gala 0.3.2 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.circleci/config.yml +6 -14
- data/Gemfile +2 -2
- data/Gemfile.lock +6 -17
- data/README.md +18 -4
- data/gala.gemspec +3 -3
- data/lib/gala/payment_token.rb +21 -7
- data/lib/gala/version.rb +1 -1
- data/test/fixtures/certificate.pem +23 -22
- data/test/fixtures/private_key.pem +3 -3
- data/test/fixtures/token.json +9 -9
- data/test/payment_token_test.rb +10 -9
- metadata +9 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 93b93339726eda34b17a867a4f6b70798b1c78694f877fe4ba8cef1d06fc1571
|
|
4
|
+
data.tar.gz: 0550f14686b92763f783ad2d41c24573cf7fde32b2ce2b56f6c8743ae98301c5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6516487b176ac874ba4d893a8ae769c46d6d8b1613a859a2d09cefea7dccc0216d9875aa175f0fc174e5bf372a6ca9e7c390c40be35aef91e1c8f9df5bba1959
|
|
7
|
+
data.tar.gz: 9d85d6d765b8f66a8088834217c5e09d1f440b8d16bca4ddaddf523563b72cee434a3022f2a1a40f3cb42dca8d99fbb8082debc2e2b747a0d1e8c567fced37b0
|
data/.circleci/config.yml
CHANGED
|
@@ -1,22 +1,15 @@
|
|
|
1
1
|
version: 2
|
|
2
2
|
jobs:
|
|
3
|
-
ruby-2.
|
|
3
|
+
ruby-2.4:
|
|
4
4
|
docker:
|
|
5
|
-
- image: circleci/ruby:2.
|
|
5
|
+
- image: circleci/ruby:2.4.4
|
|
6
6
|
steps:
|
|
7
7
|
- checkout
|
|
8
8
|
- run: bundle
|
|
9
9
|
- run: rake test
|
|
10
|
-
ruby-2.
|
|
10
|
+
ruby-2.5:
|
|
11
11
|
docker:
|
|
12
|
-
- image: circleci/ruby:2.
|
|
13
|
-
steps:
|
|
14
|
-
- checkout
|
|
15
|
-
- run: bundle
|
|
16
|
-
- run: rake test
|
|
17
|
-
ruby-2.3:
|
|
18
|
-
docker:
|
|
19
|
-
- image: circleci/ruby:2.3.7
|
|
12
|
+
- image: circleci/ruby:2.5.1
|
|
20
13
|
steps:
|
|
21
14
|
- checkout
|
|
22
15
|
- run: bundle
|
|
@@ -25,6 +18,5 @@ workflows:
|
|
|
25
18
|
version: 2
|
|
26
19
|
rubies:
|
|
27
20
|
jobs:
|
|
28
|
-
- ruby-2.
|
|
29
|
-
- ruby-2.
|
|
30
|
-
- ruby-2.3
|
|
21
|
+
- ruby-2.4
|
|
22
|
+
- ruby-2.5
|
data/Gemfile
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
|
|
1
|
+
source 'https://rubygems.org'
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
gemspec
|
data/Gemfile.lock
CHANGED
|
@@ -1,35 +1,24 @@
|
|
|
1
|
-
GIT
|
|
2
|
-
remote: https://github.com/Shopify/aead.git
|
|
3
|
-
revision: 340e7718d8bd9c1fcf3c443e32f439436ea2b70d
|
|
4
|
-
ref: 340e7718d8bd9c1fcf3c443e32f439436ea2b70d
|
|
5
|
-
specs:
|
|
6
|
-
aead (1.8.2)
|
|
7
|
-
macaddr (~> 1)
|
|
8
|
-
|
|
9
1
|
PATH
|
|
10
2
|
remote: .
|
|
11
3
|
specs:
|
|
12
|
-
gala (0.
|
|
13
|
-
|
|
4
|
+
gala (0.4.0)
|
|
5
|
+
openssl (= 3.1.0)
|
|
14
6
|
|
|
15
7
|
GEM
|
|
16
8
|
remote: https://rubygems.org/
|
|
17
9
|
specs:
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
rake (12.0.0)
|
|
22
|
-
systemu (2.6.5)
|
|
10
|
+
minitest (5.18.0)
|
|
11
|
+
openssl (3.1.0)
|
|
12
|
+
rake (12.3.3)
|
|
23
13
|
|
|
24
14
|
PLATFORMS
|
|
25
15
|
ruby
|
|
26
16
|
|
|
27
17
|
DEPENDENCIES
|
|
28
|
-
aead!
|
|
29
18
|
bundler (~> 1.14)
|
|
30
19
|
gala!
|
|
31
20
|
minitest
|
|
32
21
|
rake (~> 12.0)
|
|
33
22
|
|
|
34
23
|
BUNDLED WITH
|
|
35
|
-
1.
|
|
24
|
+
1.17.3
|
data/README.md
CHANGED
|
@@ -1,23 +1,28 @@
|
|
|
1
1
|
# Gala
|
|
2
2
|
|
|
3
|
+
[](https://circleci.com/gh/spreedly/gala)
|
|
4
|
+
|
|
3
5
|
Named after the [Gala apple](http://en.wikipedia.org/wiki/Gala_(apple)), Gala is a Ruby library for decrypting [Apple Pay payment tokens](https://developer.apple.com/library/ios/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html).
|
|
4
6
|
|
|
5
7
|
Gala is available under the MIT License.
|
|
6
8
|
|
|
9
|
+
## Ruby support
|
|
10
|
+
|
|
11
|
+
* For Ruby v2.3 and below, please use the [legacy-ruby branch](https://github.com/spreedly/gala/commits/legacy-ruby), or specify gala v0.3.2.
|
|
12
|
+
* For Ruby >= 2.4, use the master branch or specify gala v0.4 and above
|
|
13
|
+
|
|
7
14
|
## Install
|
|
8
15
|
|
|
9
|
-
Add
|
|
16
|
+
Add `gala` to your `Gemfile`.
|
|
10
17
|
|
|
11
18
|
```ruby
|
|
12
|
-
gem "gala", "~> 0.
|
|
13
|
-
gem 'aead', git: 'https://github.com/Shopify/aead.git', ref: '340e7718d8bd9c1fcf3c443e32f439436ea2b70d'
|
|
19
|
+
gem "gala", "~> 0.4.0"
|
|
14
20
|
```
|
|
15
21
|
|
|
16
22
|
If you need to track a development branch or reference functionality not yet contained in the RubyGem release you can specify the gala repo directly.
|
|
17
23
|
|
|
18
24
|
```ruby
|
|
19
25
|
gem "gala", git: "https://github.com/spreedly/gala.git", ref: :master
|
|
20
|
-
gem 'aead', git: 'https://github.com/Shopify/aead.git', ref: '340e7718d8bd9c1fcf3c443e32f439436ea2b70d'
|
|
21
26
|
```
|
|
22
27
|
|
|
23
28
|
Then `bundle install` to fetch Gala into your local environment.
|
|
@@ -91,6 +96,15 @@ $ rake release
|
|
|
91
96
|
|
|
92
97
|
## Changelog
|
|
93
98
|
|
|
99
|
+
### v0.5.0
|
|
100
|
+
|
|
101
|
+
*Update Openssl to support Ruby 3
|
|
102
|
+
|
|
103
|
+
### v0.4.0
|
|
104
|
+
|
|
105
|
+
* Remove unmaintained `aead` gem dependency
|
|
106
|
+
* Rely on Ruby 2.4 openssl support for aes-256-gcm ciphers (and specifying the initialization vector length).
|
|
107
|
+
|
|
94
108
|
### v0.3.2
|
|
95
109
|
|
|
96
110
|
* Setup CircleCI for more comprehensive Ruby version/compatibility testing
|
data/gala.gemspec
CHANGED
|
@@ -17,11 +17,11 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test)/}) }
|
|
18
18
|
spec.test_files = `git ls-files -- test/*`.split("\n")
|
|
19
19
|
spec.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
20
|
-
spec.require_paths = [
|
|
20
|
+
spec.require_paths = ['lib']
|
|
21
21
|
|
|
22
|
-
spec.required_ruby_version =
|
|
22
|
+
spec.required_ruby_version = '>= 2.6.0'
|
|
23
23
|
|
|
24
|
-
spec.add_runtime_dependency '
|
|
24
|
+
spec.add_runtime_dependency 'openssl', '3.1.0'
|
|
25
25
|
|
|
26
26
|
spec.add_development_dependency 'bundler', '~> 1.14'
|
|
27
27
|
spec.add_development_dependency 'rake', '~> 12.0'
|
data/lib/gala/payment_token.rb
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
2
|
require 'base64'
|
|
3
|
-
require 'aead'
|
|
4
3
|
|
|
5
4
|
module Gala
|
|
6
5
|
class PaymentToken
|
|
@@ -56,7 +55,7 @@ module Gala
|
|
|
56
55
|
raise InvalidSignatureError, "Signature does not contain the correct custom OIDs." unless leaf_cert && intermediate_cert
|
|
57
56
|
|
|
58
57
|
# Ensure that the root CA is the Apple Root CA - G3
|
|
59
|
-
root_cert =
|
|
58
|
+
root_cert = OpenSSL::X509::Certificate.new(APPLE_ROOT_CERT)
|
|
60
59
|
|
|
61
60
|
# Ensure that there is a valid X.509 chain of trust from the signature to the root CA
|
|
62
61
|
raise InvalidSignatureError, "Unable to verify a valid chain of trust from signature to root certificate." unless chain_of_trust_verified?(leaf_cert, intermediate_cert, root_cert)
|
|
@@ -111,11 +110,26 @@ module Gala
|
|
|
111
110
|
end
|
|
112
111
|
|
|
113
112
|
def decrypt(encrypted_data, symmetric_key)
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
113
|
+
# Initialization vector of 16 null bytes
|
|
114
|
+
iv_length = 16
|
|
115
|
+
# 0.chr => "\x00"
|
|
116
|
+
iv = 0.chr * iv_length
|
|
117
|
+
|
|
118
|
+
# Last 16 bytes (iv_length) of encrypted data
|
|
119
|
+
tag = encrypted_data[-iv_length..-1]
|
|
120
|
+
# Data without tag
|
|
121
|
+
encrypted_data = encrypted_data[0..(-iv_length - 1)]
|
|
122
|
+
|
|
123
|
+
cipher = OpenSSL::Cipher.new("aes-256-gcm").decrypt
|
|
124
|
+
cipher.key = symmetric_key
|
|
125
|
+
cipher.iv_len = iv_length
|
|
126
|
+
cipher.iv = iv
|
|
127
|
+
|
|
128
|
+
# Decipher without associated authentication data
|
|
129
|
+
cipher.auth_tag = tag
|
|
130
|
+
cipher.auth_data = ''
|
|
131
|
+
|
|
132
|
+
cipher.update(encrypted_data) + cipher.final
|
|
119
133
|
end
|
|
120
134
|
end
|
|
121
135
|
end
|
data/lib/gala/version.rb
CHANGED
|
@@ -1,26 +1,27 @@
|
|
|
1
1
|
-----BEGIN CERTIFICATE-----
|
|
2
|
-
|
|
2
|
+
MIIEhTCCBCugAwIBAgIIaw5PZcTrT70wCgYIKoZIzj0EAwIwgYAxNDAyBgNVBAMM
|
|
3
3
|
K0FwcGxlIFdvcmxkd2lkZSBEZXZlbG9wZXIgUmVsYXRpb25zIENBIC0gRzIxJjAk
|
|
4
4
|
BgNVBAsMHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRMwEQYDVQQKDApB
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
5
|
+
cHBsZSBJbmMuMQswCQYDVQQGEwJVUzAeFw0yMTA4MzExNDE1MDlaFw0yMzA5MzAx
|
|
6
|
+
NDE1MDhaMIG2MTIwMAYKCZImiZPyLGQBAQwibWVyY2hhbnQudGVzdC5zcHJlZWRs
|
|
7
|
+
eS4xMjNtZXJjaGFudDFIMEYGA1UEAww/QXBwbGUgUGF5IFBheW1lbnQgUHJvY2Vz
|
|
8
|
+
c2luZzptZXJjaGFudC50ZXN0LnNwcmVlZGx5LjEyM21lcmNoYW50MRMwEQYDVQQL
|
|
9
|
+
DAo2RDZNVkxDNTY3MRQwEgYDVQQKDAtLeWxlICAgT3dlbjELMAkGA1UEBhMCVVMw
|
|
10
|
+
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATilQYcmp8kK5wbjQy90apPC9hHPY31
|
|
11
|
+
a8K04d20C41/W8HYw9nIuypTfZndrnPVZxYro4eZ8MNKo6t9CrtReVCAo4ICVTCC
|
|
12
|
+
AlEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSEtoTMOoZichZZlOgao71I3zrf
|
|
13
|
+
CzBHBggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmFwcGxl
|
|
14
|
+
LmNvbS9vY3NwMDQtYXBwbGV3d2RyY2EyMDEwggEdBgNVHSAEggEUMIIBEDCCAQwG
|
|
15
|
+
CSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlz
|
|
16
|
+
IGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2Yg
|
|
17
|
+
dGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9u
|
|
18
|
+
cyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBw
|
|
19
|
+
cmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBs
|
|
20
|
+
ZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0
|
|
21
|
+
dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxld3dkcmNhMi5jcmwwHQYDVR0OBBYEFChs
|
|
22
|
+
BZP7PNMYb3LPPZ1/TFLA66G9MA4GA1UdDwEB/wQEAwIDKDBPBgkqhkiG92NkBiAE
|
|
23
|
+
QgxAMzU4REE1ODkwQjk1NTVDMEE5RUZCODRCNUNENkZGMDRCRkRDRDVBQUJGNURD
|
|
24
|
+
MTRCOTg3MkQ4REY1MUVBRjQzOTAKBggqhkjOPQQDAgNIADBFAiBbRM0mTHB/oMfN
|
|
25
|
+
S80yvbqIS7bVZcvhlBRZHKsejOJ2OAIhANOXoD6Fmqk2GxMePAnMqDchAgi7Ft/D
|
|
26
|
+
KRykbt8Tfh8j
|
|
26
27
|
-----END CERTIFICATE-----
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
-----BEGIN EC PRIVATE KEY-----
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
2
|
+
MHcCAQEEICmvB7bzRczaJX05lCTK2ueRVRAAivM/CgbHyOaIcqW1oAoGCCqGSM49
|
|
3
|
+
AwEHoUQDQgAE4pUGHJqfJCucG40MvdGqTwvYRz2N9WvCtOHdtAuNf1vB2MPZyLsq
|
|
4
|
+
U32Z3a5z1WcWK6OHmfDDSqOrfQq7UXlQgA==
|
|
5
5
|
-----END EC PRIVATE KEY-----
|
data/test/fixtures/token.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
}
|
|
2
|
+
"version": "EC_v1",
|
|
3
|
+
"data": "98K9zY2CVmVzD/9A9mq7EtYOLda1LUWn1bDZM8Cy/ABPBok2B630eG9eZJUrlMYwJeaedYTpSgS3OZWX4dSnGquZ2S5I9Me44OmiirRwU4rZ/J4NBK+zwtmxv4OonZYjTmbKACTahSG0IylGWC0ah6hOTSfOTOzn2KIHs+B5i1bVDHfoq8o41gBoxvfS26kUfFiH8HtQBbZ+2Cea8/7NxCwSpGUADEUqmEar0ZIS9ndK+XGLyICwSgP8J1wJpoOndscXHi3wkY7MgpOfrA5Z/wCR3RbSGZtD94por+bwv0N8OgcTXAnDnDVXBWuj8rSU+imWEtY0C+rl/Ro/btPbAE4WjkElxsmVEWY14cb8EQFmmdbx3kRF9emTxs6ssAEhqZrdiUTmu9nynuu0",
|
|
4
|
+
"signature": "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCAMIID4zCCA4igAwIBAgIITDBBSVGdVDYwCgYIKoZIzj0EAwIwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE5MDUxODAxMzI1N1oXDTI0MDUxNjAxMzI1N1owXzElMCMGA1UEAwwcZWNjLXNtcC1icm9rZXItc2lnbl9VQzQtUFJPRDEUMBIGA1UECwwLaU9TIFN5c3RlbXMxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwhV37evWx7Ihj2jdcJChIY3HsL1vLCg9hGCV2Ur0pUEbg0IO2BHzQH6DMx8cVMP36zIg1rrV1O/0komJPnwPE6OCAhEwggINMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUI/JJxE+T5O8n5sT2KGw/orv9LkswRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDA0LWFwcGxlYWljYTMwMjCCAR0GA1UdIASCARQwggEQMIIBDAYJKoZIhvdjZAUBMIH+MIHDBggrBgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbWVudHMuMDYGCCsGAQUFBwIBFipodHRwOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS8wNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5hcHBsZS5jb20vYXBwbGVhaWNhMy5jcmwwHQYDVR0OBBYEFJRX22/VdIGGiYl2L35XhQfnm1gkMA4GA1UdDwEB/wQEAwIHgDAPBgkqhkiG92NkBh0EAgUAMAoGCCqGSM49BAMCA0kAMEYCIQC+CVcf5x4ec1tV5a+stMcv60RfMBhSIsclEAK2Hr1vVQIhANGLNQpd1t1usXRgNbEess6Hz6Pmr2y9g4CJDcgs3apjMIIC7jCCAnWgAwIBAgIISW0vvzqY2pcwCgYIKoZIzj0EAwIwZzEbMBkGA1UEAwwSQXBwbGUgUm9vdCBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMTQwNTA2MjM0NjMwWhcNMjkwNTA2MjM0NjMwWjB6MS4wLAYDVQQDDCVBcHBsZSBBcHBsaWNhdGlvbiBJbnRlZ3JhdGlvbiBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATwFxGEGddkhdUaXiWBB3bogKLv3nuuTeCN/EuT4TNW1WZbNa4i0Jd2DSJOe7oI/XYXzojLdrtmcL7I6CmE/1RFo4H3MIH0MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovL29jc3AuYXBwbGUuY29tL29jc3AwNC1hcHBsZXJvb3RjYWczMB0GA1UdDgQWBBQj8knET5Pk7yfmxPYobD+iu/0uSzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFLuw3qFYM4iapIqZ3r6966/ayySrMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxlcm9vdGNhZzMuY3JsMA4GA1UdDwEB/wQEAwIBBjAQBgoqhkiG92NkBgIOBAIFADAKBggqhkjOPQQDAgNnADBkAjA6z3KDURaZsYb7NcNWymK/9Bft2Q91TaKOvvGcgV5Ct4n4mPebWZ+Y1UENj53pwv4CMDIt1UQhsKMFd2xd8zg7kGf9F3wsIW2WT8ZyaYISb1T4en0bmcubCYkhYQaZDwmSHQAAMYIBjTCCAYkCAQEwgYYwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTAghMMEFJUZ1UNjANBglghkgBZQMEAgEFAKCBlTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA5MDExOTAzMDZaMCoGCSqGSIb3DQEJNDEdMBswDQYJYIZIAWUDBAIBBQChCgYIKoZIzj0EAwIwLwYJKoZIhvcNAQkEMSIEIJp5MA0izHSXJb0IZHNgCPFTzNVvCl93e6CLM+iDGmfjMAoGCCqGSM49BAMCBEgwRgIhAPpny9Qbxe1wpRcRK6kW8hfaT2G8L0cK55frTPNOjiw+AiEA1na4JJngB+yKCLij5V5JH2daE7Xcc91YbYywWL7QVSgAAAAAAAA=",
|
|
5
|
+
"header": {
|
|
6
|
+
"ephemeralPublicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHqqqjg3xlLn9YH2fEN1Gq3Z0IUJY1KZrX9/ZSzzYnFu3EDP4PGdPBpp6gzlHIb9vr9Tbz1HuMixBCfVMWhAvmw==",
|
|
7
|
+
"publicKeyHash": "+9VwJrqieiPF2ZRB0xHFYhgQ6RYza5hfrVLpdB1KtKI=",
|
|
8
|
+
"transactionId": "f7f133694685bab2f44ae3a7b54e2c0d0d39a3bc73fa2e6b14a2baf628d6ce87"
|
|
9
|
+
}
|
|
10
|
+
}
|
data/test/payment_token_test.rb
CHANGED
|
@@ -11,9 +11,10 @@ class Gala::PaymentTokenTest < Minitest::Test
|
|
|
11
11
|
@certificate = File.read(fixtures + "certificate.pem")
|
|
12
12
|
@private_key = File.read(fixtures + "private_key.pem")
|
|
13
13
|
@payment_token = Gala::PaymentToken.new(@token_attrs)
|
|
14
|
-
@merchant_id = "
|
|
15
|
-
@shared_secret = Base64.decode64("
|
|
16
|
-
@symmetric_key = Base64.decode64("
|
|
14
|
+
@merchant_id = "358DA5890B9555C0A9EFB84B5CD6FF04BFDCD5AABF5DC14B9872D8DF51EAF439"
|
|
15
|
+
@shared_secret = Base64.decode64("yCUzDuNYTnUnANZEdxC7+DvPmqNslB2YWYn68SBsJHU=")
|
|
16
|
+
@symmetric_key = Base64.decode64("3GTXJ4RuP/IhS23hsdOw2J2ecAZmC0RasbPIFdC3nQM=")
|
|
17
|
+
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def test_initialize
|
|
@@ -40,16 +41,16 @@ class Gala::PaymentTokenTest < Minitest::Test
|
|
|
40
41
|
end
|
|
41
42
|
|
|
42
43
|
def test_decrypt
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
assert_equal "
|
|
44
|
+
temp = @payment_token.decrypt(@certificate, @private_key)
|
|
45
|
+
payment_data = JSON.parse(temp)
|
|
46
|
+
assert_equal "5353756319181169", payment_data["applicationPrimaryAccountNumber"]
|
|
47
|
+
assert_equal "240930", payment_data["applicationExpirationDate"]
|
|
46
48
|
assert_equal "840", payment_data["currencyCode"]
|
|
47
49
|
assert_equal 100, payment_data["transactionAmount"]
|
|
48
50
|
assert_nil payment_data["cardholderName"]
|
|
49
|
-
assert_equal "
|
|
51
|
+
assert_equal "050110030273", payment_data["deviceManufacturerIdentifier"]
|
|
50
52
|
assert_equal "3DSecure", payment_data["paymentDataType"]
|
|
51
|
-
assert_equal "
|
|
52
|
-
assert_equal "5", payment_data["paymentData"]["eciIndicator"]
|
|
53
|
+
assert_equal "AMwBRjPWDnAgAA7Rls7mAoABFA==", payment_data["paymentData"]["onlinePaymentCryptogram"]
|
|
53
54
|
end
|
|
54
55
|
|
|
55
56
|
def test_failed_decrypt
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gala
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mark Bennett
|
|
@@ -9,22 +9,22 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2023-07-05 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
|
-
name:
|
|
15
|
+
name: openssl
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- -
|
|
18
|
+
- - '='
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
|
-
version:
|
|
20
|
+
version: 3.1.0
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- -
|
|
25
|
+
- - '='
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
|
-
version:
|
|
27
|
+
version: 3.1.0
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: bundler
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -103,15 +103,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
103
103
|
requirements:
|
|
104
104
|
- - ">="
|
|
105
105
|
- !ruby/object:Gem::Version
|
|
106
|
-
version:
|
|
106
|
+
version: 2.6.0
|
|
107
107
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
108
108
|
requirements:
|
|
109
109
|
- - ">="
|
|
110
110
|
- !ruby/object:Gem::Version
|
|
111
111
|
version: '0'
|
|
112
112
|
requirements: []
|
|
113
|
-
|
|
114
|
-
rubygems_version: 2.2.5
|
|
113
|
+
rubygems_version: 3.1.6
|
|
115
114
|
signing_key:
|
|
116
115
|
specification_version: 4
|
|
117
116
|
summary: Apple Pay payment token decryption library
|