go_secure 0.66 → 0.67

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/go_secure.rb +9 -2
  3. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b937e6fe86f92dcaa9c2dde3089ded9e180460f2290b9d9cc33f4903f88b5504
4
- data.tar.gz: b453f17db5585ffdc849692f1e16179d53c1d6771258f2a669108763852555d8
3
+ metadata.gz: a27715aa137021de4885687c883cf1667e2cb4c3d1465a59ccaf53b91c5e7847
4
+ data.tar.gz: cec46ee63138b2e55542ebcc92f2ca6974fb34a36942c394f8f2fcf78fd81600
5
5
  SHA512:
6
- metadata.gz: 4ec28b36c2a980721633a409fe65cff6287a2e9f535738fb5aefc90cd280b8fdd02e201931c8da771d5824a878dfc9c0f8acccb5df863a826254aaf5be0ada91
7
- data.tar.gz: a1d0ec1bcdb45d101b17804f609a03483418fff919b5f4bd3892d54197918274b8233f4e364dbc2c958a4f790aef27205c6c8f7255f90220bdaaaebe0f62f6a8
6
+ metadata.gz: 276e836003c669a3c593d554456244cea84226dfde033948fe41db756a68ae764776af65eec24754eb29b58668554e8cc54a70c23dd1527f5df8d46efd3da381
7
+ data.tar.gz: 45d4ad85376e0ca2f55a820b7a9764771d3893eb332a6e9289bcf952f93225106fbc9aa073d1b3d2c0ceca17e7fe9c60cb10dadf849b85ad3a4fa803107529fe
data/lib/go_secure.rb CHANGED
@@ -13,6 +13,11 @@ module GoSecure
13
13
  digest = OpenSSL::Digest::SHA512.new(encryption_key || self.encryption_key)
14
14
  res = Base64.urlsafe_encode64(OpenSSL::PKCS5.pbkdf2_hmac(str.to_s, salt.to_s, 100000, digest.digest_length, digest))
15
15
  end
16
+
17
+ def self.lite_hmac(str, salt, level, encryption_key=nil)
18
+ raise "invalid level" unless level == 1
19
+ OpenSSL::HMAC.hexdigest('SHA512', OpenSSL::HMAC.hexdigest('SHA512', str.to_s, salt.to_s), encryption_key || self.encryption_key)
20
+ end
16
21
 
17
22
  def self.nonce(str)
18
23
  Digest::SHA512.hexdigest(str.to_s + Time.now.to_i.to_s + rand(999999).to_s + self.encryption_key)[0, 24]
@@ -113,7 +118,8 @@ module GoSecure
113
118
 
114
119
  def self.browser_token
115
120
  # TODO: checks around whether it's actually a web browser??
116
- stamp = Time.now.strftime('%Y%j')
121
+ day = Time.now.strftime('%j')
122
+ stamp = "#{Time.now.year}#{(Time.now.yday / 366.0 * 100.0).to_i.to_s.rjust(2, '0')}"
117
123
  stamp += '-' + GoSecure.sha512(stamp, 'browser_token')
118
124
  end
119
125
 
@@ -125,7 +131,8 @@ module GoSecure
125
131
  def self.valid_browser_token?(token)
126
132
  return false if !token || token.length == 0 || !token.match(/-/)
127
133
  stamp, hash = token.split(/-/, 2)
128
- if Time.now.strftime('%Y%j').to_i - stamp.to_i < 14 # 14 days?!
134
+ current_stamp = "#{Time.now.year}#{(Time.now.yday / 366.0 * 100.0).to_i.to_s.rjust(2, '0')}"
135
+ if current_stamp.to_i - stamp.to_i < (14/365.0*100.0) # 14 days?!
129
136
  return valid_browser_token_signature?(token)
130
137
  end
131
138
  false
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: go_secure
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.66'
4
+ version: '0.67'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brian Whitmer