gala 0.3.2 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.circleci/config.yml +6 -14
- data/Gemfile +2 -2
- data/Gemfile.lock +6 -17
- data/README.md +18 -4
- data/gala.gemspec +3 -3
- data/lib/gala/payment_token.rb +21 -7
- data/lib/gala/version.rb +1 -1
- data/test/fixtures/certificate.pem +23 -22
- data/test/fixtures/private_key.pem +3 -3
- data/test/fixtures/token.json +9 -9
- data/test/payment_token_test.rb +10 -9
- metadata +9 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 93b93339726eda34b17a867a4f6b70798b1c78694f877fe4ba8cef1d06fc1571
|
|
4
|
+
data.tar.gz: 0550f14686b92763f783ad2d41c24573cf7fde32b2ce2b56f6c8743ae98301c5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6516487b176ac874ba4d893a8ae769c46d6d8b1613a859a2d09cefea7dccc0216d9875aa175f0fc174e5bf372a6ca9e7c390c40be35aef91e1c8f9df5bba1959
|
|
7
|
+
data.tar.gz: 9d85d6d765b8f66a8088834217c5e09d1f440b8d16bca4ddaddf523563b72cee434a3022f2a1a40f3cb42dca8d99fbb8082debc2e2b747a0d1e8c567fced37b0
|
data/.circleci/config.yml
CHANGED
|
@@ -1,22 +1,15 @@
|
|
|
1
1
|
version: 2
|
|
2
2
|
jobs:
|
|
3
|
-
ruby-2.
|
|
3
|
+
ruby-2.4:
|
|
4
4
|
docker:
|
|
5
|
-
- image: circleci/ruby:2.
|
|
5
|
+
- image: circleci/ruby:2.4.4
|
|
6
6
|
steps:
|
|
7
7
|
- checkout
|
|
8
8
|
- run: bundle
|
|
9
9
|
- run: rake test
|
|
10
|
-
ruby-2.
|
|
10
|
+
ruby-2.5:
|
|
11
11
|
docker:
|
|
12
|
-
- image: circleci/ruby:2.
|
|
13
|
-
steps:
|
|
14
|
-
- checkout
|
|
15
|
-
- run: bundle
|
|
16
|
-
- run: rake test
|
|
17
|
-
ruby-2.3:
|
|
18
|
-
docker:
|
|
19
|
-
- image: circleci/ruby:2.3.7
|
|
12
|
+
- image: circleci/ruby:2.5.1
|
|
20
13
|
steps:
|
|
21
14
|
- checkout
|
|
22
15
|
- run: bundle
|
|
@@ -25,6 +18,5 @@ workflows:
|
|
|
25
18
|
version: 2
|
|
26
19
|
rubies:
|
|
27
20
|
jobs:
|
|
28
|
-
- ruby-2.
|
|
29
|
-
- ruby-2.
|
|
30
|
-
- ruby-2.3
|
|
21
|
+
- ruby-2.4
|
|
22
|
+
- ruby-2.5
|
data/Gemfile
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
|
|
1
|
+
source 'https://rubygems.org'
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
gemspec
|
data/Gemfile.lock
CHANGED
|
@@ -1,35 +1,24 @@
|
|
|
1
|
-
GIT
|
|
2
|
-
remote: https://github.com/Shopify/aead.git
|
|
3
|
-
revision: 340e7718d8bd9c1fcf3c443e32f439436ea2b70d
|
|
4
|
-
ref: 340e7718d8bd9c1fcf3c443e32f439436ea2b70d
|
|
5
|
-
specs:
|
|
6
|
-
aead (1.8.2)
|
|
7
|
-
macaddr (~> 1)
|
|
8
|
-
|
|
9
1
|
PATH
|
|
10
2
|
remote: .
|
|
11
3
|
specs:
|
|
12
|
-
gala (0.
|
|
13
|
-
|
|
4
|
+
gala (0.4.0)
|
|
5
|
+
openssl (= 3.1.0)
|
|
14
6
|
|
|
15
7
|
GEM
|
|
16
8
|
remote: https://rubygems.org/
|
|
17
9
|
specs:
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
rake (12.0.0)
|
|
22
|
-
systemu (2.6.5)
|
|
10
|
+
minitest (5.18.0)
|
|
11
|
+
openssl (3.1.0)
|
|
12
|
+
rake (12.3.3)
|
|
23
13
|
|
|
24
14
|
PLATFORMS
|
|
25
15
|
ruby
|
|
26
16
|
|
|
27
17
|
DEPENDENCIES
|
|
28
|
-
aead!
|
|
29
18
|
bundler (~> 1.14)
|
|
30
19
|
gala!
|
|
31
20
|
minitest
|
|
32
21
|
rake (~> 12.0)
|
|
33
22
|
|
|
34
23
|
BUNDLED WITH
|
|
35
|
-
1.
|
|
24
|
+
1.17.3
|
data/README.md
CHANGED
|
@@ -1,23 +1,28 @@
|
|
|
1
1
|
# Gala
|
|
2
2
|
|
|
3
|
+
[](https://circleci.com/gh/spreedly/gala)
|
|
4
|
+
|
|
3
5
|
Named after the [Gala apple](http://en.wikipedia.org/wiki/Gala_(apple)), Gala is a Ruby library for decrypting [Apple Pay payment tokens](https://developer.apple.com/library/ios/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html).
|
|
4
6
|
|
|
5
7
|
Gala is available under the MIT License.
|
|
6
8
|
|
|
9
|
+
## Ruby support
|
|
10
|
+
|
|
11
|
+
* For Ruby v2.3 and below, please use the [legacy-ruby branch](https://github.com/spreedly/gala/commits/legacy-ruby), or specify gala v0.3.2.
|
|
12
|
+
* For Ruby >= 2.4, use the master branch or specify gala v0.4 and above
|
|
13
|
+
|
|
7
14
|
## Install
|
|
8
15
|
|
|
9
|
-
Add
|
|
16
|
+
Add `gala` to your `Gemfile`.
|
|
10
17
|
|
|
11
18
|
```ruby
|
|
12
|
-
gem "gala", "~> 0.
|
|
13
|
-
gem 'aead', git: 'https://github.com/Shopify/aead.git', ref: '340e7718d8bd9c1fcf3c443e32f439436ea2b70d'
|
|
19
|
+
gem "gala", "~> 0.4.0"
|
|
14
20
|
```
|
|
15
21
|
|
|
16
22
|
If you need to track a development branch or reference functionality not yet contained in the RubyGem release you can specify the gala repo directly.
|
|
17
23
|
|
|
18
24
|
```ruby
|
|
19
25
|
gem "gala", git: "https://github.com/spreedly/gala.git", ref: :master
|
|
20
|
-
gem 'aead', git: 'https://github.com/Shopify/aead.git', ref: '340e7718d8bd9c1fcf3c443e32f439436ea2b70d'
|
|
21
26
|
```
|
|
22
27
|
|
|
23
28
|
Then `bundle install` to fetch Gala into your local environment.
|
|
@@ -91,6 +96,15 @@ $ rake release
|
|
|
91
96
|
|
|
92
97
|
## Changelog
|
|
93
98
|
|
|
99
|
+
### v0.5.0
|
|
100
|
+
|
|
101
|
+
*Update Openssl to support Ruby 3
|
|
102
|
+
|
|
103
|
+
### v0.4.0
|
|
104
|
+
|
|
105
|
+
* Remove unmaintained `aead` gem dependency
|
|
106
|
+
* Rely on Ruby 2.4 openssl support for aes-256-gcm ciphers (and specifying the initialization vector length).
|
|
107
|
+
|
|
94
108
|
### v0.3.2
|
|
95
109
|
|
|
96
110
|
* Setup CircleCI for more comprehensive Ruby version/compatibility testing
|
data/gala.gemspec
CHANGED
|
@@ -17,11 +17,11 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test)/}) }
|
|
18
18
|
spec.test_files = `git ls-files -- test/*`.split("\n")
|
|
19
19
|
spec.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
20
|
-
spec.require_paths = [
|
|
20
|
+
spec.require_paths = ['lib']
|
|
21
21
|
|
|
22
|
-
spec.required_ruby_version =
|
|
22
|
+
spec.required_ruby_version = '>= 2.6.0'
|
|
23
23
|
|
|
24
|
-
spec.add_runtime_dependency '
|
|
24
|
+
spec.add_runtime_dependency 'openssl', '3.1.0'
|
|
25
25
|
|
|
26
26
|
spec.add_development_dependency 'bundler', '~> 1.14'
|
|
27
27
|
spec.add_development_dependency 'rake', '~> 12.0'
|
data/lib/gala/payment_token.rb
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
2
|
require 'base64'
|
|
3
|
-
require 'aead'
|
|
4
3
|
|
|
5
4
|
module Gala
|
|
6
5
|
class PaymentToken
|
|
@@ -56,7 +55,7 @@ module Gala
|
|
|
56
55
|
raise InvalidSignatureError, "Signature does not contain the correct custom OIDs." unless leaf_cert && intermediate_cert
|
|
57
56
|
|
|
58
57
|
# Ensure that the root CA is the Apple Root CA - G3
|
|
59
|
-
root_cert =
|
|
58
|
+
root_cert = OpenSSL::X509::Certificate.new(APPLE_ROOT_CERT)
|
|
60
59
|
|
|
61
60
|
# Ensure that there is a valid X.509 chain of trust from the signature to the root CA
|
|
62
61
|
raise InvalidSignatureError, "Unable to verify a valid chain of trust from signature to root certificate." unless chain_of_trust_verified?(leaf_cert, intermediate_cert, root_cert)
|
|
@@ -111,11 +110,26 @@ module Gala
|
|
|
111
110
|
end
|
|
112
111
|
|
|
113
112
|
def decrypt(encrypted_data, symmetric_key)
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
113
|
+
# Initialization vector of 16 null bytes
|
|
114
|
+
iv_length = 16
|
|
115
|
+
# 0.chr => "\x00"
|
|
116
|
+
iv = 0.chr * iv_length
|
|
117
|
+
|
|
118
|
+
# Last 16 bytes (iv_length) of encrypted data
|
|
119
|
+
tag = encrypted_data[-iv_length..-1]
|
|
120
|
+
# Data without tag
|
|
121
|
+
encrypted_data = encrypted_data[0..(-iv_length - 1)]
|
|
122
|
+
|
|
123
|
+
cipher = OpenSSL::Cipher.new("aes-256-gcm").decrypt
|
|
124
|
+
cipher.key = symmetric_key
|
|
125
|
+
cipher.iv_len = iv_length
|
|
126
|
+
cipher.iv = iv
|
|
127
|
+
|
|
128
|
+
# Decipher without associated authentication data
|
|
129
|
+
cipher.auth_tag = tag
|
|
130
|
+
cipher.auth_data = ''
|
|
131
|
+
|
|
132
|
+
cipher.update(encrypted_data) + cipher.final
|
|
119
133
|
end
|
|
120
134
|
end
|
|
121
135
|
end
|
data/lib/gala/version.rb
CHANGED
|
@@ -1,26 +1,27 @@
|
|
|
1
1
|
-----BEGIN CERTIFICATE-----
|
|
2
|
-
|
|
2
|
+
MIIEhTCCBCugAwIBAgIIaw5PZcTrT70wCgYIKoZIzj0EAwIwgYAxNDAyBgNVBAMM
|
|
3
3
|
K0FwcGxlIFdvcmxkd2lkZSBEZXZlbG9wZXIgUmVsYXRpb25zIENBIC0gRzIxJjAk
|
|
4
4
|
BgNVBAsMHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRMwEQYDVQQKDApB
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
5
|
+
cHBsZSBJbmMuMQswCQYDVQQGEwJVUzAeFw0yMTA4MzExNDE1MDlaFw0yMzA5MzAx
|
|
6
|
+
NDE1MDhaMIG2MTIwMAYKCZImiZPyLGQBAQwibWVyY2hhbnQudGVzdC5zcHJlZWRs
|
|
7
|
+
eS4xMjNtZXJjaGFudDFIMEYGA1UEAww/QXBwbGUgUGF5IFBheW1lbnQgUHJvY2Vz
|
|
8
|
+
c2luZzptZXJjaGFudC50ZXN0LnNwcmVlZGx5LjEyM21lcmNoYW50MRMwEQYDVQQL
|
|
9
|
+
DAo2RDZNVkxDNTY3MRQwEgYDVQQKDAtLeWxlICAgT3dlbjELMAkGA1UEBhMCVVMw
|
|
10
|
+
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATilQYcmp8kK5wbjQy90apPC9hHPY31
|
|
11
|
+
a8K04d20C41/W8HYw9nIuypTfZndrnPVZxYro4eZ8MNKo6t9CrtReVCAo4ICVTCC
|
|
12
|
+
AlEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSEtoTMOoZichZZlOgao71I3zrf
|
|
13
|
+
CzBHBggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmFwcGxl
|
|
14
|
+
LmNvbS9vY3NwMDQtYXBwbGV3d2RyY2EyMDEwggEdBgNVHSAEggEUMIIBEDCCAQwG
|
|
15
|
+
CSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlz
|
|
16
|
+
IGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2Yg
|
|
17
|
+
dGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9u
|
|
18
|
+
cyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBw
|
|
19
|
+
cmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBs
|
|
20
|
+
ZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0
|
|
21
|
+
dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxld3dkcmNhMi5jcmwwHQYDVR0OBBYEFChs
|
|
22
|
+
BZP7PNMYb3LPPZ1/TFLA66G9MA4GA1UdDwEB/wQEAwIDKDBPBgkqhkiG92NkBiAE
|
|
23
|
+
QgxAMzU4REE1ODkwQjk1NTVDMEE5RUZCODRCNUNENkZGMDRCRkRDRDVBQUJGNURD
|
|
24
|
+
MTRCOTg3MkQ4REY1MUVBRjQzOTAKBggqhkjOPQQDAgNIADBFAiBbRM0mTHB/oMfN
|
|
25
|
+
S80yvbqIS7bVZcvhlBRZHKsejOJ2OAIhANOXoD6Fmqk2GxMePAnMqDchAgi7Ft/D
|
|
26
|
+
KRykbt8Tfh8j
|
|
26
27
|
-----END CERTIFICATE-----
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
-----BEGIN EC PRIVATE KEY-----
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
2
|
+
MHcCAQEEICmvB7bzRczaJX05lCTK2ueRVRAAivM/CgbHyOaIcqW1oAoGCCqGSM49
|
|
3
|
+
AwEHoUQDQgAE4pUGHJqfJCucG40MvdGqTwvYRz2N9WvCtOHdtAuNf1vB2MPZyLsq
|
|
4
|
+
U32Z3a5z1WcWK6OHmfDDSqOrfQq7UXlQgA==
|
|
5
5
|
-----END EC PRIVATE KEY-----
|
data/test/fixtures/token.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
}
|
|
2
|
+
"version": "EC_v1",
|
|
3
|
+
"data": "98K9zY2CVmVzD/9A9mq7EtYOLda1LUWn1bDZM8Cy/ABPBok2B630eG9eZJUrlMYwJeaedYTpSgS3OZWX4dSnGquZ2S5I9Me44OmiirRwU4rZ/J4NBK+zwtmxv4OonZYjTmbKACTahSG0IylGWC0ah6hOTSfOTOzn2KIHs+B5i1bVDHfoq8o41gBoxvfS26kUfFiH8HtQBbZ+2Cea8/7NxCwSpGUADEUqmEar0ZIS9ndK+XGLyICwSgP8J1wJpoOndscXHi3wkY7MgpOfrA5Z/wCR3RbSGZtD94por+bwv0N8OgcTXAnDnDVXBWuj8rSU+imWEtY0C+rl/Ro/btPbAE4WjkElxsmVEWY14cb8EQFmmdbx3kRF9emTxs6ssAEhqZrdiUTmu9nynuu0",
|
|
4
|
+
"signature": "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCAMIID4zCCA4igAwIBAgIITDBBSVGdVDYwCgYIKoZIzj0EAwIwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE5MDUxODAxMzI1N1oXDTI0MDUxNjAxMzI1N1owXzElMCMGA1UEAwwcZWNjLXNtcC1icm9rZXItc2lnbl9VQzQtUFJPRDEUMBIGA1UECwwLaU9TIFN5c3RlbXMxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwhV37evWx7Ihj2jdcJChIY3HsL1vLCg9hGCV2Ur0pUEbg0IO2BHzQH6DMx8cVMP36zIg1rrV1O/0komJPnwPE6OCAhEwggINMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUI/JJxE+T5O8n5sT2KGw/orv9LkswRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDA0LWFwcGxlYWljYTMwMjCCAR0GA1UdIASCARQwggEQMIIBDAYJKoZIhvdjZAUBMIH+MIHDBggrBgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbWVudHMuMDYGCCsGAQUFBwIBFipodHRwOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS8wNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5hcHBsZS5jb20vYXBwbGVhaWNhMy5jcmwwHQYDVR0OBBYEFJRX22/VdIGGiYl2L35XhQfnm1gkMA4GA1UdDwEB/wQEAwIHgDAPBgkqhkiG92NkBh0EAgUAMAoGCCqGSM49BAMCA0kAMEYCIQC+CVcf5x4ec1tV5a+stMcv60RfMBhSIsclEAK2Hr1vVQIhANGLNQpd1t1usXRgNbEess6Hz6Pmr2y9g4CJDcgs3apjMIIC7jCCAnWgAwIBAgIISW0vvzqY2pcwCgYIKoZIzj0EAwIwZzEbMBkGA1UEAwwSQXBwbGUgUm9vdCBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMTQwNTA2MjM0NjMwWhcNMjkwNTA2MjM0NjMwWjB6MS4wLAYDVQQDDCVBcHBsZSBBcHBsaWNhdGlvbiBJbnRlZ3JhdGlvbiBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATwFxGEGddkhdUaXiWBB3bogKLv3nuuTeCN/EuT4TNW1WZbNa4i0Jd2DSJOe7oI/XYXzojLdrtmcL7I6CmE/1RFo4H3MIH0MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovL29jc3AuYXBwbGUuY29tL29jc3AwNC1hcHBsZXJvb3RjYWczMB0GA1UdDgQWBBQj8knET5Pk7yfmxPYobD+iu/0uSzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFLuw3qFYM4iapIqZ3r6966/ayySrMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxlcm9vdGNhZzMuY3JsMA4GA1UdDwEB/wQEAwIBBjAQBgoqhkiG92NkBgIOBAIFADAKBggqhkjOPQQDAgNnADBkAjA6z3KDURaZsYb7NcNWymK/9Bft2Q91TaKOvvGcgV5Ct4n4mPebWZ+Y1UENj53pwv4CMDIt1UQhsKMFd2xd8zg7kGf9F3wsIW2WT8ZyaYISb1T4en0bmcubCYkhYQaZDwmSHQAAMYIBjTCCAYkCAQEwgYYwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTAghMMEFJUZ1UNjANBglghkgBZQMEAgEFAKCBlTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA5MDExOTAzMDZaMCoGCSqGSIb3DQEJNDEdMBswDQYJYIZIAWUDBAIBBQChCgYIKoZIzj0EAwIwLwYJKoZIhvcNAQkEMSIEIJp5MA0izHSXJb0IZHNgCPFTzNVvCl93e6CLM+iDGmfjMAoGCCqGSM49BAMCBEgwRgIhAPpny9Qbxe1wpRcRK6kW8hfaT2G8L0cK55frTPNOjiw+AiEA1na4JJngB+yKCLij5V5JH2daE7Xcc91YbYywWL7QVSgAAAAAAAA=",
|
|
5
|
+
"header": {
|
|
6
|
+
"ephemeralPublicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHqqqjg3xlLn9YH2fEN1Gq3Z0IUJY1KZrX9/ZSzzYnFu3EDP4PGdPBpp6gzlHIb9vr9Tbz1HuMixBCfVMWhAvmw==",
|
|
7
|
+
"publicKeyHash": "+9VwJrqieiPF2ZRB0xHFYhgQ6RYza5hfrVLpdB1KtKI=",
|
|
8
|
+
"transactionId": "f7f133694685bab2f44ae3a7b54e2c0d0d39a3bc73fa2e6b14a2baf628d6ce87"
|
|
9
|
+
}
|
|
10
|
+
}
|
data/test/payment_token_test.rb
CHANGED
|
@@ -11,9 +11,10 @@ class Gala::PaymentTokenTest < Minitest::Test
|
|
|
11
11
|
@certificate = File.read(fixtures + "certificate.pem")
|
|
12
12
|
@private_key = File.read(fixtures + "private_key.pem")
|
|
13
13
|
@payment_token = Gala::PaymentToken.new(@token_attrs)
|
|
14
|
-
@merchant_id = "
|
|
15
|
-
@shared_secret = Base64.decode64("
|
|
16
|
-
@symmetric_key = Base64.decode64("
|
|
14
|
+
@merchant_id = "358DA5890B9555C0A9EFB84B5CD6FF04BFDCD5AABF5DC14B9872D8DF51EAF439"
|
|
15
|
+
@shared_secret = Base64.decode64("yCUzDuNYTnUnANZEdxC7+DvPmqNslB2YWYn68SBsJHU=")
|
|
16
|
+
@symmetric_key = Base64.decode64("3GTXJ4RuP/IhS23hsdOw2J2ecAZmC0RasbPIFdC3nQM=")
|
|
17
|
+
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def test_initialize
|
|
@@ -40,16 +41,16 @@ class Gala::PaymentTokenTest < Minitest::Test
|
|
|
40
41
|
end
|
|
41
42
|
|
|
42
43
|
def test_decrypt
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
assert_equal "
|
|
44
|
+
temp = @payment_token.decrypt(@certificate, @private_key)
|
|
45
|
+
payment_data = JSON.parse(temp)
|
|
46
|
+
assert_equal "5353756319181169", payment_data["applicationPrimaryAccountNumber"]
|
|
47
|
+
assert_equal "240930", payment_data["applicationExpirationDate"]
|
|
46
48
|
assert_equal "840", payment_data["currencyCode"]
|
|
47
49
|
assert_equal 100, payment_data["transactionAmount"]
|
|
48
50
|
assert_nil payment_data["cardholderName"]
|
|
49
|
-
assert_equal "
|
|
51
|
+
assert_equal "050110030273", payment_data["deviceManufacturerIdentifier"]
|
|
50
52
|
assert_equal "3DSecure", payment_data["paymentDataType"]
|
|
51
|
-
assert_equal "
|
|
52
|
-
assert_equal "5", payment_data["paymentData"]["eciIndicator"]
|
|
53
|
+
assert_equal "AMwBRjPWDnAgAA7Rls7mAoABFA==", payment_data["paymentData"]["onlinePaymentCryptogram"]
|
|
53
54
|
end
|
|
54
55
|
|
|
55
56
|
def test_failed_decrypt
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gala
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mark Bennett
|
|
@@ -9,22 +9,22 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2023-07-05 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
|
-
name:
|
|
15
|
+
name: openssl
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- -
|
|
18
|
+
- - '='
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
|
-
version:
|
|
20
|
+
version: 3.1.0
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- -
|
|
25
|
+
- - '='
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
|
-
version:
|
|
27
|
+
version: 3.1.0
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: bundler
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -103,15 +103,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
103
103
|
requirements:
|
|
104
104
|
- - ">="
|
|
105
105
|
- !ruby/object:Gem::Version
|
|
106
|
-
version:
|
|
106
|
+
version: 2.6.0
|
|
107
107
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
108
108
|
requirements:
|
|
109
109
|
- - ">="
|
|
110
110
|
- !ruby/object:Gem::Version
|
|
111
111
|
version: '0'
|
|
112
112
|
requirements: []
|
|
113
|
-
|
|
114
|
-
rubygems_version: 2.2.5
|
|
113
|
+
rubygems_version: 3.1.6
|
|
115
114
|
signing_key:
|
|
116
115
|
specification_version: 4
|
|
117
116
|
summary: Apple Pay payment token decryption library
|