aliquot 0.14.0 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aliquot/payment.rb +10 -10
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 54635adaeefcc42d7fb42a854825fb7f88472ab34be2992813d899581f278969
|
|
4
|
+
data.tar.gz: 3f66d3b5d5cc20d3a58e0c0e64958906beee8e80f07af26a4868ad27efa68e2d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 23548bcc9c7e7a5ad77353bae8eab0283bd7593b3a9cf536298961d501a0b1b3181b722bf3e75ae0805d9c9dfa336d71a037ed5553eb57d0082b69a7e62aa60b
|
|
7
|
+
data.tar.gz: a14a66a56577b6de570fa4164f30d2ca96c3a23b5b6b915d136dfd7d825242c0ae6a403cc138ff97e26f76dcad1450ba67d8a733f7b45611141ba46241fafdb8
|
data/lib/aliquot/payment.rb
CHANGED
|
@@ -26,7 +26,7 @@ module Aliquot
|
|
|
26
26
|
validation = Aliquot::Validator::Token.new(JSON.parse(token_string))
|
|
27
27
|
validation.validate
|
|
28
28
|
rescue JSON::JSONError => e
|
|
29
|
-
raise InputError, "token JSON
|
|
29
|
+
raise InputError, "invalid token JSON, #{e.message}"
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
@token = validation.output
|
|
@@ -49,7 +49,7 @@ module Aliquot
|
|
|
49
49
|
|
|
50
50
|
if protocol_version == 'ECv2'
|
|
51
51
|
@intermediate_key = validate_intermediate_key
|
|
52
|
-
raise InvalidSignatureError, 'intermediate certificate expired' if intermediate_key_expired?
|
|
52
|
+
raise InvalidSignatureError, 'intermediate certificate has expired' if intermediate_key_expired?
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
check_signature
|
|
@@ -62,19 +62,19 @@ module Aliquot
|
|
|
62
62
|
raise KeyDerivationError, "unable to derive keys, #{e.message}"
|
|
63
63
|
end
|
|
64
64
|
|
|
65
|
-
raise InvalidMacError unless valid_mac?(mac_key)
|
|
65
|
+
raise InvalidMacError, 'MAC did not match' unless valid_mac?(mac_key)
|
|
66
66
|
|
|
67
67
|
begin
|
|
68
68
|
@message = JSON.parse(decrypt(aes_key, @signed_message[:encryptedMessage]))
|
|
69
69
|
rescue JSON::JSONError => e
|
|
70
|
-
raise InputError, "encryptedMessage JSON
|
|
70
|
+
raise InputError, "invalid encryptedMessage JSON, #{e.message}"
|
|
71
71
|
rescue => e
|
|
72
72
|
raise DecryptionError, "decryption failed, #{e.message}"
|
|
73
73
|
end
|
|
74
74
|
|
|
75
75
|
@message = validate_message
|
|
76
76
|
|
|
77
|
-
raise TokenExpiredError if expired?
|
|
77
|
+
raise TokenExpiredError, 'token has expired' if expired?
|
|
78
78
|
|
|
79
79
|
@message
|
|
80
80
|
end
|
|
@@ -103,7 +103,7 @@ module Aliquot
|
|
|
103
103
|
end
|
|
104
104
|
|
|
105
105
|
def validate_merchant_id
|
|
106
|
-
raise InvalidMerchantIDError unless
|
|
106
|
+
raise InvalidMerchantIDError unless /\A[[:graph:]]+\z/ =~ @merchant_id
|
|
107
107
|
"merchant:#{@merchant_id}"
|
|
108
108
|
end
|
|
109
109
|
|
|
@@ -133,7 +133,7 @@ module Aliquot
|
|
|
133
133
|
key.verify(new_digest, message_signature, signed_string_message)
|
|
134
134
|
end.any?
|
|
135
135
|
|
|
136
|
-
raise InvalidSignatureError unless success
|
|
136
|
+
raise InvalidSignatureError, 'signature of signedMessage did not match' unless success
|
|
137
137
|
when 'ECv2'
|
|
138
138
|
signed_key_signature = ['Google', 'ECv2', @token[:intermediateSigningKey][:signedKey]].map do |str|
|
|
139
139
|
[str.length].pack('V') + str
|
|
@@ -141,7 +141,7 @@ module Aliquot
|
|
|
141
141
|
|
|
142
142
|
# Check that the intermediate key signed the message
|
|
143
143
|
pkey = OpenSSL::PKey::EC.new(Base64.strict_decode64(@intermediate_key[:keyValue]))
|
|
144
|
-
raise InvalidSignatureError, '
|
|
144
|
+
raise InvalidSignatureError, 'signature of signedMessage did not match' unless pkey.verify(new_digest, message_signature, signed_string_message)
|
|
145
145
|
|
|
146
146
|
intermediate_signatures = @token[:intermediateSigningKey][:signatures]
|
|
147
147
|
|
|
@@ -152,12 +152,12 @@ module Aliquot
|
|
|
152
152
|
signed_key_signature
|
|
153
153
|
)
|
|
154
154
|
|
|
155
|
-
raise InvalidSignatureError, 'intermediate
|
|
155
|
+
raise InvalidSignatureError, 'no valid signature of intermediate key found' unless success
|
|
156
156
|
end
|
|
157
157
|
rescue OpenSSL::PKey::PKeyError => e
|
|
158
158
|
# Catches problems with verifying signature. Can be caused by signature
|
|
159
159
|
# being valid ASN1 but having invalid structure.
|
|
160
|
-
raise InvalidSignatureError, e.message
|
|
160
|
+
raise InvalidSignatureError, "error verifying signature, #{e.message}"
|
|
161
161
|
end
|
|
162
162
|
|
|
163
163
|
def root_keys
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aliquot
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.15.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Clearhaus
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-01-
|
|
11
|
+
date: 2019-01-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dry-validation
|