mobile_id 0.0.11 → 0.0.12

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +1 -1
  4. data/lib/mobile_id/auth.rb +16 -3
  5. data/lib/mobile_id/cert.rb +16 -3
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fc57a99a52d432526c2e74e8ced2ebd7c0aaf3917e6b992cc9776ee0d881e84d
4
- data.tar.gz: 364768cc2e109000fff79db3fc8df4e2595c94bf643318586c1137044af85304
3
+ metadata.gz: b4176539bcbf710a8bf046e29e59ba85c61b3a74a9de1f5297fd054aa85fe7e6
4
+ data.tar.gz: b8fccf6b553ab081cde92ea6824d64b7b2486848478969e87d3b34b9bc66f4e5
5
5
  SHA512:
6
- metadata.gz: 854a34133201695dad18b9bed17e6cebb86e0744f12502848352b440105b215e6dfce163b4a6eaa62500cfd641a35819ded5008f0bec7bf7147d45446479432d
7
- data.tar.gz: 80ea7cf8136347623e7de3ad002f785e3f8f1624910af4dc27d1a615bbe2a2ed085132063c272aedf813e9e38e6926bcf2f3039debd4139068c0be7f5f165f1e
6
+ metadata.gz: 652482955ea58b873aa56772830b98f65225b9370d0deeedba926461fbec5e55b22f323c9c22ad6aa2f13819266025ae3b0c9c0b465729ef78367763e75f33f1
7
+ data.tar.gz: c0e552ef60413221b435120ee59267f261707c34a3246c74448ec2c519b7df4968ff51452b6003cc826fc425f209f68eae37a47d3af51a0ad6c9e4fe6aa38c42
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ Release 0.0.12
2
+ * Supports session RUNNING state
3
+ * Validate auth signature
4
+
1
5
  Release 0.0.11
2
6
  * Add more live SK certs
3
7
 
data/README.md CHANGED
@@ -113,6 +113,7 @@ After checking out the repo, run `bundle` to install dependencies. For testing c
113
113
 
114
114
  * Priit Tark
115
115
  * Andri Möll for pointing out user signature issue
116
+ * Juri Linkov for pointing out unpack method issue
116
117
 
117
118
  ## Contributing
118
119
 
@@ -120,7 +121,6 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/gitlab
120
121
 
121
122
  ## Roadmap
122
123
 
123
- * Auth signature validation
124
124
  * Document sign
125
125
  * Rails generators
126
126
 
data/lib/mobile_id/auth.rb CHANGED
@@ -82,11 +82,24 @@ module MobileId
82
82
  )
83
83
  end
84
84
 
85
- def long_poll!(session_id:, doc:)
85
+ def session_request(session_id)
86
86
  response = HTTParty.get(url + "/authentication/session/#{session_id}")
87
87
  raise Error, "#{I18n.t('mobile_id.some_error')} #{response.code} #{response}" if response.code != 200
88
+ response
89
+ end
90
+
91
+ def long_poll!(session_id:, doc:)
92
+ response = nil
93
+
94
+ # Retries until RUNNING state turns to COMPLETE
95
+ 30.times do |i|
96
+ response = session_request(session_id)
97
+ break if response['state'] == 'COMPLETE'
98
+ sleep 1
99
+ end
100
+ raise Error, "#{I18n.t('mobile_id.some_error')} #{response.code} #{response}" if response['state'] != 'COMPLETE'
88
101
 
89
- if response['state'] == 'COMPLETE' && response['result'] != 'OK'
102
+ if response['result'] != 'OK'
90
103
  message =
91
104
  case response['result']
92
105
  when "TIMEOUT"
@@ -104,7 +117,7 @@ module MobileId
104
117
  when "SIM_ERROR"
105
118
  I18n.t('mobile_id.sim_error')
106
119
  end
107
- raise Error, message
120
+ raise Error, message
108
121
  end
109
122
 
110
123
  @user_cert = MobileId::Cert.new(response['cert'], live: live)
data/lib/mobile_id/cert.rb CHANGED
@@ -65,10 +65,23 @@ module MobileId
65
65
  signature = Base64.decode64(signature_base64)
66
66
  digest = OpenSSL::Digest::SHA256.new(doc)
67
67
 
68
- # cert.public_key.verify(digest, signature, doc)
68
+ valid =
69
+ begin
70
+ cert.public_key.verify(digest, signature, doc)
71
+ rescue OpenSSL::PKey::PKeyError
72
+ der_signature = cvc_to_der(signature) # Probably signature is CVC encoded
73
+ cert.public_key.verify(digest, der_signature, doc)
74
+ end
75
+
76
+ raise Error, 'We could not verify user signature' unless valid
77
+ end
69
78
 
70
- # TODO OpenSSL does not parse signature correctly
71
- # OpenSSL::PKey::PKeyError: EVP_VerifyFinal: nested asn1 error
79
+ def cvc_to_der(cvc)
80
+ sign_hex = cvc.unpack('H*').first
81
+ half = sign_hex.size / 2
82
+ i = [OpenSSL::ASN1::Integer.new(sign_hex[0...half].to_i(16)), OpenSSL::ASN1::Integer.new(sign_hex[half..sign_hex.size].to_i(16))]
83
+ seq = OpenSSL::ASN1::Sequence.new(i)
84
+ seq.to_der
72
85
  end
73
86
 
74
87
  def given_name
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mobile_id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.11
4
+ version: 0.0.12
5
5
  platform: ruby
6
6
  authors:
7
7
  - Priit Tark
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-22 00:00:00.000000000 Z
11
+ date: 2020-10-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: httparty