altcha 1.0.0 → 2.0.0.beta1

data/lib/altcha.rb

@@ -1,436 +1,5 @@
 # frozen_string_literal: true
 
 require 'altcha/version'
-require 'openssl'
-require 'base64'
-require 'uri'
-require 'time'
-
-# Altcha module provides functions for creating and verifying ALTCHA challenges.
-module Altcha
-  # Contains algorithm type definitions for hashing.
-  module Algorithm
-    SHA1 = 'SHA-1'
-    SHA256 = 'SHA-256'
-    SHA512 = 'SHA-512'
-  end
-
-  # Default values for challenge generation.
-  DEFAULT_MAX_NUMBER = 1_000_000
-  DEFAULT_SALT_LENGTH = 12
-  DEFAULT_ALGORITHM = Algorithm::SHA256
-
-  # Class representing options for generating a challenge.
-  class ChallengeOptions
-    attr_accessor :algorithm, :max_number, :salt_length, :hmac_key, :salt, :number, :expires, :params
-
-    def initialize(algorithm: nil, max_number: nil, salt_length: nil, hmac_key:, salt: nil, number: nil, expires: nil, params: nil)
-      @algorithm = algorithm
-      @max_number = max_number
-      @salt_length = salt_length
-      @hmac_key = hmac_key
-      @salt = salt
-      @number = number
-      @expires = expires
-      @params = params
-    end
-  end
-
-  # Class representing a challenge with its attributes.
-  class Challenge
-    attr_accessor :algorithm, :challenge, :maxnumber, :salt, :signature
-
-    def initialize(algorithm:, challenge:, maxnumber: nil, salt:, signature:)
-      @algorithm = algorithm
-      @challenge = challenge
-      @maxnumber = maxnumber
-      @salt = salt
-      @signature = signature
-    end
-
-    # Converts the Challenge object to a JSON string.
-    # @param options [Hash] options to customize JSON encoding.
-    # @return [String] JSON representation of the Challenge object.
-    def to_json(options = {})
-      {
-        algorithm: @algorithm,
-        challenge: @challenge,
-        maxnumber: @maxnumber,
-        salt: @salt,
-        signature: @signature
-      }.to_json(options)
-    end
-  end
-
-  # Class representing the payload of a challenge.
-  class Payload
-    attr_accessor :algorithm, :challenge, :number, :salt, :signature
-
-    def initialize(algorithm:, challenge:, number:, salt:, signature:)
-      @algorithm = algorithm
-      @challenge = challenge
-      @number = number
-      @salt = salt
-      @signature = signature
-    end
-
-    # Converts the Payload object to a JSON string.
-    # @param options [Hash] options to customize JSON encoding.
-    # @return [String] JSON representation of the Payload object.
-    def to_json(options = {})
-      {
-        algorithm: @algorithm,
-        challenge: @challenge,
-        number: @number,
-        salt: @salt,
-        signature: @signature
-      }.to_json(options)
-    end
-
-    # Creates a Payload object from a JSON string.
-    # @param string [String] JSON string to parse.
-    # @return [Payload] Parsed Payload object.
-    def self.from_json(string)
-      data = JSON.parse(string)
-      new(
-        algorithm: data['algorithm'],
-        challenge: data['challenge'],
-        number: data['number'],
-        salt: data['salt'],
-        signature: data['signature']
-      )
-    end
-  end
-
-  # Class representing the payload for server signatures.
-  class ServerSignaturePayload
-    attr_accessor :algorithm, :verification_data, :signature, :verified
-
-    def initialize(algorithm:, verification_data:, signature:, verified:)
-      @algorithm = algorithm
-      @verification_data = verification_data
-      @signature = signature
-      @verified = verified
-    end
-
-    # Converts the ServerSignaturePayload object to a JSON string.
-    # @param options [Hash] options to customize JSON encoding.
-    # @return [String] JSON representation of the ServerSignaturePayload object.
-    def to_json(options = {})
-      {
-        algorithm: @algorithm,
-        verificationData: @verification_data,
-        signature: @signature,
-        verified: @verified
-      }.to_json(options)
-    end
-
-    # Creates a ServerSignaturePayload object from a JSON string.
-    # @param string [String] JSON string to parse.
-    # @return [ServerSignaturePayload] Parsed ServerSignaturePayload object.
-    def self.from_json(string)
-      data = JSON.parse(string)
-      new(
-        algorithm: data['algorithm'],
-        verification_data: data['verificationData'],
-        signature: data['signature'],
-        verified: data['verified']
-      )
-    end
-  end
-
-  # Class for verifying server signatures, containing various data points.
-  class ServerSignatureVerificationData
-    attr_accessor :classification, :country, :detected_language, :email, :expire, :fields, :fields_hash,
-                  :ip_address, :reasons, :score, :time, :verified
-
-    # Converts the ServerSignatureVerificationData object to a JSON string.
-    # @param options [Hash] options to customize JSON encoding.
-    # @return [String] JSON representation of the ServerSignatureVerificationData object.
-    def to_json(options = {})
-      {
-        classification: @classification,
-        country: @country,
-        detectedLanguage: @detected_language,
-        email: @email,
-        expire: @expire,
-        fields: @fields,
-        fieldsHash: @fields_hash,
-        ipAddress: @ip_address,
-        reasons: @reasons,
-        score: @score,
-        time: @time,
-        verified: @verified
-      }.to_json(options)
-    end
-  end
-
-  # Class representing the solution to a challenge.
-  class Solution
-    attr_accessor :number, :took
-  end
-
-  # Generates a random byte array of the specified length.
-  # @param length [Integer] The length of the byte array to generate.
-  # @return [String] The generated random byte array.
-  def self.random_bytes(length)
-    OpenSSL::Random.random_bytes(length)
-  end
-
-  # Generates a random integer between 0 and the specified maximum (inclusive).
-  # @param max [Integer] The upper bound for the random integer.
-  # @return [Integer] The generated random integer.
-  def self.random_int(max)
-    rand(max + 1)
-  end
-
-  # Hashes the input data using the specified algorithm and returns the hexadecimal representation of the hash.
-  # @param algorithm [String] The hashing algorithm to use (e.g., SHA-1, SHA-256, SHA-512).
-  # @param data [String] The data to hash.
-  # @return [String] The hexadecimal representation of the hashed data.
-  def self.hash_hex(algorithm, data)
-    hash = hash(algorithm, data)
-    hash.unpack1('H*')
-  end
-
-  # Hashes the input data using the specified algorithm.
-  # @param algorithm [String] The hashing algorithm to use (e.g., SHA-1, SHA-256, SHA-512).
-  # @param data [String] The data to hash.
-  # @return [String] The binary hash of the data.
-  # @raise [ArgumentError] If an unsupported algorithm is specified.
-  def self.hash(algorithm, data)
-    case algorithm
-    when Algorithm::SHA1
-      OpenSSL::Digest::SHA1.digest(data)
-    when Algorithm::SHA256
-      OpenSSL::Digest::SHA256.digest(data)
-    when Algorithm::SHA512
-      OpenSSL::Digest::SHA512.digest(data)
-    else
-      raise ArgumentError, "Unsupported algorithm: #{algorithm}"
-    end
-  end
-
-  # Computes the HMAC of the input data using the specified algorithm and key, and returns the hexadecimal representation.
-  # @param algorithm [String] The hashing algorithm to use (e.g., SHA-1, SHA-256, SHA-512).
-  # @param data [String] The data to hash.
-  # @param key [String] The key for the HMAC.
-  # @return [String] The hexadecimal representation of the HMAC.
-  def self.hmac_hex(algorithm, data, key)
-    hmac = hmac_hash(algorithm, data, key)
-    hmac.unpack1('H*')
-  end
-
-  # Computes the HMAC of the input data using the specified algorithm and key.
-  # @param algorithm [String] The hashing algorithm to use (e.g., SHA-1, SHA-256, SHA-512).
-  # @param data [String] The data to hash.
-  # @param key [String] The key for the HMAC.
-  # @return [String] The binary HMAC of the data.
-  # @raise [ArgumentError] If an unsupported algorithm is specified.
-  def self.hmac_hash(algorithm, data, key)
-    digest_class = case algorithm
-                   when Algorithm::SHA1
-                     OpenSSL::Digest::SHA1
-                   when Algorithm::SHA256
-                     OpenSSL::Digest::SHA256
-                   when Algorithm::SHA512
-                     OpenSSL::Digest::SHA512
-                   else
-                     raise ArgumentError, "Unsupported algorithm: #{algorithm}"
-                   end
-    OpenSSL::HMAC.digest(digest_class.new, key, data)
-  end
-
-  # Creates a challenge for the client to solve based on the provided options.
-  # @param options [ChallengeOptions] Options for generating the challenge.
-  # @return [Challenge] The generated Challenge object.
-  def self.create_challenge(options)
-    algorithm = options.algorithm || DEFAULT_ALGORITHM
-    max_number = options.max_number || DEFAULT_MAX_NUMBER
-    salt_length = options.salt_length || DEFAULT_SALT_LENGTH
-
-    params = options.params || {}
-    params['expires'] = options.expires.to_i if options.expires
-
-    salt = options.salt || random_bytes(salt_length).unpack1('H*')
-    salt += "?#{URI.encode_www_form(params)}" unless params.empty?
-    salt += salt.end_with?('&') ? '' : '&'
-
-    number = options.number || random_int(max_number)
-
-    challenge_str = "#{salt}#{number}"
-    challenge = hash_hex(algorithm, challenge_str)
-    signature = hmac_hex(algorithm, challenge, options.hmac_key)
-
-    Challenge.new(
-      algorithm: algorithm,
-      challenge: challenge,
-      maxnumber: max_number,
-      salt: salt,
-      signature: signature,
-    )
-  end
-
-  # Verifies the solution provided by the client.
-  # @param payload [String, Payload] The payload to verify, either as a base64 encoded JSON string or a Payload instance.
-  # @param hmac_key [String] The key used for HMAC verification.
-  # @param check_expires [Boolean] Whether to check if the challenge has expired.
-  # @return [Boolean] True if the solution is valid, false otherwise.
-  def self.verify_solution(payload, hmac_key, check_expires = true)
-    # Attempt to handle payload as a base64 encoded JSON string or as a Payload instance
-
-    # Decode and parse base64 JSON string if it's a String
-    if payload.is_a?(String)
-      decoded_payload = Base64.decode64(payload)
-      payload = Payload.from_json(decoded_payload)
-    
-    # Convert payload from hash to Payload if it's a plain object
-    elsif payload.is_a?(Hash)
-      payload = Payload.new(
-        algorithm: payload[:algorithm],
-        challenge: payload[:challenge],
-        number: payload[:number],
-        salt: payload[:salt],
-        signature: payload[:signature]
-      )
-    end
-
-    # Ensure payload is an instance of Payload
-    return false unless payload.is_a?(Payload)
-
-    required_attributes = %i[algorithm challenge number salt signature]
-    required_attributes.each do |attr|
-      value = payload.send(attr)
-      return false if value.nil? || value.to_s.strip.empty?
-    end
-
-    # Extract expiration time if checking expiration
-    if check_expires && payload.salt.include?('?')
-      expires = URI.decode_www_form(payload.salt.split('?').last).to_h['expires'].to_i
-      return false if expires && Time.now.to_i > expires
-    end
-
-    # Convert payload to ChallengeOptions
-    challenge_options = ChallengeOptions.new(
-      algorithm: payload.algorithm,
-      hmac_key: hmac_key,
-      number: payload.number,
-      salt: payload.salt
-    )
-
-    # Create expected challenge and compare with the provided payload
-    expected_challenge = create_challenge(challenge_options)
-    expected_challenge.challenge == payload.challenge && expected_challenge.signature == payload.signature
-  rescue ArgumentError, JSON::ParserError
-    # Handle specific exceptions for invalid Base64 or JSON
-    false
-  end
-
-  # Extracts parameters from the payload's salt.
-  # @param payload [Payload] The payload containing the salt.
-  # @return [Hash] Parameters extracted from the payload's salt.
-  def self.extract_params(payload)
-    URI.decode_www_form(payload.salt.split('?').last).to_h
-  end
-
-  # Verifies the hash of form fields.
-  # @param form_data [Hash] The form data to verify.
-  # @param fields [Array<String>] The fields to include in the hash.
-  # @param fields_hash [String] The expected hash of the fields.
-  # @param algorithm [String] The hashing algorithm to use.
-  # @return [Boolean] True if the fields hash matches, false otherwise.
-  def self.verify_fields_hash(form_data, fields, fields_hash, algorithm)
-    lines = fields.map { |field| form_data[field].to_s }
-    joined_data = lines.join("\n")
-    computed_hash = hash_hex(algorithm, joined_data)
-    computed_hash == fields_hash
-  end
-
-  # Verifies the server's signature.
-  # @param payload [String, ServerSignaturePayload] The payload to verify, either as a base64 encoded JSON string or a ServerSignaturePayload instance.
-  # @param hmac_key [String] The key used for HMAC verification.
-  # @return [Array<Boolean, ServerSignatureVerificationData>] A tuple where the first element is true if the signature is valid, and the second element is the verification data.
-  def self.verify_server_signature(payload, hmac_key)
-    # Decode and parse base64 JSON string if it's a String
-    if payload.is_a?(String)
-      decoded_payload = Base64.decode64(payload)
-      payload = ServerSignaturePayload.from_json(decoded_payload)
-
-    # Convert payload from hash to ServerSignaturePayload if it's a plain object
-    elsif payload.is_a?(Hash)
-      payload = ServerSignaturePayload.new(
-        algorithm: payload[:algorithm],
-        verification_data: payload[:verification_data],
-        signature: payload[:signature],
-        verified: payload[:verified]
-      )
-    end
-
-    # Ensure payload is an instance of ServerSignaturePayload
-    return [false, nil] unless payload.is_a?(ServerSignaturePayload)
-
-    required_attributes = %i[algorithm verification_data signature verified]
-    required_attributes.each do |attr|
-      value = payload.send(attr)
-      return false if value.nil? || value.to_s.strip.empty?
-    end
-
-    hash_data = hash(payload.algorithm, payload.verification_data)
-    expected_signature = hmac_hex(payload.algorithm, hash_data, hmac_key)
-    
-    params = URI.decode_www_form(payload.verification_data).to_h
-    verification_data = ServerSignatureVerificationData.new.tap do |v|
-      v.classification = params['classification'] || nil
-      v.country = params['country'] || nil
-      v.detected_language = params['detectedLanguage'] || nil
-      v.email = params['email'] || nil
-      v.expire = params['expire'] ? params['expire'].to_i : nil
-      v.fields = params['fields'] ? params['fields'].split(',') : nil
-      v.fields_hash = params['fieldsHash'] || nil
-      v.ip_address = params['ipAddress'] || nil
-      v.reasons = params['reasons'] ? params['reasons'].split(',') : nil
-      v.score = params['score'] ? params['score'].to_f : nil
-      v.time = params['time'] ? params['time'].to_i : nil
-      v.verified = params['verified'] == 'true'
-    end
-
-    now = Time.now.to_i
-    is_verified = payload.verified &&
-                  verification_data.verified &&
-                  (verification_data.expire.nil? || verification_data.expire > now) &&
-                  payload.signature == expected_signature
-
-    [is_verified, verification_data]
-  rescue ArgumentError, JSON::ParserError => e
-    # Handle specific exceptions for invalid Base64 or JSON
-    puts "Error decoding or parsing payload: #{e.message}"
-    false
-  end
-
-  # Solves a challenge by iterating over possible solutions.
-  # @param challenge [String] The challenge to solve.
-  # @param salt [String] The salt used in the challenge.
-  # @param algorithm [String] The hashing algorithm used.
-  # @param max [Integer] The maximum number to try.
-  # @param start [Integer] The starting number to try.
-  # @return [Solution, nil] The solution if found, or nil if not.
-  def self.solve_challenge(challenge, salt, algorithm, max, start)
-    algorithm ||= Algorithm::SHA256
-    max ||= DEFAULT_MAX_NUMBER
-    start ||= 0
-
-    start_time = Time.now
-
-    (start..max).each do |n|
-      hash = hash_hex(algorithm, "#{salt}#{n}")
-      if hash == challenge
-        return Solution.new.tap do |s|
-          s.number = n
-          s.took = Time.now - start_time
-        end
-      end
-    end
-
-    nil
-  end
-end
+require 'altcha/v1'
+require 'altcha/v2'

metadata

@@ -1,74 +1,95 @@
 --- !ruby/object:Gem::Specification
 name: altcha
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0.beta1
 platform: ruby
 authors:
 - Daniel Regeci
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2025-12-14 00:00:00.000000000 Z
+date: 2026-04-04 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.0.1
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.0.1
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 13.3.1
+        version: '13.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 13.3.1
+        version: '13.3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '3.13'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '3.13'
 description: A lightweight library for creating and verifying ALTCHA challenges.
 email:
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/publish.yml"
 - ".gitignore"
 - ".rspec"
+- CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
+- SECURITY.md
 - altcha.gemspec
 - bin/console
 - bin/setup
+- examples/server.rb
 - lib/altcha.rb
+- lib/altcha/v1.rb
+- lib/altcha/v2.rb
 - lib/altcha/version.rb
 homepage: https://altcha.org
 licenses:
@@ -82,14 +103,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.11
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: ALTCHA Library