smaak 0.1.11 → 0.1.12

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c00546dad5a52379b07bfbf7af3b17a40d20d048
4
- data.tar.gz: 64c7c243b3451b8329e2ee8beb2bb2398fd7796d
3
+ metadata.gz: 53fd9fe4578fa68539091f3b746abda5699f6112
4
+ data.tar.gz: bff1001ef496c3d9d06d52964f8ffd78b65133d8
5
5
  SHA512:
6
- metadata.gz: ccc4dc56a2bd6ddb3112ed252b9b1165b03290e24106fa091cd81a93d216d567d6d12bcc6dfad12f77cf24797ec2cb41ad9693065949c5bb20930d49a96bed97
7
- data.tar.gz: 2e8466aed402283960edf3cf5fcdcfb5c29dd45657a5e27aa42bdfd2c70ba3fb798c7f313e38db51798c9da494fb83917e2f000254c206e849f96d13481218e6
6
+ metadata.gz: 6514785cd0fceedb7732d33ea9a9933d4e589b5d8234d530b3c9e36908ec5c22bfe3b3437656ab294829a80fcb979c70b366aada9eb60382ba405f7c62896ec7
7
+ data.tar.gz: 4086051e9407628877a947a004b5dd83c391a2af1dd7b96c6a8f1234a8a6372c2560d276ea64b954cfeef535c7efdfe53990a4f91c35c4ef0e3f34d55ded4ec5
@@ -17,6 +17,7 @@ module Smaak
17
17
  value = 0 if value.nil?
18
18
  return value
19
19
  end
20
+ return @request.env["HTTP_HOST"].split(':')[0] if not @request.env["HTTP_HOST"].nil? and header == "host"
20
21
  return value = @request.env["REQUEST_METHOD"] if header == "request-method"
21
22
  return @request.env["HTTP_#{header.upcase.gsub("-", "_")}"]
22
23
  end
data/lib/smaak/server.rb CHANGED
@@ -30,7 +30,7 @@ module Smaak
30
30
 
31
31
  def build_auth_message_from_request(adaptor)
32
32
  puts "[smaak error]: x-smaak-* headers not all present. Is this a smaak request?" if adaptor.header("x-smaak-recipient").nil? or adaptor.header("x-smaak-psk").nil? or adaptor.header("x-smaak-expires").nil? or adaptor.header("x-smaak-identifier").nil? or adaptor.header("x-smaak-nonce").nil? or adaptor.header("x-smaak-encrypt").nil?
33
- recipient_public_key = Base64.decode64(adaptor.header("x-smaak-recipient"))
33
+ recipient_public_key = Smaak::Crypto::decode64(adaptor.header("x-smaak-recipient"))
34
34
  psk = adaptor.header("x-smaak-psk")
35
35
  expires = adaptor.header("x-smaak-expires")
36
36
  identifier = adaptor.header("x-smaak-identifier")
@@ -69,11 +69,18 @@ module Smaak
69
69
  def verify_signed_request(request)
70
70
  adaptor = Smaak::create_adaptor(request)
71
71
  auth_message = build_auth_message_from_request(adaptor)
72
- return false if not verify_auth_message(auth_message)
72
+ if not verify_auth_message(auth_message)
73
+ puts "[smaak error]: could not verify auth_message"
74
+ return false
75
+ end
73
76
  pubkey = @association_store[auth_message.identifier]['public_key']
77
+ puts "[smaak warning]: pubkey not specified" if (pubkey.nil?) or (pubkey == "")
74
78
  body = Smaak::Crypto::sink(adaptor.body)
75
79
  body = Smaak::Crypto::decrypt(body, @private_key) if auth_message.encrypt
76
- return false, nil if not Smaak::verify_authorization_headers(adaptor, pubkey)
80
+ if not Smaak::verify_authorization_headers(adaptor, pubkey)
81
+ puts "[smaak error]: could not verify authorization headers"
82
+ return false, nil
83
+ end
77
84
  return auth_message, body # TBD return ID from cert
78
85
  end
79
86
 
data/lib/smaak/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Smaak
2
- VERSION = "0.1.11"
2
+ VERSION = "0.1.12"
3
3
  end
data/lib/smaak.rb CHANGED
@@ -55,9 +55,17 @@ module Smaak
55
55
  def self.verify_authorization_headers(adaptor, pubkey)
56
56
  raise ArgumentError.new("Key is required") if pubkey.nil?
57
57
  signature_headers, signature = Smaak::get_signature_data_from_request(adaptor)
58
- return false if signature.nil?
59
- return false if signature_headers.nil?
60
- Smaak::Crypto::verify_signature(signature, Smaak::Crypto::encode64(signature_headers), pubkey)
58
+ if signature.nil?
59
+ puts "[smaak error]: could not extract signature"
60
+ return false
61
+ end
62
+ if signature_headers.nil?
63
+ puts "[smaak error]: could not extract signature headers"
64
+ return false
65
+ end
66
+ verified = Smaak::Crypto::verify_signature(signature, Smaak::Crypto::encode64(signature_headers), pubkey)
67
+ puts "[smaak error]: verification of headers and signature using pubkey failed" if not verified
68
+ verified
61
69
  end
62
70
 
63
71
  private
@@ -68,7 +76,7 @@ module Smaak
68
76
  signature_headers = specification.extract_signature_headers
69
77
  signature = specification.extract_signature
70
78
 
71
- return signature_headers, Base64.decode64(signature)
79
+ return signature_headers, Smaak::Crypto::decode64(signature)
72
80
  end
73
81
  end
74
82
 
@@ -125,7 +125,7 @@ describe Smaak do
125
125
  it "should extract the signature using the specification" do
126
126
  expect(Smaak::Cavage04).to receive(:new).and_return(@mock_specification)
127
127
  expect(@mock_specification).to receive(:extract_signature_headers).and_return "headers"
128
- expect(@mock_specification).to receive(:extract_signature).and_return "signature"
128
+ expect(@mock_specification).to receive(:extract_signature).and_return Base64.strict_encode64("signature")
129
129
  Smaak::verify_authorization_headers(@adaptor, @test_server_public_key)
130
130
  end
131
131
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: smaak
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.11
4
+ version: 0.1.12
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ernst van Graan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-08-05 00:00:00.000000000 Z
11
+ date: 2015-08-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: persistent-cache