norad_beacon 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 14e982822ee749402ff3bd736746133ffb7a4369
-  data.tar.gz: 7a186075cf787bbdf0b8a19fce1f4cac2d08b9a2
+  metadata.gz: d13c67f1371165cae9ca885c7573faf2e1f39fa0
+  data.tar.gz: 26752d82f9b15c9f2a8871ae4b9f412457e6d3dd
 SHA512:
-  metadata.gz: 996a5517ef20c314631e4c4f07e47a5534dd2fab78a7809a41aca682dd5158ff9f58a2acb15306e609fb7e3bf58e700a0dda3ae3a7d97f178b94e579fb29f86e
-  data.tar.gz: a01bb23b25b3293b4670c299f6e6d9d0f65c0c60f6786aa6b971cca1488be8320ca83e6326276ceb33b70b428983b4afd8b582aca366614351c80e92b4566c3f
+  metadata.gz: bbd5d5da22ab1905f6635b3fc893cb063b55ff3b886ffae1fa7baf557a3e63ac2eea9409116dd5f189c3b308569ef124b90b84efacf6fc75426fe3d52ccd9aa7
+  data.tar.gz: 7e312d7ce61eb84a25440653d1a1b3d1b76cfdb5d56582fb41d939f6a37ad4279e5169b7f931141e7b17519798db7dfe45e6c129409ff135b183a053263e22bf

data/.rubocop.yml

@@ -1,6 +1,10 @@
 AllCops:
   TargetRubyVersion: 2.3
+  DisplayCopNames: true
 Documentation:
   Enabled: false
 Metrics/LineLength:
   Max: 120
+Metrics/BlockLength:
+  Exclude:
+    - 'spec/**/*'

data/lib/norad_beacon/container_options.rb

@@ -18,14 +18,12 @@ module NoradBeacon
     # Reads encrypted credentials from disk, decrypts the
     # credentials, and loads and returns the YAML.
     # @return [Hash]
-    # rubocop:disable YAMLLoad
     def decrypt_and_load
       aes_key = load_key_from_env
-      symbolize YAML.load(decrypt_containers_file(aes_key))
+      symbolize YAML.safe_load(decrypt_containers_file(aes_key))
     rescue Psych::SyntaxError
       raise NoradBeaconError, e.message
     end
-    # rubocop:enable YAMLLoad
 
     # Load the Base64 encoded key from the environment
     # @return [String] AES Key

data/lib/norad_beacon/result.rb

@@ -1,8 +1,16 @@
 # frozen_string_literal: true
 require 'json'
+require 'openssl'
 
 module NoradBeacon
   class Result
+    attr_reader :nid, :sir, :status, :output, :title, :description, :signature
+
+    # I'm making both of these values constants to reinforce the idea that these values should
+    # *never* change. If they do, all ignore rules in the Norad database we'll be invalidated.
+    SIGNATURE_DIGEST = OpenSSL::Digest.new('sha256')
+    SIGNATURE_KEY = 'n0r4dRULES'
+
     # rubocop:disable ParameterLists
     def initialize(nid, status, output, title, description, sir = 'unevaluated')
       @nid = nid
@@ -11,12 +19,19 @@ module NoradBeacon
       @output = output
       @title = title
       @description = description
+      @signature = compute_signature
     end
     # rubocop:enable ParameterLists
 
     def to_json(*a)
       {
-        nid: @nid, sir: @sir, status: @status, output: @output, title: @title, description: @description
+        nid: nid,
+        sir: sir,
+        status: status,
+        output: output,
+        title: title,
+        description: description,
+        signature: signature
       }.to_json(*a)
     end
 
@@ -33,5 +48,10 @@ module NoradBeacon
         return 'unevaluated'
       end
     end
+
+    def compute_signature
+      result_for_signature = nid.to_s + title.to_s + status.to_s
+      OpenSSL::HMAC.hexdigest(SIGNATURE_DIGEST, SIGNATURE_KEY, result_for_signature)
+    end
   end
 end

data/lib/norad_beacon/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module NoradBeacon
-  VERSION = '0.1.1'
+  VERSION = '0.1.2'
 end

data/norad_beacon.gemspec

@@ -28,7 +28,8 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency 'bundler', '~> 1.10'
   spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'rubocop'
-  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rainbow', '~> 2.1.0' # There is a bug in rainbow 2.2.1
+  spec.add_development_dependency 'rubocop', '~> 0.47'
+  spec.add_development_dependency 'rspec', '~> 3.5'
   spec.add_development_dependency 'bundler-audit', '~> 0.5'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: norad_beacon
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Blake Hitchcock
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-01-17 00:00:00.000000000 Z
+date: 2017-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -82,34 +82,48 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rainbow
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.47'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.47'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.5'
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -177,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.9
 signing_key: 
 specification_version: 4
 summary: Gem to help with posting blackbox results to Norad.