enzoic 1.2.0 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +11 -6
- data/enzoic.gemspec +1 -1
- data/lib/enzoic/hashing.rb +36 -12
- data/lib/enzoic/password_type.rb +2 -1
- data/lib/enzoic/version.rb +1 -1
- data/lib/enzoic.rb +7 -2
- metadata +9 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d13fca15fa76f249a013adea0bac59023d847f8021bfe16748999ff0f5d26e52
|
|
4
|
+
data.tar.gz: a64b16ddd1f5ae4eb7dbdf97672c9a36958ae4099698181f47d88a815626d01e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cf9305fce6e41d506b445c8e3b17b7ffea8e816482ace8d872dc1a464c260d1b25bbb3d81e88534c2d6bb6a084bb5c0bded0dbfb76cd494a98cfb1d7dbfaeb01
|
|
7
|
+
data.tar.gz: 6aa0dfb06cfbeda5f130a92c77dcb51b36874b0aea2eb128d25c5dc91e033c56228a8af1cbf9b739f4ce9ea494a52e1aa6068b455f2d695b36036cecc58d0995
|
data/README.md
CHANGED
|
@@ -35,7 +35,8 @@ require 'enzoic'
|
|
|
35
35
|
enzoic = Enzoic::Enzoic.new(apiKey: YOUR_API_KEY, secret: YOUR_API_SECRET)
|
|
36
36
|
|
|
37
37
|
# Check whether a password has been compromised
|
|
38
|
-
#
|
|
38
|
+
# for more information, see
|
|
39
|
+
# https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api
|
|
39
40
|
if enzoic.check_password("password-to-test")
|
|
40
41
|
puts("Password is compromised")
|
|
41
42
|
else
|
|
@@ -43,7 +44,8 @@ else
|
|
|
43
44
|
end
|
|
44
45
|
|
|
45
46
|
# Check whether a specific set of credentials are compromised
|
|
46
|
-
#
|
|
47
|
+
# for more information, see
|
|
48
|
+
# https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/hashed-credentials-api
|
|
47
49
|
if enzoic.check_credentials("test@enzoic.com", "password-to-test")
|
|
48
50
|
puts("Credentials are compromised")
|
|
49
51
|
else
|
|
@@ -63,18 +65,21 @@ else
|
|
|
63
65
|
end
|
|
64
66
|
|
|
65
67
|
# get all exposures for a given user
|
|
66
|
-
#
|
|
68
|
+
# for more information, see
|
|
69
|
+
# https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-an-email-address
|
|
67
70
|
exposures = enzoic.get_exposures_for_user("test@enzoic.com")
|
|
68
71
|
puts(exposures.count.to_s + " exposures found for test@enzoic.com")
|
|
69
72
|
|
|
70
73
|
# now get the full details for the first exposure found
|
|
71
|
-
#
|
|
74
|
+
# for more information, see
|
|
75
|
+
# https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/retrieve-details-for-an-exposure
|
|
72
76
|
details = enzoic.get_exposure_details(exposures.exposures[0])
|
|
73
77
|
puts("First exposure for test@enzoic.com was " + details.title)
|
|
74
78
|
|
|
75
79
|
# get all passwords for a given user - requires special approval, contact Enzoic sales
|
|
76
|
-
#
|
|
77
|
-
|
|
80
|
+
# for more information, see
|
|
81
|
+
# https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api
|
|
82
|
+
user_passwords = enzoic.get_passwords_for_user("eicar_0@enzoic.com", true)
|
|
78
83
|
puts("First password for eicar_0@enzoic.com was " + user_passwords.passwords[0].password)
|
|
79
84
|
|
|
80
85
|
```
|
data/enzoic.gemspec
CHANGED
|
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
|
|
|
20
20
|
spec.bindir = "exe"
|
|
21
21
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
22
22
|
spec.require_paths = ["lib"]
|
|
23
|
-
spec.add_dependency 'ffi', '~> 1.
|
|
23
|
+
spec.add_dependency 'ffi', '~> 1.15.5'
|
|
24
24
|
spec.add_dependency 'ffi-compiler', '~> 1.0.1'
|
|
25
25
|
spec.add_dependency 'rest-client', '~> 2.0', '>= 2.0.2'
|
|
26
26
|
spec.add_dependency 'bcrypt', '~> 3.1', '>= 3.1.11'
|
data/lib/enzoic/hashing.rb
CHANGED
|
@@ -3,7 +3,8 @@ require 'digest'
|
|
|
3
3
|
require 'bcrypt'
|
|
4
4
|
require 'unix_crypt'
|
|
5
5
|
require 'zlib'
|
|
6
|
-
require 'digest/whirlpool'
|
|
6
|
+
require 'digest/whirlpool.bundle'
|
|
7
|
+
#require 'open_ssl'
|
|
7
8
|
require 'base64url'
|
|
8
9
|
|
|
9
10
|
module Enzoic
|
|
@@ -272,24 +273,47 @@ module Enzoic
|
|
|
272
273
|
return result
|
|
273
274
|
end
|
|
274
275
|
|
|
276
|
+
def self.sha256crypt(to_hash, salt)
|
|
277
|
+
return self.sha_crypt("5", UnixCrypt::SHA256, to_hash, salt)
|
|
278
|
+
end
|
|
279
|
+
|
|
275
280
|
def self.sha512crypt(to_hash, salt)
|
|
276
|
-
return
|
|
281
|
+
return self.sha_crypt("6", UnixCrypt::SHA512, to_hash, salt)
|
|
282
|
+
end
|
|
283
|
+
|
|
284
|
+
def self.sha_crypt(crypt_version, crypter, to_hash, salt)
|
|
285
|
+
# special handling if the salt contains an embedded rounds specifier
|
|
286
|
+
if salt.start_with?("$" + crypt_version + "$") && salt.include?("$rounds=")
|
|
287
|
+
# extract rounds
|
|
288
|
+
rounds_starting_idx = salt.index("$rounds=") + 8
|
|
289
|
+
rounds = salt[rounds_starting_idx..salt.length]
|
|
290
|
+
salt_portion = rounds[rounds.index("$") + 1..rounds.length]
|
|
291
|
+
|
|
292
|
+
begin
|
|
293
|
+
rounds = Integer(rounds[0..rounds.index("$") - 1])
|
|
294
|
+
rescue ArgumentError
|
|
295
|
+
rounds = 5000
|
|
296
|
+
end
|
|
297
|
+
|
|
298
|
+
result = crypter.build(to_hash, salt_portion, rounds)
|
|
299
|
+
|
|
300
|
+
# if the default rounds of 5000 was used, add this back in to the resultant hash as this library, unlike most,
|
|
301
|
+
# will strip it out.
|
|
302
|
+
if rounds == 5000
|
|
303
|
+
result = result[0..2] + "rounds=5000$" + result[3..result.length]
|
|
304
|
+
end
|
|
305
|
+
|
|
306
|
+
return result
|
|
307
|
+
end
|
|
308
|
+
return crypter.build(to_hash, salt.start_with?("$" + crypt_version + "$") ? salt[3..salt.length] : salt)
|
|
277
309
|
end
|
|
278
310
|
|
|
279
311
|
def self.custom_algorithm10(to_hash, salt)
|
|
280
312
|
return self.sha512(to_hash + ":" + salt)
|
|
281
313
|
end
|
|
282
314
|
|
|
283
|
-
def self.
|
|
284
|
-
|
|
285
|
-
if salt_to_use.start_with?("$5$")
|
|
286
|
-
salt_to_use = salt_to_use[3..salt.length];
|
|
287
|
-
end
|
|
288
|
-
if salt_to_use.start_with?("rounds=")
|
|
289
|
-
salt_to_use = salt_to_use[salt_to_use.index("$") + 1..salt_to_use.length]
|
|
290
|
-
end
|
|
291
|
-
|
|
292
|
-
return UnixCrypt::SHA256.build(to_hash, salt_to_use)
|
|
315
|
+
def self.hmac_sha1_salt_as_hash(to_hash, salt)
|
|
316
|
+
return OpenSSL::HMAC.hexdigest("sha1", salt, to_hash)
|
|
293
317
|
end
|
|
294
318
|
|
|
295
319
|
def self.authMeSHA256(to_hash, salt)
|
data/lib/enzoic/password_type.rb
CHANGED
data/lib/enzoic/version.rb
CHANGED
data/lib/enzoic.rb
CHANGED
|
@@ -138,9 +138,10 @@ module Enzoic
|
|
|
138
138
|
end
|
|
139
139
|
end
|
|
140
140
|
|
|
141
|
-
def get_passwords_for_user(username)
|
|
141
|
+
def get_passwords_for_user(username, include_exposure_details = false)
|
|
142
142
|
response = make_rest_call(@baseURL + Constants::ACCOUNTS_API_PATH + "?username=" +
|
|
143
|
-
Hashing.sha256(username.downcase) + "&includePasswords=1"
|
|
143
|
+
Hashing.sha256(username.downcase) + "&includePasswords=1" +
|
|
144
|
+
(include_exposure_details ? "&includeExposureDetails=1" : ""),
|
|
144
145
|
"GET", nil)
|
|
145
146
|
|
|
146
147
|
if response == "404"
|
|
@@ -301,6 +302,10 @@ module Enzoic
|
|
|
301
302
|
if salt != nil && salt.length > 0
|
|
302
303
|
return Hashing.authMeSHA256(password, salt)
|
|
303
304
|
end
|
|
305
|
+
when PasswordType::HMACSHA1_SaltAsHash
|
|
306
|
+
if salt != nil && salt.length > 0
|
|
307
|
+
return Hashing.hmac_sha1_salt_as_hash(password, salt)
|
|
308
|
+
end
|
|
304
309
|
else
|
|
305
310
|
return nil
|
|
306
311
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: enzoic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Enzoic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-08-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 1.
|
|
19
|
+
version: 1.15.5
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 1.
|
|
26
|
+
version: 1.15.5
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: ffi-compiler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -116,20 +116,20 @@ dependencies:
|
|
|
116
116
|
name: bundler
|
|
117
117
|
requirement: !ruby/object:Gem::Requirement
|
|
118
118
|
requirements:
|
|
119
|
-
- - "
|
|
119
|
+
- - "~>"
|
|
120
120
|
- !ruby/object:Gem::Version
|
|
121
121
|
version: 2.2.11
|
|
122
|
-
- - "
|
|
122
|
+
- - ">="
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
124
|
version: 2.2.11
|
|
125
125
|
type: :development
|
|
126
126
|
prerelease: false
|
|
127
127
|
version_requirements: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
|
-
- - "
|
|
129
|
+
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
131
|
version: 2.2.11
|
|
132
|
-
- - "
|
|
132
|
+
- - ">="
|
|
133
133
|
- !ruby/object:Gem::Version
|
|
134
134
|
version: 2.2.11
|
|
135
135
|
- !ruby/object:Gem::Dependency
|
|
@@ -361,7 +361,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
361
361
|
- !ruby/object:Gem::Version
|
|
362
362
|
version: '0'
|
|
363
363
|
requirements: []
|
|
364
|
-
rubygems_version: 3.
|
|
364
|
+
rubygems_version: 3.1.6
|
|
365
365
|
signing_key:
|
|
366
366
|
specification_version: 4
|
|
367
367
|
summary: Ruby library for Enzoic API
|