pnthr 1.0.4 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/pnthr/version.rb +1 -1
- data/lib/pnthr.rb +30 -17
- data/spec/lib/pnthr_spec.rb +11 -14
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 04434ab1d26fcb4f2eea3082ec789e177c0248ac
|
|
4
|
+
data.tar.gz: 6734599fd650304bec4d9879529b927456fbd1b2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7399672726c051f6b3310066612e4f71507ab029d12f3d09a8b1a4d3d97b878814100d5f06102111b750c09883cc382c528a9187bcf2b62f0680df0dfaef8917
|
|
7
|
+
data.tar.gz: 61353c3355f10c40b4e74df3d283e2e92486d5f3b80d9b5ffb80cb56f725bcaf543ee369d4f55d119f3c862b4eea62ca250f3855bfada4df56c0eeb7a4e58c5e
|
data/lib/pnthr/version.rb
CHANGED
data/lib/pnthr.rb
CHANGED
|
@@ -4,7 +4,15 @@ require "net/http"
|
|
|
4
4
|
require "net/https"
|
|
5
5
|
require "base64"
|
|
6
6
|
|
|
7
|
+
#
|
|
8
|
+
# Pnthr Module
|
|
9
|
+
#
|
|
10
|
+
# + Needs initializer or config
|
|
11
|
+
#
|
|
7
12
|
module Pnthr
|
|
13
|
+
#
|
|
14
|
+
# Everything lives in the security class for now
|
|
15
|
+
#
|
|
8
16
|
class Security
|
|
9
17
|
|
|
10
18
|
attr_accessor :request, :cipher
|
|
@@ -27,10 +35,29 @@ module Pnthr
|
|
|
27
35
|
end
|
|
28
36
|
|
|
29
37
|
#
|
|
30
|
-
#
|
|
38
|
+
# Encrypt the payload, makes the request and returns the response
|
|
31
39
|
#
|
|
32
40
|
def roar(payload)
|
|
33
|
-
|
|
41
|
+
https = Net::HTTP.new(@request[:uri].host, @request[:uri].port)
|
|
42
|
+
https.use_ssl = @request[:ssl]
|
|
43
|
+
https.post(@request[:uri].path, cage(payload), { 'pnthr' => @request[:id] })
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
#
|
|
47
|
+
# Cage - Will make our payload without sending
|
|
48
|
+
#
|
|
49
|
+
def cage(payload)
|
|
50
|
+
Base64.encode64(encrypt(payload)).strip! + "-" + @request[:iv]
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
#
|
|
54
|
+
# Release - Will fully decrypt a payload to raw text
|
|
55
|
+
#
|
|
56
|
+
def release(payload, password)
|
|
57
|
+
part = payload.split('-')
|
|
58
|
+
|
|
59
|
+
level1 = decrypt(Base64.decode64(part[0]), @request[:secret], part[1])
|
|
60
|
+
decrypt(level1, Digest::MD5.hexdigest(password), part[1])
|
|
34
61
|
end
|
|
35
62
|
|
|
36
63
|
#
|
|
@@ -40,7 +67,6 @@ module Pnthr
|
|
|
40
67
|
# - CFB is used
|
|
41
68
|
#
|
|
42
69
|
# + Needs HMAC
|
|
43
|
-
# + Needs variable IV to be passed with request
|
|
44
70
|
#
|
|
45
71
|
def encrypt(data, key = nil, iv = nil)
|
|
46
72
|
key ||= @request[:secret]
|
|
@@ -56,8 +82,6 @@ module Pnthr
|
|
|
56
82
|
#
|
|
57
83
|
# Decrypt - Simple AES decryption
|
|
58
84
|
#
|
|
59
|
-
# + Needs to retrieve IV from the first layer
|
|
60
|
-
#
|
|
61
85
|
def decrypt(data, key = nil, iv = nil)
|
|
62
86
|
key ||= @request[:secret]
|
|
63
87
|
iv ||= @request[:iv]
|
|
@@ -66,18 +90,7 @@ module Pnthr
|
|
|
66
90
|
@cipher.key = key
|
|
67
91
|
@cipher.iv = iv
|
|
68
92
|
|
|
69
|
-
@cipher.update(
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
private
|
|
73
|
-
|
|
74
|
-
def make_request(payload)
|
|
75
|
-
https = Net::HTTP.new(@request[:uri].host, @request[:uri].port)
|
|
76
|
-
https.use_ssl = @request[:ssl]
|
|
77
|
-
|
|
78
|
-
package = Base64.encode64(payload).strip! + "-" + @request[:iv]
|
|
79
|
-
|
|
80
|
-
https.post(@request[:uri].path, package, { 'pnthr' => @request[:id] })
|
|
93
|
+
@cipher.update(data)
|
|
81
94
|
end
|
|
82
95
|
|
|
83
96
|
end
|
data/spec/lib/pnthr_spec.rb
CHANGED
|
@@ -5,8 +5,8 @@ describe Pnthr do
|
|
|
5
5
|
|
|
6
6
|
host_url = 'https://pnthr-api.herokuapp.com/'
|
|
7
7
|
ssl_on = true
|
|
8
|
-
app_id = '
|
|
9
|
-
app_secret = '
|
|
8
|
+
app_id = '536d49b86336350002000000'
|
|
9
|
+
app_secret = '15e0497a57c6340ccd81b74f0e5de1d7'
|
|
10
10
|
|
|
11
11
|
pnthr = Pnthr::Security.new(app_id, app_secret, url: host_url, ssl: ssl_on, iv: app_id[0..15])
|
|
12
12
|
response = pnthr.roar('this is a test')
|
|
@@ -52,24 +52,21 @@ describe Pnthr do
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
it "should respond with a predictable string" do
|
|
55
|
-
response.body.should eq '
|
|
55
|
+
response.body.should eq 'uUeZihDFPJ/Pm7k/HqA=-536d49b863363500'
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
it "should encrypt with a predictable string" do
|
|
59
59
|
test = Base64.encode64(pnthr.encrypt('this is a test')).strip! + "-#{app_id[0..15]}"
|
|
60
60
|
|
|
61
|
-
test.should eq '
|
|
61
|
+
test.should eq 'ynXLtC+JSE/ApHPT/PQ=-536d49b863363500'
|
|
62
62
|
end
|
|
63
63
|
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
# it "should fail authentication" do
|
|
72
|
-
# cortera.get({:params => {name: "Arrae", city: "Denver", state: "CO"}})["ReportResult"]["Status"].should eq 401
|
|
73
|
-
# end
|
|
64
|
+
it "should cage with a predictable string" do
|
|
65
|
+
pnthr.cage('this is a test').should eq 'ynXLtC+JSE/ApHPT/PQ=-536d49b863363500'
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
it "should release with a predictable string" do
|
|
69
|
+
pnthr.release('uUeZihDFPJ/Pm7k/HqA=-536d49b863363500', 'testes123').should eq 'this is a test'
|
|
70
|
+
end
|
|
74
71
|
|
|
75
72
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pnthr
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Clay McIlrath
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-05-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|