barking_iguana-verify 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8331add902d90dcafc8c3b2b6ee724c8e24e01ca
+  data.tar.gz: c557293573bf87c2273fdd0ba9cb1023120a1d48
+SHA512:
+  metadata.gz: 8232f3a7356fcc8c3ede1f890cfd0f2d5800e90dbcf9bbf006270deafd12d718f62210744100567d814e304c27ae68d065e6c54481235f309b57b71c9d85a54d
+  data.tar.gz: 4ca2b693eb6c9e284b026f26ef1f481c468a0598506c35344a13afc73b917065cf5b7475ee659b8c5b9b6bcf6aab2764af045df6bfc2b2dc58e2d6431bafe449

data/.gitignore

@@ -0,0 +1,22 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in barking_iguana-verify.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Craig R Webster
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,71 @@
+# BarkingIguana::Verify
+
+Verify that a remote caller is who they say they are.
+
+Don't send passwords or API keys over the wire. That's risky.
+
+Make sure replay attacks have a very limited window in case someone has
+listened in to the HTTP conversation somehow.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'barking_iguana-verify'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install barking_iguana-verify
+
+## Usage
+
+### Client
+
+```ruby
+require 'barking_iguana/verify'
+
+# Anyone can know your username, this isn't protected data
+my_username = 'craigw'
+# Only you and the remote service know the API key, this should NOT be
+# transmitted in-band.
+my_api_key = '123456-1234-1234-123456'
+# Express an intent to send an HTTP DELETE to /resource/123 with a confirm
+# parameter
+intent = BarkingIguana::Verify::SignableAction.new 'DELETE', '/resource/123', confirm: true
+# Sign the action so the remote service can know this request was made by
+# us. Let the remote service know how long you're going to take to do this.
+time_i_will_perform_this_delete_by = Time.at 1402665888
+action = intent.sign my_username, my_api_key, time_i_will_perform_this_delete_by
+# Perform the delete
+RestClient.delete "https://example.com#{action.signed_path}"
+```
+
+### Server
+
+```ruby
+require 'barking_iguana/verify'
+
+username = params[BarkingIguana::Verify::SignedAction::PARAMETER_PUBLIC_KEY]
+# It's up to you to implement the ApiKey part.
+api_key = ApiKey.find_by_username username
+signature = params[BarkingIguana::Verify::SignedAction::PARAMETER_SIGNATURE]
+expected_intent = BarkingIguana::Verify::SignableAction.new 'DELETE', "/resource/#{params['id']}", confirm: true
+
+if expected_intent.verify? signature, api_key.token
+  Resource.delete params['id']
+else
+  raise NotAuthorized
+end
+```
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/barking_iguana-verify/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/barking_iguana-verify.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'barking_iguana/verify/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "barking_iguana-verify"
+  spec.version       = BarkingIguana::Verify::VERSION
+  spec.authors       = ["Craig R Webster"]
+  spec.email         = ["craig@barkingiguana.com"]
+  spec.summary       = %q{Verify that a remote caller is who they say they are without sending password or API keys over the wire.}
+  spec.description   = %q{Verify that a remote caller is who they say they are.
+
+Don't send passwords or API keys over the wire. That's risky.
+
+Make sure replay attacks have a very limited window in case someone has
+listened in to the HTTP conversation somehow.}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "addressable"
+  spec.add_development_dependency "bundler", "~> 1.6"
+  spec.add_development_dependency "rake"
+end

data/bin/example

@@ -0,0 +1,45 @@
+#! /usr/bin/env ruby
+
+require 'bundler'
+Bundler.require
+include BarkingIguana::Verify
+
+my_key = 'dc551120-f2e2-11e3-ac10-0800200c9a66'
+secrets = { # This would usually be your app database
+  my_key => 'a2ee8c40-f2e2-11e3-ac10-0800200c9a66'
+}
+
+signable_action = SignableAction.new 'GET', '/foo/bar', return_to: '/quux'
+puts "Signable Action: #{signable_action.inspect}"
+
+signed_at     = Time.now
+signed_for    = 7
+expires_at    = signed_at + signed_for
+signed_action = signable_action.sign my_key, secrets[my_key], expires_at
+puts "Signed Action  : #{signed_action.inspect}"
+puts "Signed at      : #{signed_at.to_i}"
+puts "Signed for     : #{signed_for}"
+puts "Signed until   : #{expires_at.to_i}"
+# A request would be made from my client to this path
+puts "Signed path    : #{signed_action.signed_path}"
+
+# This would normally be a param in your application
+# Note that the secret isn't part of this, even in an encrypted form
+signature = signed_action.signed_path.query_values[SignedAction::PARAMETER_SIGNATURE]
+# Need the public key to look up their secret for verification
+their_key = signed_action.signed_path.query_values[SignedAction::PARAMETER_PUBLIC_KEY]
+puts "Signature      : #{signature}"
+puts "Their key      : #{their_key}"
+their_secret = secrets[their_key]
+
+puts "Verification   : "
+14.times do |n|
+  print "#{Time.now.to_i}     : "
+  begin
+    signable_action.verify! signature, their_secret
+    puts "Valid"
+  rescue SignatureException => e
+    puts "Invalid: #{e.class.name} - #{e.message}"
+  end
+  sleep 1
+end

data/lib/barking_iguana/verify/exceptions.rb

@@ -0,0 +1,9 @@
+module BarkingIguana
+  module Verify
+    SignatureException = Class.new(StandardError)
+    WindowTooLarge     = Class.new(SignatureException)
+    SignatureExpired   = Class.new(SignatureException)
+    FarFutureExpiry    = Class.new(SignatureException)
+    TokenMismatch      = Class.new(SignatureException)
+  end
+end

data/lib/barking_iguana/verify/signable_action.rb

@@ -0,0 +1,67 @@
+require 'addressable/uri'
+
+module BarkingIguana
+  module Verify
+    class SignableAction
+      attr_accessor :verb
+      private :verb=, :verb
+
+      attr_accessor :path
+      private :path=, :path
+
+      attr_accessor :params
+      private :params=, :params
+
+      def initialize verb, path, params = {}
+	self.verb = verb
+	self.path = path
+	self.params = params
+      end
+
+      def add key, value
+	params[key] = value
+      end
+
+      def ordered_params
+	# Ruby has ordered hashes, but I want alphabetical order
+	params.keys.sort_by(&:to_s).inject({}) { |a, e|
+	  a.merge! e => params[e]
+	}
+      end
+      private :ordered_params
+
+      def query_string
+	return '' unless params.any?
+	'?' + URI.encode_www_form(ordered_params)
+      end
+
+      def unsigned_path
+	Addressable::URI.parse "#{path}#{query_string}"
+      end
+
+      def to_s
+	"#{verb} #{unsigned_path}"
+      end
+
+      def sign public_key, secret, expires_at
+        signature = Signature.new public_key, self, secret, expires_at
+        SignedAction.new self, signature
+      end
+
+      def verify! signature, secret
+        Signature.verify signature, self, secret
+      end
+
+      def verify? signature, secret
+        verify! signature, secret
+        true
+      rescue SignatureException
+        false
+      end
+
+      def inspect
+	"#<BarkingIguana::Verify::SignableAction #{to_s.inspect}>"
+      end
+    end
+  end
+end

data/lib/barking_iguana/verify/signature.rb

@@ -0,0 +1,72 @@
+require 'openssl'
+require 'base64'
+
+module BarkingIguana
+  module Verify
+    class Signature
+      MAXIMUM_VALIDITY = 3600
+
+      attr_accessor :public_key
+      private :public_key=
+
+      attr_accessor :action
+      private :action=, :action
+
+      attr_accessor :secret
+      private :secret=, :secret
+
+      attr_accessor :expires_at
+      private :expires_at=, :expires_at
+
+      attr_accessor :signed_at
+      private :signed_at=, :signed_at
+
+      def initialize public_key, action, secret, expires_at, signed_at = nil
+	self.public_key = public_key
+	self.action     = action
+	self.secret     = secret
+	self.expires_at = expires_at
+	self.signed_at  = signed_at
+      end
+
+      SEPARATOR = '--'.freeze
+      DIGEST = 'sha256'.freeze
+
+      # Get an ASCII representation of this signature
+      def to_s
+        signed = (signed_at || Time.now).to_i.to_s
+	expires = expires_at.to_i.to_s
+	signature = "#{public_key}#{expires}#{signed}#{action}"
+	token = OpenSSL::HMAC.hexdigest DIGEST, secret, signature
+	encoded_token = Base64.encode64(token)
+	encoded_token.gsub! /\n/, ''
+	params = [ encoded_token, public_key, expires, signed ].join SEPARATOR
+	Base64.encode64(params).gsub(/\n/, '')
+      end
+
+      def inspect
+        s = "#<#{self.class.name}: @public_key=#{public_key.inspect}, @action=#{action.inspect}, @secret=(hidden), @expires_at=#{expires_at.inspect}"
+        unless signed_at.nil?
+          s += ", @signed_at=#{signed_at.inspect}"
+        end
+        s + '>'
+      end
+
+      # Verify that a signature is valid, not expired, and not for an insanely
+      # far future date.
+      def self.verify ascii, action, secret, now = Time.now
+	this_second = Time.at now.to_i
+	params = Base64.decode64 ascii
+	_, public_key, expires, signed = params.split /#{SEPARATOR}/, 4
+	expires_at = Time.at expires.to_i
+        signed_at = Time.at signed.to_i
+        raise WindowTooLarge.new "Time between now and expiry is more than #{MAXIMUM_VALIDITY}" if expires_at - signed_at > MAXIMUM_VALIDITY
+	raise SignatureExpired.new "#{expires_at} vs #{this_second}" if this_second > expires_at
+	raise FarFutureExpiry.new "#{expires} vs #{this_second + MAXIMUM_VALIDITY}" if expires_at > this_second + MAXIMUM_VALIDITY
+	expected_signature = Signature.new public_key, action, secret,
+	  expires_at, signed_at
+	raise TokenMismatch.new "#{expected_signature.to_s} vs #{ascii}" if expected_signature.to_s != ascii
+      end
+    end
+  end
+end

data/lib/barking_iguana/verify/signed_action.rb

@@ -0,0 +1,32 @@
+module BarkingIguana
+  module Verify
+    class SignedAction
+      PARAMETER_SIGNATURE  = 'verify_signature'.freeze
+      PARAMETER_PUBLIC_KEY = 'verify_public_key'.freeze
+
+      attr_accessor :action
+      private :action=, :action
+
+      attr_accessor :signature
+      private :signature=, :signature
+
+      def initialize action, signature
+        self.action = action
+        self.signature = signature
+      end
+
+      def signed_path
+        path = action.unsigned_path
+        q = path.query_values
+        q[PARAMETER_SIGNATURE]  = signature.to_s
+        q[PARAMETER_PUBLIC_KEY] = signature.public_key.to_s
+        path.query_values = q
+        path
+      end
+
+      def inspect
+        "#<#{self.class.name}: @signed_path=#{signed_path.inspect}, @signature=#{signature.inspect}>"
+      end
+    end
+  end
+end

data/lib/barking_iguana/verify/version.rb

@@ -0,0 +1,5 @@
+module BarkingIguana
+  module Verify
+    VERSION = "0.0.1"
+  end
+end

data/lib/barking_iguana/verify.rb

@@ -0,0 +1,15 @@
+module BarkingIguana
+  module Verify
+    autoload :Signature,          'barking_iguana/verify/signature'
+    autoload :SignedAction,       'barking_iguana/verify/signed_action'
+    autoload :SignableAction,     'barking_iguana/verify/signable_action'
+
+    autoload :SignatureException, 'barking_iguana/verify/exceptions'
+    autoload :WindowTooLarge,     'barking_iguana/verify/exceptions'
+    autoload :SignatureExpired,   'barking_iguana/verify/exceptions'
+    autoload :FarFutureExpiry,    'barking_iguana/verify/exceptions'
+    autoload :TokenMismatch,      'barking_iguana/verify/exceptions'
+
+    autoload :VERSION,            'barking_iguana/verify/version'
+  end
+end

metadata

@@ -0,0 +1,107 @@
+--- !ruby/object:Gem::Specification
+name: barking_iguana-verify
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Craig R Webster
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-06-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |-
+  Verify that a remote caller is who they say they are.
+
+  Don't send passwords or API keys over the wire. That's risky.
+
+  Make sure replay attacks have a very limited window in case someone has
+  listened in to the HTTP conversation somehow.
+email:
+- craig@barkingiguana.com
+executables:
+- example
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- barking_iguana-verify.gemspec
+- bin/example
+- lib/barking_iguana/verify.rb
+- lib/barking_iguana/verify/exceptions.rb
+- lib/barking_iguana/verify/signable_action.rb
+- lib/barking_iguana/verify/signature.rb
+- lib/barking_iguana/verify/signed_action.rb
+- lib/barking_iguana/verify/version.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Verify that a remote caller is who they say they are without sending password
+  or API keys over the wire.
+test_files: []