mobile_id 0.0.5 → 0.0.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +15 -0
  3. data/lib/mobile_id/auth.rb +5 -5
  4. data/lib/mobile_id/cert.rb +20 -11
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5a39f8c3482b16724603fe8f0d104e9cab10e154be69a30a81cf2cec0b5cfc33
4
- data.tar.gz: 3a96e0f7adae83b23d357bc3ab17dffbf921e66e8f2b422830226f56c67654aa
3
+ metadata.gz: 767c9aaf0c78977780884eddd2fbe57198997c3db605953bf1b908f520ae4629
4
+ data.tar.gz: babe39c29111e4b2255e35f2687692ce4c9c4d7a13c4d80f6ebd85962f80165d
5
5
  SHA512:
6
- metadata.gz: 8bacbcf4ddd115634ced32037fd54f2f0109cf9329a75f1c4525ce337c65bcf197fe942cf9ba7ce0e3fe2a148eb1937c3b262ce365eb44656a88f51fee66df31
7
- data.tar.gz: 65e6235749c5017fc3b263a95d0d6aa18c399a49b511dd35f6bfdbc58ecddb151374e3cac3f23b7a13cfda54856da19197ac5128244923961ba0c9faf76d9473
6
+ metadata.gz: ee9c28389f3b3c06de013c6dc637a3a3bbd5411303dd65dbe92fdf2b0bd468b3a8403b5734338ce78879f13b73262497315945b9f443c09eb15c55679ac8c595
7
+ data.tar.gz: e76de10eac908181f628d30728f24378306df13aff38a4da086735c2f84e78f2d8373c20b55a5f74fe3f6c8ca6adca2bfd4ab3e638de50f313b40a6d08c8108b
data/CHANGELOG.md CHANGED
@@ -1,3 +1,18 @@
1
+ Release 0.0.10
2
+ * Allow live certs verification in test env
3
+
4
+ Release 0.0.9
5
+ * Fixed verification code
6
+
7
+ Release 0.0.8
8
+ * Release cleanup
9
+
10
+ Release 0.0.7
11
+ * Cert cleanup
12
+
13
+ Release 0.0.6
14
+ * Cert path fix
15
+
1
16
  Release 0.0.5
2
17
  * Added user certificate validation
3
18
 
data/lib/mobile_id/auth.rb CHANGED
@@ -16,13 +16,12 @@ module MobileId
16
16
  self.uuid = live == true ? uuid : TEST_UUID
17
17
  self.name = live == true ? name : TEST_NAME
18
18
  self.live = live
19
- init_doc(SecureRandom.uuid)
19
+ init_doc(SecureRandom.hex(40))
20
20
  end
21
21
 
22
22
  def init_doc(doc)
23
23
  self.doc = doc
24
-
25
- self.hash = Digest::SHA256.base64digest(self.doc)
24
+ self.hash = Digest::SHA256.digest(doc)
26
25
  end
27
26
 
28
27
  def authenticate!(phone_calling_code: nil, phone:, personal_code:, language: nil, display_text: nil)
@@ -51,7 +50,7 @@ module MobileId
51
50
  relyingPartyName: name,
52
51
  phoneNumber: full_phone.to_s.strip,
53
52
  nationalIdentityNumber: personal_code.to_s.strip,
54
- hash: hash,
53
+ hash: Base64.strict_encode64(hash),
55
54
  hashType: 'SHA256',
56
55
  language: language,
57
56
  displayText: display_text,
@@ -114,7 +113,8 @@ module MobileId
114
113
  end
115
114
 
116
115
  def verification_code
117
- format("%04d", (Digest::SHA2.new(256).digest(Base64.decode64(hash))[-2..-1].unpack1('n') % 10000))
116
+ binary = hash.unpack('B*').first
117
+ "%04d" % (binary[0...6] + binary[-7..-1]).to_i(2)
118
118
  end
119
119
 
120
120
  def given_name
data/lib/mobile_id/cert.rb CHANGED
@@ -4,22 +4,22 @@ module MobileId
4
4
  class Cert
5
5
  class << self
6
6
  def root_path
7
- @root_path ||= (File.expand_path('lib/mobile_id/certs/') + '/')
7
+ @root_path ||= File.expand_path('certs', __dir__)
8
8
  end
9
9
 
10
10
  def live_store
11
11
  @live_store ||=
12
12
  build_store([
13
- root_path + 'EE_Certification_Centre_Root_CA.pem.crt',
14
- root_path + 'ESTEID-SK_2015.pem.crt'
13
+ File.join(root_path, 'EE_Certification_Centre_Root_CA.pem.crt'),
14
+ File.join(root_path, 'ESTEID-SK_2015.pem.crt')
15
15
  ])
16
16
  end
17
17
 
18
18
  def test_store
19
19
  @test_store ||=
20
20
  build_store([
21
- root_path + 'TEST_of_EE_Certification_Centre_Root_CA.pem.crt',
22
- root_path + 'TEST_of_ESTEID-SK_2015.pem.crt'
21
+ File.join(root_path, 'TEST_of_EE_Certification_Centre_Root_CA.pem.crt'),
22
+ File.join(root_path, 'TEST_of_ESTEID-SK_2015.pem.crt')
23
23
  ])
24
24
  end
25
25
 
@@ -39,17 +39,26 @@ module MobileId
39
39
  end
40
40
 
41
41
  def verify!(cert, live:)
42
- store = live == true ? self.class.live_store : self.class.test_store
43
- raise Error, 'User certificate is not valid' unless store.verify(cert)
44
- raise Error, 'User certificate is not valid' unless cert.public_key.check_key
42
+ if live == true
43
+ raise Error, 'User certificate is not valid' unless self.class.live_store.verify(cert)
44
+ else
45
+ raise Error, 'User certificate is not valid' unless self.class.test_store.verify(cert) || self.class.live_store.verify(cert)
46
+ end
47
+
48
+ raise Error, 'User certificate is not valid [check_key]' unless cert.public_key.check_key
45
49
  raise Error, 'User certificate is expired' unless (cert.not_before..cert.not_after) === Time.now
46
50
 
47
51
  true
48
52
  end
49
53
 
50
- def verify_signature!(signature, doc)
51
- # TODO OpenSSL does not parse signature
52
- # cert.public_key.verify(OpenSSL::Digest::SHA256.new, signature, doc)
54
+ def verify_signature!(signature_base64, doc)
55
+ signature = Base64.decode64(signature_base64)
56
+ digest = OpenSSL::Digest::SHA256.new(doc)
57
+
58
+ # cert.public_key.verify(digest, signature, doc)
59
+
60
+ # TODO OpenSSL does not parse signature correctly
61
+ # OpenSSL::PKey::PKeyError: EVP_VerifyFinal: nested asn1 error
53
62
  end
54
63
 
55
64
  def given_name
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mobile_id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Priit Tark