mobile_id 0.0.5 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +15 -0
  3. data/lib/mobile_id/auth.rb +5 -5
  4. data/lib/mobile_id/cert.rb +20 -11
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5a39f8c3482b16724603fe8f0d104e9cab10e154be69a30a81cf2cec0b5cfc33
4
- data.tar.gz: 3a96e0f7adae83b23d357bc3ab17dffbf921e66e8f2b422830226f56c67654aa
3
+ metadata.gz: 767c9aaf0c78977780884eddd2fbe57198997c3db605953bf1b908f520ae4629
4
+ data.tar.gz: babe39c29111e4b2255e35f2687692ce4c9c4d7a13c4d80f6ebd85962f80165d
5
5
  SHA512:
6
- metadata.gz: 8bacbcf4ddd115634ced32037fd54f2f0109cf9329a75f1c4525ce337c65bcf197fe942cf9ba7ce0e3fe2a148eb1937c3b262ce365eb44656a88f51fee66df31
7
- data.tar.gz: 65e6235749c5017fc3b263a95d0d6aa18c399a49b511dd35f6bfdbc58ecddb151374e3cac3f23b7a13cfda54856da19197ac5128244923961ba0c9faf76d9473
6
+ metadata.gz: ee9c28389f3b3c06de013c6dc637a3a3bbd5411303dd65dbe92fdf2b0bd468b3a8403b5734338ce78879f13b73262497315945b9f443c09eb15c55679ac8c595
7
+ data.tar.gz: e76de10eac908181f628d30728f24378306df13aff38a4da086735c2f84e78f2d8373c20b55a5f74fe3f6c8ca6adca2bfd4ab3e638de50f313b40a6d08c8108b
data/CHANGELOG.md CHANGED
@@ -1,3 +1,18 @@
1
+ Release 0.0.10
2
+ * Allow live certs verification in test env
3
+
4
+ Release 0.0.9
5
+ * Fixed verification code
6
+
7
+ Release 0.0.8
8
+ * Release cleanup
9
+
10
+ Release 0.0.7
11
+ * Cert cleanup
12
+
13
+ Release 0.0.6
14
+ * Cert path fix
15
+
1
16
  Release 0.0.5
2
17
  * Added user certificate validation
3
18
 
data/lib/mobile_id/auth.rb CHANGED
@@ -16,13 +16,12 @@ module MobileId
16
16
  self.uuid = live == true ? uuid : TEST_UUID
17
17
  self.name = live == true ? name : TEST_NAME
18
18
  self.live = live
19
- init_doc(SecureRandom.uuid)
19
+ init_doc(SecureRandom.hex(40))
20
20
  end
21
21
 
22
22
  def init_doc(doc)
23
23
  self.doc = doc
24
-
25
- self.hash = Digest::SHA256.base64digest(self.doc)
24
+ self.hash = Digest::SHA256.digest(doc)
26
25
  end
27
26
 
28
27
  def authenticate!(phone_calling_code: nil, phone:, personal_code:, language: nil, display_text: nil)
@@ -51,7 +50,7 @@ module MobileId
51
50
  relyingPartyName: name,
52
51
  phoneNumber: full_phone.to_s.strip,
53
52
  nationalIdentityNumber: personal_code.to_s.strip,
54
- hash: hash,
53
+ hash: Base64.strict_encode64(hash),
55
54
  hashType: 'SHA256',
56
55
  language: language,
57
56
  displayText: display_text,
@@ -114,7 +113,8 @@ module MobileId
114
113
  end
115
114
 
116
115
  def verification_code
117
- format("%04d", (Digest::SHA2.new(256).digest(Base64.decode64(hash))[-2..-1].unpack1('n') % 10000))
116
+ binary = hash.unpack('B*').first
117
+ "%04d" % (binary[0...6] + binary[-7..-1]).to_i(2)
118
118
  end
119
119
 
120
120
  def given_name
data/lib/mobile_id/cert.rb CHANGED
@@ -4,22 +4,22 @@ module MobileId
4
4
  class Cert
5
5
  class << self
6
6
  def root_path
7
- @root_path ||= (File.expand_path('lib/mobile_id/certs/') + '/')
7
+ @root_path ||= File.expand_path('certs', __dir__)
8
8
  end
9
9
 
10
10
  def live_store
11
11
  @live_store ||=
12
12
  build_store([
13
- root_path + 'EE_Certification_Centre_Root_CA.pem.crt',
14
- root_path + 'ESTEID-SK_2015.pem.crt'
13
+ File.join(root_path, 'EE_Certification_Centre_Root_CA.pem.crt'),
14
+ File.join(root_path, 'ESTEID-SK_2015.pem.crt')
15
15
  ])
16
16
  end
17
17
 
18
18
  def test_store
19
19
  @test_store ||=
20
20
  build_store([
21
- root_path + 'TEST_of_EE_Certification_Centre_Root_CA.pem.crt',
22
- root_path + 'TEST_of_ESTEID-SK_2015.pem.crt'
21
+ File.join(root_path, 'TEST_of_EE_Certification_Centre_Root_CA.pem.crt'),
22
+ File.join(root_path, 'TEST_of_ESTEID-SK_2015.pem.crt')
23
23
  ])
24
24
  end
25
25
 
@@ -39,17 +39,26 @@ module MobileId
39
39
  end
40
40
 
41
41
  def verify!(cert, live:)
42
- store = live == true ? self.class.live_store : self.class.test_store
43
- raise Error, 'User certificate is not valid' unless store.verify(cert)
44
- raise Error, 'User certificate is not valid' unless cert.public_key.check_key
42
+ if live == true
43
+ raise Error, 'User certificate is not valid' unless self.class.live_store.verify(cert)
44
+ else
45
+ raise Error, 'User certificate is not valid' unless self.class.test_store.verify(cert) || self.class.live_store.verify(cert)
46
+ end
47
+
48
+ raise Error, 'User certificate is not valid [check_key]' unless cert.public_key.check_key
45
49
  raise Error, 'User certificate is expired' unless (cert.not_before..cert.not_after) === Time.now
46
50
 
47
51
  true
48
52
  end
49
53
 
50
- def verify_signature!(signature, doc)
51
- # TODO OpenSSL does not parse signature
52
- # cert.public_key.verify(OpenSSL::Digest::SHA256.new, signature, doc)
54
+ def verify_signature!(signature_base64, doc)
55
+ signature = Base64.decode64(signature_base64)
56
+ digest = OpenSSL::Digest::SHA256.new(doc)
57
+
58
+ # cert.public_key.verify(digest, signature, doc)
59
+
60
+ # TODO OpenSSL does not parse signature correctly
61
+ # OpenSSL::PKey::PKeyError: EVP_VerifyFinal: nested asn1 error
53
62
  end
54
63
 
55
64
  def given_name
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mobile_id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Priit Tark