saro-dat 4.0.0 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.idea/saro-dat.iml +2 -1
- data/PUBLISH.md +1 -1
- data/README.md +2 -2
- data/lib/saro/dat/dat_certificate.rb +29 -25
- data/lib/saro/dat/dat_manager.rb +6 -3
- data/lib/saro/dat/signature.rb +8 -0
- data/lib/saro-dat.rb +1 -0
- data/saro-dat.gemspec +3 -2
- metadata +17 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1bc8964419d2aa39030dbec0e990d8a22d1fa29a8f8eec15235f69e70fa81054
|
|
4
|
+
data.tar.gz: e2fb45d1bbb981ea6745fab4661db4f1db41063fe73bc147cd33276c60e4a0fa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c306baa43850bc77ebd33a2c1717f1aaac63ca0c98b538da28cb8ca064e0ed475b0c2e866fee5b47700a49009c085621c5b21f1b989041028e0a481112092590
|
|
7
|
+
data.tar.gz: c75ede02ecff59c9e18a85116247eb3bae95c594940f8fedec457434a8f9c9dc9690667d1be103cb4abf03b18c483997a9f0fe4b6adbbb3f3e19c644ad9e66e2
|
data/.idea/saro-dat.iml
CHANGED
|
@@ -14,7 +14,8 @@
|
|
|
14
14
|
<orderEntry type="library" scope="PROVIDED" name="base64 (v0.3.0, rbenv: 4.0.5) [gem]" level="application" />
|
|
15
15
|
<orderEntry type="library" scope="PROVIDED" name="benchmark (v0.5.0, rbenv: 4.0.5) [gem]" level="application" />
|
|
16
16
|
<orderEntry type="library" scope="PROVIDED" name="bundler (v4.0.12, rbenv: 4.0.5) [gem]" level="application" />
|
|
17
|
-
<orderEntry type="library" scope="PROVIDED" name="concurrent-ruby (v1.3.
|
|
17
|
+
<orderEntry type="library" scope="PROVIDED" name="concurrent-ruby (v1.3.7, rbenv: 4.0.5) [gem]" level="application" />
|
|
18
|
+
<orderEntry type="library" scope="PROVIDED" name="logger (v1.7.0, rbenv: 4.0.5) [gem]" level="application" />
|
|
18
19
|
<orderEntry type="library" scope="PROVIDED" name="minitest (v5.27.0, rbenv: 4.0.5) [gem]" level="application" />
|
|
19
20
|
<orderEntry type="library" scope="PROVIDED" name="openssl (v4.0.2, rbenv: 4.0.5) [gem]" level="application" />
|
|
20
21
|
<orderEntry type="library" scope="PROVIDED" name="parallel (v2.1.0, rbenv: 4.0.5) [gem]" level="application" />
|
data/PUBLISH.md
CHANGED
data/README.md
CHANGED
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
|
|
5
5
|
### [DAT Run Online](https://dat.saro.me)
|
|
6
6
|
|
|
7
|
-
### [What is DAT](https://dat.saro.me
|
|
7
|
+
### [What is DAT](https://dat.saro.me/intro)
|
|
8
8
|
|
|
9
|
-
### [Example](https://dat.saro.me
|
|
9
|
+
### [Example](https://dat.saro.me/libs/gems-saro-dat)
|
|
10
10
|
|
|
11
11
|
## Support algorithm
|
|
12
12
|
### Signature
|
|
@@ -7,33 +7,33 @@ require_relative 'util'
|
|
|
7
7
|
module Saro
|
|
8
8
|
module Dat
|
|
9
9
|
class DatCertificate
|
|
10
|
-
attr_reader :cid, :signature_key, :crypto_key, :
|
|
10
|
+
attr_reader :cid, :signature_key, :crypto_key, :dat_issuance_start_seconds, :dat_issuance_end_seconds, :dat_ttl_seconds
|
|
11
11
|
|
|
12
|
-
def initialize(cid,
|
|
12
|
+
def initialize(cid, dat_issuance_start_seconds, dat_issuance_duration_seconds, dat_ttl_seconds, signature_key, crypto_key)
|
|
13
13
|
@cid = cid
|
|
14
|
-
@
|
|
15
|
-
@
|
|
16
|
-
@
|
|
14
|
+
@dat_issuance_start_seconds = dat_issuance_start_seconds
|
|
15
|
+
@dat_issuance_end_seconds = dat_issuance_start_seconds + dat_issuance_duration_seconds
|
|
16
|
+
@dat_ttl_seconds = dat_ttl_seconds
|
|
17
17
|
@signature_key = signature_key
|
|
18
18
|
@crypto_key = crypto_key
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def exports(verify_only = false)
|
|
22
22
|
cid_hex = @cid.to_s(16)
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
23
|
+
dat_issuance_start_seconds = @dat_issuance_start_seconds.to_s
|
|
24
|
+
dat_issuance_duration_seconds = (@dat_issuance_end_seconds - @dat_issuance_start_seconds).to_s
|
|
25
|
+
dat_ttl_seconds = @dat_ttl_seconds.to_s
|
|
26
|
+
signature_algorithm = @signature_key.algorithm
|
|
27
|
+
crypto_algorithm = @crypto_key.algorithm
|
|
28
|
+
signature_key = @signature_key.exports(verify_only)
|
|
29
|
+
crypto_key = @crypto_key.exports
|
|
30
30
|
|
|
31
|
-
"#{cid_hex}.#{
|
|
31
|
+
"#{cid_hex}.#{dat_issuance_start_seconds}.#{dat_issuance_duration_seconds}.#{dat_ttl_seconds}.#{signature_algorithm}.#{crypto_algorithm}.#{signature_key}.#{crypto_key}"
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
-
def self.generate(cid,
|
|
34
|
+
def self.generate(cid, dat_issuance_start_seconds, dat_issuance_duration_seconds, dat_ttl_seconds, signature_algorithm, crypto_algorithm)
|
|
35
35
|
new(
|
|
36
|
-
cid,
|
|
36
|
+
cid, dat_issuance_start_seconds, dat_issuance_duration_seconds, dat_ttl_seconds,
|
|
37
37
|
Saro::Dat::DatSignature.generate(signature_algorithm),
|
|
38
38
|
Saro::Dat::DatCrypto.generate(crypto_algorithm)
|
|
39
39
|
)
|
|
@@ -44,24 +44,24 @@ module Saro
|
|
|
44
44
|
raise ArgumentError, "Invalid Certificate format" if parts.length != 8
|
|
45
45
|
|
|
46
46
|
cid = parts[0].to_i(16)
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
signature_key = Saro::Dat::DatSignature.imports(
|
|
53
|
-
crypto_key = Saro::Dat::DatCrypto.imports(
|
|
47
|
+
dat_issuance_start_seconds = parts[1].to_i
|
|
48
|
+
dat_issuance_duration_seconds = parts[2].to_i
|
|
49
|
+
dat_ttl_seconds = parts[3].to_i
|
|
50
|
+
signature_algorithm = parts[4]
|
|
51
|
+
crypto_algorithm = parts[5]
|
|
52
|
+
signature_key = Saro::Dat::DatSignature.imports(signature_algorithm, parts[6])
|
|
53
|
+
crypto_key = Saro::Dat::DatCrypto.imports(crypto_algorithm, parts[7])
|
|
54
54
|
|
|
55
|
-
new(cid,
|
|
55
|
+
new(cid, dat_issuance_start_seconds, dat_issuance_duration_seconds, dat_ttl_seconds, signature_key, crypto_key)
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
def issuable
|
|
59
59
|
now = Time.now.to_i
|
|
60
|
-
signable && @
|
|
60
|
+
signable && @dat_issuance_start_seconds <= now && now <= @dat_issuance_end_seconds
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
def expired
|
|
64
|
-
Time.now.to_i > (@
|
|
64
|
+
Time.now.to_i > (@dat_issuance_end_seconds + @dat_ttl_seconds)
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
def signable
|
|
@@ -72,6 +72,10 @@ module Saro
|
|
|
72
72
|
@signature_key.pair
|
|
73
73
|
end
|
|
74
74
|
|
|
75
|
+
def support_verify_only
|
|
76
|
+
@signature_key.support_verify_only
|
|
77
|
+
end
|
|
78
|
+
|
|
75
79
|
# For Ruby conventions
|
|
76
80
|
alias_method :issuable?, :issuable
|
|
77
81
|
alias_method :expired?, :expired
|
data/lib/saro/dat/dat_manager.rb
CHANGED
|
@@ -17,9 +17,10 @@ module Saro
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def import_certificates(input_certs, clear: false)
|
|
20
|
+
renew_count = 0
|
|
20
21
|
@lock.with_write_lock do
|
|
21
22
|
certificates = clear ? [] : @certificates.dup
|
|
22
|
-
|
|
23
|
+
|
|
23
24
|
before_cids = Set.new(certificates.map(&:cid))
|
|
24
25
|
seen_cids = Set.new
|
|
25
26
|
|
|
@@ -30,9 +31,10 @@ module Saro
|
|
|
30
31
|
next if before_cids.include?(cert.cid)
|
|
31
32
|
|
|
32
33
|
certificates << cert
|
|
34
|
+
renew_count += 1
|
|
33
35
|
end
|
|
34
36
|
|
|
35
|
-
certificates.sort_by!(&:
|
|
37
|
+
certificates.sort_by!(&:dat_issuance_end_seconds)
|
|
36
38
|
|
|
37
39
|
# Find latest issuable certificate as issuer
|
|
38
40
|
issuer = certificates.reverse_each.find(&:issuable)
|
|
@@ -40,6 +42,7 @@ module Saro
|
|
|
40
42
|
@issuer = issuer
|
|
41
43
|
@certificates = certificates
|
|
42
44
|
end
|
|
45
|
+
renew_count
|
|
43
46
|
end
|
|
44
47
|
|
|
45
48
|
def imports(format_str, clear: false)
|
|
@@ -82,7 +85,7 @@ module Saro
|
|
|
82
85
|
|
|
83
86
|
def self._issue(cert, plain, secure)
|
|
84
87
|
now = Time.now.to_i
|
|
85
|
-
expire = now + cert.
|
|
88
|
+
expire = now + cert.dat_ttl_seconds
|
|
86
89
|
cid_hex = cert.cid.to_s(16)
|
|
87
90
|
|
|
88
91
|
plain_bytes = plain.is_a?(String) ? plain.encode('utf-8') : (plain || "".b)
|
data/lib/saro/dat/signature.rb
CHANGED
|
@@ -114,6 +114,10 @@ module Saro
|
|
|
114
114
|
end
|
|
115
115
|
|
|
116
116
|
def exports(verify_only = false)
|
|
117
|
+
if verify_only && !support_verify_only
|
|
118
|
+
raise ArgumentError, "#{config[:name]} does not supported verifying only key"
|
|
119
|
+
end
|
|
120
|
+
|
|
117
121
|
if @config[:name] == "HMAC"
|
|
118
122
|
Saro::Dat::Util.encode_base64_url_str(@verifying_key)
|
|
119
123
|
else
|
|
@@ -182,6 +186,10 @@ module Saro
|
|
|
182
186
|
@config[:name] == "ECDSA"
|
|
183
187
|
end
|
|
184
188
|
|
|
189
|
+
def support_verify_only
|
|
190
|
+
@config[:name] == "ECDSA"
|
|
191
|
+
end
|
|
192
|
+
|
|
185
193
|
private
|
|
186
194
|
|
|
187
195
|
def der_to_raw_signature(signature_der)
|
data/lib/saro-dat.rb
CHANGED
data/saro-dat.gemspec
CHANGED
|
@@ -2,13 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |spec|
|
|
4
4
|
spec.name = "saro-dat"
|
|
5
|
-
spec.version = "4.
|
|
5
|
+
spec.version = "4.3.0"
|
|
6
6
|
spec.authors = ["marker"]
|
|
7
7
|
spec.email = ["j@saro.me"]
|
|
8
8
|
|
|
9
9
|
spec.summary = "DAT (Data Access Token) Ruby implementation"
|
|
10
10
|
spec.description = "Ported from Python dat library"
|
|
11
|
-
spec.homepage = "https://dat.saro.me
|
|
11
|
+
spec.homepage = "https://dat.saro.me/libs/gems-saro-dat"
|
|
12
12
|
spec.license = "MIT"
|
|
13
13
|
spec.required_ruby_version = ">= 2.7.0"
|
|
14
14
|
|
|
@@ -30,6 +30,7 @@ Gem::Specification.new do |spec|
|
|
|
30
30
|
spec.add_dependency "concurrent-ruby", "~> 1.3.6"
|
|
31
31
|
spec.add_dependency "openssl", "~> 4.0.2"
|
|
32
32
|
spec.add_dependency "base64"
|
|
33
|
+
spec.add_dependency "logger"
|
|
33
34
|
|
|
34
35
|
spec.add_development_dependency "minitest", "~> 5.0"
|
|
35
36
|
spec.add_development_dependency "benchmark"
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saro-dat
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- marker
|
|
@@ -51,6 +51,20 @@ dependencies:
|
|
|
51
51
|
- - ">="
|
|
52
52
|
- !ruby/object:Gem::Version
|
|
53
53
|
version: '0'
|
|
54
|
+
- !ruby/object:Gem::Dependency
|
|
55
|
+
name: logger
|
|
56
|
+
requirement: !ruby/object:Gem::Requirement
|
|
57
|
+
requirements:
|
|
58
|
+
- - ">="
|
|
59
|
+
- !ruby/object:Gem::Version
|
|
60
|
+
version: '0'
|
|
61
|
+
type: :runtime
|
|
62
|
+
prerelease: false
|
|
63
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
64
|
+
requirements:
|
|
65
|
+
- - ">="
|
|
66
|
+
- !ruby/object:Gem::Version
|
|
67
|
+
version: '0'
|
|
54
68
|
- !ruby/object:Gem::Dependency
|
|
55
69
|
name: minitest
|
|
56
70
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -117,11 +131,11 @@ files:
|
|
|
117
131
|
- lib/saro/dat/signature.rb
|
|
118
132
|
- lib/saro/dat/util.rb
|
|
119
133
|
- saro-dat.gemspec
|
|
120
|
-
homepage: https://dat.saro.me
|
|
134
|
+
homepage: https://dat.saro.me/libs/gems-saro-dat
|
|
121
135
|
licenses:
|
|
122
136
|
- MIT
|
|
123
137
|
metadata:
|
|
124
|
-
homepage_uri: https://dat.saro.me
|
|
138
|
+
homepage_uri: https://dat.saro.me/libs/gems-saro-dat
|
|
125
139
|
source_code_uri: https://github.com/saro-lab/dat-ruby
|
|
126
140
|
changelog_uri: https://github.com/saro-lab/dat-ruby/blob/main/CHANGELOG.md
|
|
127
141
|
keywords: dat, distributed, access, token, web, session, security, authentication
|