pubnub 5.2.1 → 5.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/CODEOWNERS +2 -2
- data/.github/workflows/commands-handler.yml +18 -2
- data/.github/workflows/run-tests.yml +27 -17
- data/.github/workflows/run-validations.yml +12 -2
- data/.pubnub.yml +20 -4
- data/.tool-versions +1 -1
- data/CHANGELOG.md +15 -0
- data/Gemfile +1 -1
- data/Gemfile.lock +6 -6
- data/LICENSE +29 -0
- data/README.md +1 -1
- data/VERSION +1 -1
- data/features/step_definitions/access_steps.rb +0 -2
- data/features/step_definitions/crypto_steps.rb +99 -0
- data/features/support/cryptor.rb +58 -0
- data/features/support/hooks.rb +0 -1
- data/lib/pubnub/client.rb +30 -1
- data/lib/pubnub/error.rb +3 -0
- data/lib/pubnub/event.rb +13 -5
- data/lib/pubnub/events/add_message_action.rb +2 -2
- data/lib/pubnub/events/get_message_actions.rb +1 -1
- data/lib/pubnub/events/grant_token.rb +1 -1
- data/lib/pubnub/events/history.rb +18 -6
- data/lib/pubnub/events/publish.rb +7 -3
- data/lib/pubnub/events/remove_channel_members.rb +3 -3
- data/lib/pubnub/events/remove_channel_metadata.rb +1 -1
- data/lib/pubnub/events/remove_memberships.rb +3 -3
- data/lib/pubnub/events/remove_uuid_metadata.rb +1 -1
- data/lib/pubnub/events/set_channel_members.rb +3 -3
- data/lib/pubnub/events/set_channel_metadata.rb +2 -2
- data/lib/pubnub/events/set_memberships.rb +3 -3
- data/lib/pubnub/events/set_uuid_metadata.rb +2 -2
- data/lib/pubnub/events/signal.rb +1 -1
- data/lib/pubnub/events/subscribe.rb +5 -0
- data/lib/pubnub/formatter.rb +22 -11
- data/lib/pubnub/modules/crypto/crypto_module.rb +159 -0
- data/lib/pubnub/modules/crypto/crypto_provider.rb +31 -0
- data/lib/pubnub/modules/crypto/cryptor.rb +73 -0
- data/lib/pubnub/modules/crypto/cryptor_header.rb +251 -0
- data/lib/pubnub/modules/crypto/cryptors/aes_cbc_cryptor.rb +67 -0
- data/lib/pubnub/modules/crypto/cryptors/legacy_cryptor.rb +84 -0
- data/lib/pubnub/modules/crypto/module.rb +8 -0
- data/lib/pubnub/subscribe_event/formatter.rb +8 -8
- data/lib/pubnub/version.rb +1 -1
- data/pubnub.gemspec +2 -2
- metadata +16 -5
- data/LICENSE.txt +0 -30
- data/lib/pubnub/crypto.rb +0 -70
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 462fba219738d96faf8a4984d3f53b310ff31fbeef92425ad0899684332defcb
|
4
|
+
data.tar.gz: 0bafd18ad8f8e25cae5adb1ed928c05deaf0169843b52f69d157a6aa025c3bba
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 13555fb9e8a66671c1ecf1695c0574d5d3f358fb9f49231b4576129b9066e6bdbf525d3b544e7e41df16aa4636702fc09c0f938b10022282a6ae69e022f2b19a
|
7
|
+
data.tar.gz: 3ac98cfaa05a5394eec25e60cf83fffe6d441e7cb8bc964bd4c6ffaea29080ef05191c5a98bbee015a0f84a5ae0bc0001670feb3d6a5a26df776f62557a555b6
|
data/.github/CODEOWNERS
CHANGED
@@ -1,3 +1,3 @@
|
|
1
|
-
* @parfeon @
|
2
|
-
.github/* @parfeon @
|
1
|
+
* @parfeon @MikeDobrzan @kleewho @seba-aln
|
2
|
+
.github/* @parfeon @MikeDobrzan @kleewho @seba-aln
|
3
3
|
README.md @techwritermat @kazydek
|
@@ -3,16 +3,31 @@ name: Commands processor
|
|
3
3
|
on:
|
4
4
|
issue_comment:
|
5
5
|
types: [created]
|
6
|
+
defaults:
|
7
|
+
run:
|
8
|
+
shell: bash
|
6
9
|
|
7
10
|
jobs:
|
8
11
|
process:
|
9
12
|
name: Process command
|
10
|
-
if:
|
13
|
+
if: github.event.issue.pull_request && endsWith(github.repository, '-private') != true
|
11
14
|
runs-on: ubuntu-latest
|
12
15
|
steps:
|
16
|
+
- name: Check referred user
|
17
|
+
id: user-check
|
18
|
+
env:
|
19
|
+
CLEN_BOT: ${{ secrets.CLEN_BOT }}
|
20
|
+
run: echo "expected-user=${{ startsWith(github.event.comment.body, format('@{0} ', env.CLEN_BOT)) }}" >> $GITHUB_OUTPUT
|
21
|
+
- name: Regular comment
|
22
|
+
if: steps.user-check.outputs.expected-user != 'true'
|
23
|
+
run: echo -e "\033[38;2;19;181;255mThis is regular commit which should be ignored.\033[0m"
|
13
24
|
- name: Checkout repository
|
25
|
+
if: steps.user-check.outputs.expected-user == 'true'
|
14
26
|
uses: actions/checkout@v3
|
27
|
+
with:
|
28
|
+
token: ${{ secrets.GH_TOKEN }}
|
15
29
|
- name: Checkout release actions
|
30
|
+
if: steps.user-check.outputs.expected-user == 'true'
|
16
31
|
uses: actions/checkout@v3
|
17
32
|
with:
|
18
33
|
repository: pubnub/client-engineering-deployment-tools
|
@@ -20,8 +35,9 @@ jobs:
|
|
20
35
|
token: ${{ secrets.GH_TOKEN }}
|
21
36
|
path: .github/.release/actions
|
22
37
|
- name: Process changelog entries
|
38
|
+
if: steps.user-check.outputs.expected-user == 'true'
|
23
39
|
uses: ./.github/.release/actions/actions/commands
|
24
40
|
with:
|
25
41
|
token: ${{ secrets.GH_TOKEN }}
|
26
42
|
listener: ${{ secrets.CLEN_BOT }}
|
27
|
-
jira-api-key: ${{ secrets.JIRA_API_KEY }}
|
43
|
+
jira-api-key: ${{ secrets.JIRA_API_KEY }}
|
@@ -15,33 +15,33 @@ jobs:
|
|
15
15
|
tests:
|
16
16
|
name: Integration and Unit tests
|
17
17
|
runs-on: ubuntu-latest
|
18
|
+
strategy:
|
19
|
+
fail-fast: true
|
20
|
+
matrix:
|
21
|
+
ruby: [2.5.8, 2.6.6, 2.7.1]
|
18
22
|
steps:
|
19
23
|
- name: Checkout repository
|
20
24
|
uses: actions/checkout@v3
|
21
25
|
with:
|
22
26
|
token: ${{ secrets.GH_TOKEN }}
|
23
|
-
- name:
|
24
|
-
uses:
|
25
|
-
with:
|
26
|
-
ruby-version: 2.5.8
|
27
|
-
bundler-cache: true
|
28
|
-
- name: Build and run tests for Ruby 2.5.8
|
29
|
-
run: bundle exec rspec
|
30
|
-
- name: Setup Ruby 2.6.6
|
31
|
-
uses: ruby/setup-ruby@v1
|
27
|
+
- name: Checkout actions
|
28
|
+
uses: actions/checkout@v3
|
32
29
|
with:
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
- name: Setup Ruby
|
30
|
+
repository: pubnub/client-engineering-deployment-tools
|
31
|
+
ref: v1
|
32
|
+
token: ${{ secrets.GH_TOKEN }}
|
33
|
+
path: .github/.release/actions
|
34
|
+
- name: Setup Ruby ${{ matrix.ruby }}
|
38
35
|
uses: ruby/setup-ruby@v1
|
39
36
|
with:
|
40
|
-
ruby-version:
|
37
|
+
ruby-version: ${{ matrix.ruby }}
|
41
38
|
bundler-cache: true
|
42
|
-
- name: Build and run tests for Ruby
|
39
|
+
- name: Build and run tests for Ruby ${{ matrix.ruby }}
|
43
40
|
run: bundle exec rspec
|
44
|
-
|
41
|
+
- name: Cancel workflow runs for commit on error
|
42
|
+
if: failure()
|
43
|
+
uses: ./.github/.release/actions/actions/utils/fast-jobs-failure
|
44
|
+
acceptance-tests:
|
45
45
|
name: Acceptance tests
|
46
46
|
runs-on: ubuntu-latest
|
47
47
|
steps:
|
@@ -83,3 +83,13 @@ jobs:
|
|
83
83
|
main.xml
|
84
84
|
beta.xml
|
85
85
|
retention-days: 7
|
86
|
+
- name: Cancel workflow runs for commit on error
|
87
|
+
if: failure()
|
88
|
+
uses: ./.github/.release/actions/actions/utils/fast-jobs-failure
|
89
|
+
all-tests:
|
90
|
+
name: Tests
|
91
|
+
runs-on: ubuntu-latest
|
92
|
+
needs: [tests, acceptance-tests]
|
93
|
+
steps:
|
94
|
+
- name: Tests summary
|
95
|
+
run: echo -e "\033[38;2;95;215;0m\033[1mAll tests successfully passed"
|
@@ -3,7 +3,7 @@ name: Validations
|
|
3
3
|
on: [push]
|
4
4
|
|
5
5
|
jobs:
|
6
|
-
|
6
|
+
pubnub-yml:
|
7
7
|
name: "Validate .pubnub.yml"
|
8
8
|
runs-on: ubuntu-latest
|
9
9
|
steps:
|
@@ -19,4 +19,14 @@ jobs:
|
|
19
19
|
- name: "Run '.pubnub.yml' file validation"
|
20
20
|
uses: ./.github/.release/actions/actions/validators/pubnub-yml
|
21
21
|
with:
|
22
|
-
token: ${{ secrets.GH_TOKEN }}
|
22
|
+
token: ${{ secrets.GH_TOKEN }}
|
23
|
+
- name: Cancel workflow runs for commit on error
|
24
|
+
if: failure()
|
25
|
+
uses: ./.github/.release/actions/actions/utils/fast-jobs-failure
|
26
|
+
all-validations:
|
27
|
+
name: Validations
|
28
|
+
runs-on: ubuntu-latest
|
29
|
+
needs: [pubnub-yml]
|
30
|
+
steps:
|
31
|
+
- name: Validations summary
|
32
|
+
run: echo -e "\033[38;2;95;215;0m\033[1mAll validations passed"
|
data/.pubnub.yml
CHANGED
@@ -1,6 +1,18 @@
|
|
1
1
|
---
|
2
|
-
version: "5.
|
2
|
+
version: "5.3.0"
|
3
3
|
changelog:
|
4
|
+
- date: 2023-10-16
|
5
|
+
version: v5.3.0
|
6
|
+
changes:
|
7
|
+
- type: feature
|
8
|
+
text: "Add crypto module that allows to configure SDK to encrypt and decrypt messages."
|
9
|
+
- type: bug
|
10
|
+
text: "Improved security of crypto implementation by adding enhanced AES-CBC cryptor."
|
11
|
+
- date: 2023-03-14
|
12
|
+
version: v5.2.2
|
13
|
+
changes:
|
14
|
+
- type: bug
|
15
|
+
text: "Fix issue which raised an exception when PubNub client has been configured with a secret key."
|
4
16
|
- date: 2022-12-13
|
5
17
|
version: v5.2.1
|
6
18
|
changes:
|
@@ -451,6 +463,10 @@ features:
|
|
451
463
|
- CHANNEL-GROUPS-REMOVE-CHANNELS
|
452
464
|
- CHANNEL-GROUPS-REMOVE-GROUPS
|
453
465
|
- CHANNEL-GROUPS-LIST-CHANNELS-IN-GROUP
|
466
|
+
message-actions:
|
467
|
+
- MESSAGE-ACTIONS-GET
|
468
|
+
- MESSAGE-ACTIONS-ADD
|
469
|
+
- MESSAGE-ACTIONS-REMOVE
|
454
470
|
notify:
|
455
471
|
- REQUEST-MESSAGE-COUNT-EXCEEDED
|
456
472
|
presence:
|
@@ -654,7 +670,7 @@ sdks:
|
|
654
670
|
- x86-64
|
655
671
|
- distribution-type: package
|
656
672
|
distribution-repository: RubyGems
|
657
|
-
package-name: pubnub-5.
|
673
|
+
package-name: pubnub-5.3.0.gem
|
658
674
|
location: https://rubygems.org/gems/pubnub
|
659
675
|
requires:
|
660
676
|
- name: addressable
|
@@ -759,8 +775,8 @@ sdks:
|
|
759
775
|
- x86-64
|
760
776
|
- distribution-type: library
|
761
777
|
distribution-repository: GitHub release
|
762
|
-
package-name: pubnub-5.
|
763
|
-
location: https://github.com/pubnub/ruby/releases/download/v5.
|
778
|
+
package-name: pubnub-5.3.0.gem
|
779
|
+
location: https://github.com/pubnub/ruby/releases/download/v5.3.0/pubnub-5.3.0.gem
|
764
780
|
requires:
|
765
781
|
- name: addressable
|
766
782
|
min-version: 2.0.0
|
data/.tool-versions
CHANGED
@@ -1 +1 @@
|
|
1
|
-
ruby
|
1
|
+
ruby 3.2.2
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,18 @@
|
|
1
|
+
## v5.3.0
|
2
|
+
October 16 2023
|
3
|
+
|
4
|
+
#### Added
|
5
|
+
- Add crypto module that allows to configure SDK to encrypt and decrypt messages.
|
6
|
+
|
7
|
+
#### Fixed
|
8
|
+
- Improved security of crypto implementation by adding enhanced AES-CBC cryptor.
|
9
|
+
|
10
|
+
## v5.2.2
|
11
|
+
March 14 2023
|
12
|
+
|
13
|
+
#### Fixed
|
14
|
+
- Fix issue which raised an exception when PubNub client has been configured with a secret key.
|
15
|
+
|
1
16
|
## v5.2.1
|
2
17
|
December 13 2022
|
3
18
|
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
pubnub (5.
|
4
|
+
pubnub (5.3.0)
|
5
5
|
addressable (>= 2.0.0)
|
6
6
|
concurrent-ruby (~> 1.1.5)
|
7
7
|
concurrent-ruby-edge (~> 0.5.0)
|
@@ -100,8 +100,8 @@ GEM
|
|
100
100
|
dry-equalizer (~> 0.2)
|
101
101
|
dry-initializer (~> 3.0)
|
102
102
|
dry-schema (~> 1.5)
|
103
|
-
ffi (1.
|
104
|
-
ffi (1.
|
103
|
+
ffi (1.16.2)
|
104
|
+
ffi (1.16.2-java)
|
105
105
|
hashdiff (1.0.1)
|
106
106
|
httpclient (2.8.3)
|
107
107
|
interception (0.5)
|
@@ -115,10 +115,10 @@ GEM
|
|
115
115
|
parallel (1.19.2)
|
116
116
|
parser (2.7.1.4)
|
117
117
|
ast (~> 2.4.1)
|
118
|
-
pry (0.
|
118
|
+
pry (0.14.2)
|
119
119
|
coderay (~> 1.1)
|
120
120
|
method_source (~> 1.0)
|
121
|
-
pry (0.
|
121
|
+
pry (0.14.2-java)
|
122
122
|
coderay (~> 1.1)
|
123
123
|
method_source (~> 1.0)
|
124
124
|
spoon (~> 0.0)
|
@@ -187,7 +187,7 @@ DEPENDENCIES
|
|
187
187
|
awesome_print
|
188
188
|
codacy-coverage
|
189
189
|
cucumber
|
190
|
-
pry
|
190
|
+
pry (>= 0.14.2)
|
191
191
|
pry-rescue
|
192
192
|
pry-stack_explorer
|
193
193
|
pubnub!
|
data/LICENSE
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
PubNub Software Development Kit License Agreement
|
2
|
+
Copyright © 2023 PubNub Inc. All rights reserved.
|
3
|
+
|
4
|
+
Subject to the terms and conditions of the license, you are hereby granted
|
5
|
+
a non-exclusive, worldwide, royalty-free license to (a) copy and modify
|
6
|
+
the software in source code or binary form for use with the software services
|
7
|
+
and interfaces provided by PubNub, and (b) redistribute unmodified copies
|
8
|
+
of the software to third parties. The software may not be incorporated in
|
9
|
+
or used to provide any product or service competitive with the products
|
10
|
+
and services of PubNub.
|
11
|
+
|
12
|
+
The above copyright notice and this license shall be included
|
13
|
+
in or with all copies or substantial portions of the software.
|
14
|
+
|
15
|
+
This license does not grant you permission to use the trade names, trademarks,
|
16
|
+
service marks, or product names of PubNub, except as required for reasonable
|
17
|
+
and customary use in describing the origin of the software and reproducing
|
18
|
+
the content of this license.
|
19
|
+
|
20
|
+
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF
|
21
|
+
ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO
|
23
|
+
EVENT SHALL PUBNUB OR THE AUTHORS OR COPYRIGHT HOLDERS OF THE SOFTWARE BE
|
24
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
|
25
|
+
CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
26
|
+
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27
|
+
|
28
|
+
https://www.pubnub.com/
|
29
|
+
https://www.pubnub.com/terms
|
data/README.md
CHANGED
@@ -39,7 +39,7 @@ You will need the publish and subscribe keys to authenticate your app. Get your
|
|
39
39
|
```ruby
|
40
40
|
callback = Pubnub::SubscribeCallback.new(
|
41
41
|
message: ->(envelope) {
|
42
|
-
puts "MESSAGE: #
|
42
|
+
puts "MESSAGE: #{puts envelope.result[:data][:message]['msg']}"
|
43
43
|
},
|
44
44
|
presence: ->(envelope) {
|
45
45
|
puts "PRESENCE: #{envelope.result[:data]}"
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
5.
|
1
|
+
5.3.0
|
@@ -0,0 +1,99 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#
|
3
|
+
require 'pubnub'
|
4
|
+
|
5
|
+
Given(/^Crypto module with '([^']*)' cryptor$/) do |cryptor_id|
|
6
|
+
@cryptor_ids = [cryptor_id]
|
7
|
+
end
|
8
|
+
|
9
|
+
Given(/^Crypto module with default '([^']*)' and additional '([^']*)' cryptors$/) do |cryptor_id1, cryptor_id2|
|
10
|
+
@cryptor_ids = [cryptor_id1, cryptor_id2]
|
11
|
+
end
|
12
|
+
|
13
|
+
Given(/^Legacy code with '([^']*)' cipher key and '(random|constant|-)' vector$/) do |cipher_key, use_random_iv|
|
14
|
+
use_random_iv = use_random_iv != 'constant'
|
15
|
+
@legacy_cryptor = Cryptor.new cipher_key, use_random_iv
|
16
|
+
end
|
17
|
+
|
18
|
+
Then(/^with '([^']*)' cipher key$/) do |cipher_key|
|
19
|
+
@cipher_key = cipher_key
|
20
|
+
end
|
21
|
+
|
22
|
+
Then(/^with '(random|constant|-)' vector$/) do |use_random_iv|
|
23
|
+
@use_random_iv = use_random_iv != 'constant'
|
24
|
+
end
|
25
|
+
|
26
|
+
When(/^I encrypt '([^']*)' file as '([^']*)'$/) do |file_name, _|
|
27
|
+
@source_file_name = file_name
|
28
|
+
@source_file_content = File.binread "sdk-specifications/features/encryption/assets/#{file_name}"
|
29
|
+
@encrypted_content = crypto_module.encrypt @source_file_content
|
30
|
+
if file_name.include? 'empty'
|
31
|
+
@encrypt_status = 'encryption error' if @encrypted_content.nil? && @encrypt_status.nil?
|
32
|
+
@encrypt_status = 'success' if !@encrypted_content.nil? && @encrypt_status.nil?
|
33
|
+
else
|
34
|
+
expect(@encrypted_content).not_to eq nil
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
When(/^I decrypt '([^']*)' file$/) do |file_name|
|
39
|
+
file_content = File.binread "sdk-specifications/features/encryption/assets/#{file_name}"
|
40
|
+
|
41
|
+
begin
|
42
|
+
@decrypted_content = crypto_module.decrypt file_content
|
43
|
+
rescue Pubnub::UnknownCryptorError
|
44
|
+
@decrypt_status = 'unknown cryptor error'
|
45
|
+
end
|
46
|
+
@decrypt_status = 'decryption error' if @decrypted_content.nil? && @decrypt_status.nil?
|
47
|
+
@decrypt_status = 'success' if !@decrypted_content.nil? && @decrypt_status.nil?
|
48
|
+
end
|
49
|
+
|
50
|
+
When(/^I decrypt '([^']*)' file as '([^']*)'$/) do |file_name, _|
|
51
|
+
file_content = File.binread "sdk-specifications/features/encryption/assets/#{file_name}"
|
52
|
+
|
53
|
+
begin
|
54
|
+
@decrypted_content = crypto_module.decrypt file_content
|
55
|
+
rescue Pubnub::UnknownCryptorError
|
56
|
+
@decrypt_status = 'unknown cryptor error'
|
57
|
+
end
|
58
|
+
@decrypt_status = 'decryption error' if @decrypted_content.nil? && @decrypt_status.nil?
|
59
|
+
@decrypt_status = 'success' if !@decrypted_content.nil? && @decrypt_status.nil?
|
60
|
+
end
|
61
|
+
|
62
|
+
Then(/^Decrypted file content equal to the '([^']*)' file content$/) do |file_name|
|
63
|
+
file_content = File.binread "sdk-specifications/features/encryption/assets/#{file_name}"
|
64
|
+
expect(@decrypted_content).not_to eq nil
|
65
|
+
expect(@decrypted_content).to eq file_content
|
66
|
+
end
|
67
|
+
|
68
|
+
Then('Successfully decrypt an encrypted file with legacy code') do
|
69
|
+
expect(@legacy_cryptor).not_to eq nil
|
70
|
+
base64_encoded = Base64.strict_encode64(@encrypted_content)
|
71
|
+
decrypted_content = @legacy_cryptor.decrypt(base64_encoded)
|
72
|
+
expect(decrypted_content).not_to eq nil
|
73
|
+
expect(decrypted_content).to eq @source_file_content
|
74
|
+
end
|
75
|
+
|
76
|
+
Then(/^I receive '([^']*)'$/) do |outcome|
|
77
|
+
expect(@encrypt_status || @decrypt_status).not_to eq nil
|
78
|
+
expect(@encrypt_status || @decrypt_status).to eq outcome
|
79
|
+
end
|
80
|
+
|
81
|
+
# Crypto module
|
82
|
+
#
|
83
|
+
# @return [Pubnub::Crypto::CryptoModule] Crypto module instance.
|
84
|
+
def crypto_module
|
85
|
+
cryptors = []
|
86
|
+
@cryptor_ids.each do |cryptor_id|
|
87
|
+
cryptor = if cryptor_id == 'acrh'
|
88
|
+
Pubnub::Crypto::AesCbcCryptor.new @cipher_key
|
89
|
+
elsif cryptor_id == 'legacy'
|
90
|
+
Pubnub::Crypto::LegacyCryptor.new @cipher_key, @use_random_iv
|
91
|
+
end
|
92
|
+
cryptors.push(cryptor) unless cryptor.nil?
|
93
|
+
end
|
94
|
+
|
95
|
+
raise ArgumentError, "No crypto identifiers specified: #{@cryptor_ids}" if cryptors.empty?
|
96
|
+
|
97
|
+
default_cryptor = cryptors.shift
|
98
|
+
Pubnub::Crypto::CryptoModule.new default_cryptor, cryptors unless default_cryptor.nil?
|
99
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
# Internal Crypto class used for message encryption and decryption
|
2
|
+
class Cryptor
|
3
|
+
def initialize(cipher_key, use_random_iv)
|
4
|
+
@alg = 'AES-256-CBC'
|
5
|
+
sha256_key = Digest::SHA256.hexdigest(cipher_key.to_s)
|
6
|
+
@key = sha256_key.slice(0, 32)
|
7
|
+
@using_random_iv = use_random_iv
|
8
|
+
@iv = @using_random_iv == true ? random_iv : '0123456789012345'
|
9
|
+
end
|
10
|
+
|
11
|
+
def encrypt(message)
|
12
|
+
aes = OpenSSL::Cipher.new(@alg)
|
13
|
+
aes.encrypt
|
14
|
+
aes.key = @key
|
15
|
+
aes.iv = @iv
|
16
|
+
|
17
|
+
json_message = message.to_json
|
18
|
+
cipher = @using_random_iv == true ? @iv : ''
|
19
|
+
cipher << aes.update(json_message)
|
20
|
+
cipher << aes.final
|
21
|
+
|
22
|
+
Base64.strict_encode64(cipher)
|
23
|
+
end
|
24
|
+
|
25
|
+
def decrypt(cipher_text)
|
26
|
+
undecoded_text = Base64.decode64(cipher_text)
|
27
|
+
iv = @iv
|
28
|
+
|
29
|
+
if cipher_text.length > 16 && @using_random_iv == true
|
30
|
+
iv = undecoded_text.slice!(0..15)
|
31
|
+
end
|
32
|
+
|
33
|
+
decode_cipher = OpenSSL::Cipher.new(@alg).decrypt
|
34
|
+
decode_cipher.key = @key
|
35
|
+
decode_cipher.iv = iv
|
36
|
+
|
37
|
+
plain_text = decryption(undecoded_text, decode_cipher)
|
38
|
+
|
39
|
+
plain_text
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
def decryption(cipher_text, decode_cipher)
|
45
|
+
plain_text = decode_cipher.update(cipher_text)
|
46
|
+
plain_text << decode_cipher.final
|
47
|
+
rescue StandardError => e
|
48
|
+
puts "Pubnub :: DECRYPTION ERROR: #{e}"
|
49
|
+
'"DECRYPTION ERROR"'
|
50
|
+
end
|
51
|
+
|
52
|
+
private
|
53
|
+
|
54
|
+
def random_iv
|
55
|
+
random_bytes = Random.new.bytes(16).unpack('NnnnnN')
|
56
|
+
format('%08x%04x%04x', *random_bytes)
|
57
|
+
end
|
58
|
+
end
|
data/features/support/hooks.rb
CHANGED
data/lib/pubnub/client.rb
CHANGED
@@ -1,13 +1,16 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'base64'
|
2
4
|
|
3
5
|
require 'pubnub/error'
|
4
6
|
require 'pubnub/uuid'
|
5
7
|
require 'pubnub/formatter'
|
6
|
-
require 'pubnub/crypto'
|
7
8
|
require 'pubnub/constants'
|
8
9
|
require 'pubnub/configuration'
|
9
10
|
require 'pubnub/subscribe_callback'
|
10
11
|
|
12
|
+
require 'pubnub/modules/crypto/module'
|
13
|
+
|
11
14
|
require 'pubnub/schemas/envelope_schema'
|
12
15
|
|
13
16
|
require 'pubnub/event'
|
@@ -183,6 +186,7 @@ module Pubnub
|
|
183
186
|
clean_env
|
184
187
|
prepare_env
|
185
188
|
validate! @env
|
189
|
+
setup_crypto_module
|
186
190
|
@telemetry = Telemetry.new
|
187
191
|
Pubnub.logger.debug('Pubnub::Client') do
|
188
192
|
"Created new Pubnub::Client instance. Version: #{Pubnub::VERSION}"
|
@@ -339,6 +343,14 @@ module Pubnub
|
|
339
343
|
@env[:token] = token
|
340
344
|
end
|
341
345
|
|
346
|
+
# Data processing crypto module.
|
347
|
+
#
|
348
|
+
# @return [Pubnub::Crypto::CryptoProvider, nil] Crypto module for data encryption and
|
349
|
+
# decryption.
|
350
|
+
def crypto_module
|
351
|
+
@env[:crypto_module]
|
352
|
+
end
|
353
|
+
|
342
354
|
private
|
343
355
|
|
344
356
|
def create_state_pools(event)
|
@@ -386,9 +398,26 @@ module Pubnub
|
|
386
398
|
Concurrent.global_logger = Pubnub.logger
|
387
399
|
@subscriber = Subscriber.new(self)
|
388
400
|
options[:user_id] = options[:uuid] if options[:user_id].nil?
|
401
|
+
|
402
|
+
if options[:cipher_key] && options[:crypto_module]
|
403
|
+
puts 'It is expected that only cipherKey or cryptoModule will be configured ' \
|
404
|
+
'at once. PubNub client will use the configured cryptoModule.'
|
405
|
+
end
|
406
|
+
|
389
407
|
@env = options
|
390
408
|
end
|
391
409
|
|
410
|
+
# Complete crypto module configuration
|
411
|
+
# Create crypto module if it is required by user (specified
|
412
|
+
# <i>cipher_key</i> and not <i>crypto_module</i>).
|
413
|
+
def setup_crypto_module
|
414
|
+
random_iv = @env[:random_iv]
|
415
|
+
key = @env[:cipher_key]
|
416
|
+
|
417
|
+
# Create crypto module if it is not specified
|
418
|
+
@env[:crypto_module] = Crypto::CryptoModule.new_legacy(key, random_iv) if key && @env[:crypto_module].nil?
|
419
|
+
end
|
420
|
+
|
392
421
|
def prepare_env
|
393
422
|
assign_defaults
|
394
423
|
setup_pools
|
data/lib/pubnub/error.rb
CHANGED
data/lib/pubnub/event.rb
CHANGED
@@ -113,12 +113,12 @@ module Pubnub
|
|
113
113
|
def operation_http_method
|
114
114
|
case @event
|
115
115
|
when Pubnub::Constants::OPERATION_DELETE, Pubnub::Constants::OPERATION_REMOVE_MESSAGE_ACTION,
|
116
|
-
|
117
|
-
|
116
|
+
Pubnub::Constants::OPERATION_REMOVE_CHANNEL_METADATA, Pubnub::Constants::OPERATION_REMOVE_UUID_METADATA,
|
117
|
+
Pubnub::Constants::OPERATION_REVOKE_TOKEN
|
118
118
|
'delete'
|
119
119
|
when Pubnub::Constants::OPERATION_SET_UUID_METADATA, Pubnub::Constants::OPERATION_SET_CHANNEL_METADATA,
|
120
|
-
|
121
|
-
|
120
|
+
Pubnub::Constants::OPERATION_SET_CHANNEL_MEMBERS, Pubnub::Constants::OPERATION_SET_MEMBERSHIPS,
|
121
|
+
Pubnub::Constants::OPERATION_REMOVE_CHANNEL_MEMBERS, Pubnub::Constants::OPERATION_REMOVE_MEMBERSHIPS
|
122
122
|
'patch'
|
123
123
|
when Pubnub::Constants::OPERATION_ADD_MESSAGE_ACTION
|
124
124
|
'post'
|
@@ -170,7 +170,7 @@ module Pubnub
|
|
170
170
|
|
171
171
|
def create_variables_from_options(options)
|
172
172
|
variables = %w[channel channels message http_sync callback
|
173
|
-
ssl cipher_key random_iv secret_key auth_key
|
173
|
+
ssl cipher_key random_iv crypto_module secret_key auth_key
|
174
174
|
publish_key subscribe_key timetoken action_timetoken message_timetoken
|
175
175
|
open_timeout read_timeout idle_timeout heartbeat
|
176
176
|
group action read write delete manage ttl presence start
|
@@ -217,6 +217,14 @@ module Pubnub
|
|
217
217
|
ck.call(data)
|
218
218
|
end
|
219
219
|
|
220
|
+
# Data processing crypto module.
|
221
|
+
#
|
222
|
+
# @return [Pubnub::Crypto::CryptoProvider, nil] Crypto module for data encryption and
|
223
|
+
# decryption.
|
224
|
+
def crypto_module
|
225
|
+
@crypto_module
|
226
|
+
end
|
227
|
+
|
220
228
|
def error_message(parsed_response)
|
221
229
|
parsed_response['message']
|
222
230
|
rescue StandardError
|
@@ -13,8 +13,8 @@ module Pubnub
|
|
13
13
|
|
14
14
|
def fire
|
15
15
|
Pubnub.logger.debug('Pubnub::Add Message Action') { "Fired event #{self.class}" }
|
16
|
-
type_payload = { type: @type, value: @value}
|
17
|
-
body = Formatter.format_message(type_payload,
|
16
|
+
type_payload = { type: @type, value: @value }
|
17
|
+
body = Formatter.format_message(type_payload, nil, false)
|
18
18
|
|
19
19
|
response = send_request(body, { "Content-Type": 'application/json' })
|
20
20
|
|
@@ -34,7 +34,7 @@ module Pubnub
|
|
34
34
|
patterns: prepare_permissions(:pattern, @channels, @channel_groups, @uuids, @spaces_permissions, @users_permissions)
|
35
35
|
}.select { |_, v| v }
|
36
36
|
}
|
37
|
-
body = Formatter.format_message(raw_body,
|
37
|
+
body = Formatter.format_message(raw_body, nil, false)
|
38
38
|
response = send_request(body, { "Content-Type": "application/json" })
|
39
39
|
|
40
40
|
envelopes = fire_callbacks(handle(response, uri))
|