pnthr 1.0.4 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/pnthr/version.rb +1 -1
- data/lib/pnthr.rb +30 -17
- data/spec/lib/pnthr_spec.rb +11 -14
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 04434ab1d26fcb4f2eea3082ec789e177c0248ac
|
|
4
|
+
data.tar.gz: 6734599fd650304bec4d9879529b927456fbd1b2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7399672726c051f6b3310066612e4f71507ab029d12f3d09a8b1a4d3d97b878814100d5f06102111b750c09883cc382c528a9187bcf2b62f0680df0dfaef8917
|
|
7
|
+
data.tar.gz: 61353c3355f10c40b4e74df3d283e2e92486d5f3b80d9b5ffb80cb56f725bcaf543ee369d4f55d119f3c862b4eea62ca250f3855bfada4df56c0eeb7a4e58c5e
|
data/lib/pnthr/version.rb
CHANGED
data/lib/pnthr.rb
CHANGED
|
@@ -4,7 +4,15 @@ require "net/http"
|
|
|
4
4
|
require "net/https"
|
|
5
5
|
require "base64"
|
|
6
6
|
|
|
7
|
+
#
|
|
8
|
+
# Pnthr Module
|
|
9
|
+
#
|
|
10
|
+
# + Needs initializer or config
|
|
11
|
+
#
|
|
7
12
|
module Pnthr
|
|
13
|
+
#
|
|
14
|
+
# Everything lives in the security class for now
|
|
15
|
+
#
|
|
8
16
|
class Security
|
|
9
17
|
|
|
10
18
|
attr_accessor :request, :cipher
|
|
@@ -27,10 +35,29 @@ module Pnthr
|
|
|
27
35
|
end
|
|
28
36
|
|
|
29
37
|
#
|
|
30
|
-
#
|
|
38
|
+
# Encrypt the payload, makes the request and returns the response
|
|
31
39
|
#
|
|
32
40
|
def roar(payload)
|
|
33
|
-
|
|
41
|
+
https = Net::HTTP.new(@request[:uri].host, @request[:uri].port)
|
|
42
|
+
https.use_ssl = @request[:ssl]
|
|
43
|
+
https.post(@request[:uri].path, cage(payload), { 'pnthr' => @request[:id] })
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
#
|
|
47
|
+
# Cage - Will make our payload without sending
|
|
48
|
+
#
|
|
49
|
+
def cage(payload)
|
|
50
|
+
Base64.encode64(encrypt(payload)).strip! + "-" + @request[:iv]
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
#
|
|
54
|
+
# Release - Will fully decrypt a payload to raw text
|
|
55
|
+
#
|
|
56
|
+
def release(payload, password)
|
|
57
|
+
part = payload.split('-')
|
|
58
|
+
|
|
59
|
+
level1 = decrypt(Base64.decode64(part[0]), @request[:secret], part[1])
|
|
60
|
+
decrypt(level1, Digest::MD5.hexdigest(password), part[1])
|
|
34
61
|
end
|
|
35
62
|
|
|
36
63
|
#
|
|
@@ -40,7 +67,6 @@ module Pnthr
|
|
|
40
67
|
# - CFB is used
|
|
41
68
|
#
|
|
42
69
|
# + Needs HMAC
|
|
43
|
-
# + Needs variable IV to be passed with request
|
|
44
70
|
#
|
|
45
71
|
def encrypt(data, key = nil, iv = nil)
|
|
46
72
|
key ||= @request[:secret]
|
|
@@ -56,8 +82,6 @@ module Pnthr
|
|
|
56
82
|
#
|
|
57
83
|
# Decrypt - Simple AES decryption
|
|
58
84
|
#
|
|
59
|
-
# + Needs to retrieve IV from the first layer
|
|
60
|
-
#
|
|
61
85
|
def decrypt(data, key = nil, iv = nil)
|
|
62
86
|
key ||= @request[:secret]
|
|
63
87
|
iv ||= @request[:iv]
|
|
@@ -66,18 +90,7 @@ module Pnthr
|
|
|
66
90
|
@cipher.key = key
|
|
67
91
|
@cipher.iv = iv
|
|
68
92
|
|
|
69
|
-
@cipher.update(
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
private
|
|
73
|
-
|
|
74
|
-
def make_request(payload)
|
|
75
|
-
https = Net::HTTP.new(@request[:uri].host, @request[:uri].port)
|
|
76
|
-
https.use_ssl = @request[:ssl]
|
|
77
|
-
|
|
78
|
-
package = Base64.encode64(payload).strip! + "-" + @request[:iv]
|
|
79
|
-
|
|
80
|
-
https.post(@request[:uri].path, package, { 'pnthr' => @request[:id] })
|
|
93
|
+
@cipher.update(data)
|
|
81
94
|
end
|
|
82
95
|
|
|
83
96
|
end
|
data/spec/lib/pnthr_spec.rb
CHANGED
|
@@ -5,8 +5,8 @@ describe Pnthr do
|
|
|
5
5
|
|
|
6
6
|
host_url = 'https://pnthr-api.herokuapp.com/'
|
|
7
7
|
ssl_on = true
|
|
8
|
-
app_id = '
|
|
9
|
-
app_secret = '
|
|
8
|
+
app_id = '536d49b86336350002000000'
|
|
9
|
+
app_secret = '15e0497a57c6340ccd81b74f0e5de1d7'
|
|
10
10
|
|
|
11
11
|
pnthr = Pnthr::Security.new(app_id, app_secret, url: host_url, ssl: ssl_on, iv: app_id[0..15])
|
|
12
12
|
response = pnthr.roar('this is a test')
|
|
@@ -52,24 +52,21 @@ describe Pnthr do
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
it "should respond with a predictable string" do
|
|
55
|
-
response.body.should eq '
|
|
55
|
+
response.body.should eq 'uUeZihDFPJ/Pm7k/HqA=-536d49b863363500'
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
it "should encrypt with a predictable string" do
|
|
59
59
|
test = Base64.encode64(pnthr.encrypt('this is a test')).strip! + "-#{app_id[0..15]}"
|
|
60
60
|
|
|
61
|
-
test.should eq '
|
|
61
|
+
test.should eq 'ynXLtC+JSE/ApHPT/PQ=-536d49b863363500'
|
|
62
62
|
end
|
|
63
63
|
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
# it "should fail authentication" do
|
|
72
|
-
# cortera.get({:params => {name: "Arrae", city: "Denver", state: "CO"}})["ReportResult"]["Status"].should eq 401
|
|
73
|
-
# end
|
|
64
|
+
it "should cage with a predictable string" do
|
|
65
|
+
pnthr.cage('this is a test').should eq 'ynXLtC+JSE/ApHPT/PQ=-536d49b863363500'
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
it "should release with a predictable string" do
|
|
69
|
+
pnthr.release('uUeZihDFPJ/Pm7k/HqA=-536d49b863363500', 'testes123').should eq 'this is a test'
|
|
70
|
+
end
|
|
74
71
|
|
|
75
72
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pnthr
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Clay McIlrath
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-05-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|