlc+x8eWD/NpO/oZ1ey5qV5RBy/Jp5zh6ndVUVq8MHHhvQv4pLy5Tfi57Yo4RUhAsyXyTh4x/p1360BZmoWomK15NcJfUmoUCuwEYoi7xUkRwNr1z4MKnzMfneSRpUgdc0wADMeB6u1jcuwqQnnh2cusiagOTCfD6jO6tmouvu6KO54uU7bAbKz6cocIOEAOc6keyFXG5dfw8i3hJg6G2vIefHCwcKu1zFCHr4P7jLnYFDEhvxLm1KskDcuZeQHAkBMmLRSgj9NIcpBa94VN/JTga8W75IWAA==

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification
+name: aes256gcm_decrypt
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Clearhaus
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-01-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email: 
+executables: []
+extensions:
+- ext/aes256gcm_decrypt/extconf.rb
+extra_rdoc_files: []
+files:
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- aes256gcm_decrypt.gemspec
+- circle.yml
+- ext/aes256gcm_decrypt/aes256gcm_decrypt.c
+- ext/aes256gcm_decrypt/extconf.rb
+- spec/decrypt_spec.rb
+- spec/key_hex.txt
+- spec/token_data_base64.txt
+homepage: https://github.com/clearhaus/aes256gcm_decrypt
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '2.4'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2.1
+signing_key: 
+specification_version: 4
+summary: Decrypt AES256GCM-encrypted data in Apple Pay Payment Tokens
+test_files: []