truby_license 0.1.0

data/lib/truby_license.rb

@@ -0,0 +1,210 @@
+require "base64"
+require "openssl"
+require "zlib"
+require "javabean_xml"
+
+
+class TrubyLicense
+  class TrubyException < Exception ; end
+  class PrivateKeyNeeded < TrubyException ; end
+  class InvalidLicense < TrubyException ; end
+  class InvalidPassword < TrubyException ; end
+
+  LicenseData = Struct.new  :consumerType,
+                            :notBefore,
+                            :notAfter,
+                            :extra,
+                            :subject,
+                            :holder,
+                            :issued,
+                            :issuer
+
+  X500Principal = Struct.new :name
+
+  # Creates an instance able to read and write licenses using the
+  # supplied password and key. For writing licenses the key needs to be a
+  # private key, otherwise a public key will do.
+  def initialize password, key
+    raise ArgumentError.new("password must be a String") unless password.is_a? String
+    raise ArgumentError.new("key must be an OpenSSL DSA key") unless key.is_a? OpenSSL::PKey::DSA
+    @password = password
+    @key = key
+
+    # to hold the ciphers used in the crypt method
+    @cipher ||= {}
+
+    # some extra parameters TrueLicense uses
+    @iterations = 2005
+    @salt = "\xCE\xFB\xDE\xAC\x05\x02\x19q"
+  end
+
+  def deserialize_license license_blob
+    begin
+      license_data = gunzip(decrypt(license_blob))
+    rescue OpenSSL::Cipher::CipherError
+      raise InvalidPassword.new "Could not decrypt license blob"
+    rescue Zlib::GzipFile::Error
+      raise InvalidLicense.new "Invalid format of license blob: not gzipped corrrectly"
+    end
+
+
+    JavabeanXml.from_xml license_data,
+
+      :string => lambda { |value, properties| value },
+      "de.schlichtherle.xml.GenericCertificate" => lambda { |v, properties|
+        sig = b64d(properties[:signature])
+        license =properties[:encoded]
+        algorithm = properties[:signatureAlgorithm]
+        encoding = properties[:signatureEncoding]
+        unless algorithm == "SHA1withDSA"
+          raise NotImplementedError.new(
+                  "signature algorithm %s has not been implemented".
+                  % algorithm
+                )
+        end
+        unless encoding == "US-ASCII/Base64"
+          raise NotImplementedError.new(
+                  "signature encoding %s has not been implemented".
+                  % encoding
+                )
+        end
+        unless verify_signature(license, sig)
+          raise InvalidLicense.new("License signature mismatch")
+        end
+        JavabeanXml.from_xml(license,
+          :long => lambda { |value, p| value.to_i },
+          :string => lambda { |value, p| value },
+          "java.util.Date" => lambda { |value, p| Time.at(value / 1000) },
+          "javax.security.auth.x500.X500Principal" => lambda { |value, p| X500Principal.new value },
+          "de.schlichtherle.license.LicenseContent" => lambda {|value, properties|
+            ld = LicenseData.new
+            ld.members.each do |prop|
+              ld[prop] = properties[prop.to_sym]
+            end
+            ld
+          }
+        )
+      }
+
+  end
+
+  def serialize_license license_data
+    lic_data = license_data.clone # allows us to make changes
+    unless @key.private?
+      raise PrivateKeyNeeded.new("Cannot use a public key to encrypt the license")
+    end
+    # make sure issuer and holder are properly wrapped in X500Principal objects
+    [:issuer, :holder].each do |prop|
+      if lic_data[prop].is_a? String
+        lic_data[prop] = X500Principal.new lic_data[prop]
+      end
+    end
+    lic_data.consumerType = lic_data.consumerType.to_s
+    inner = JavabeanXml.to_xml lic_data,
+                LicenseData => lambda { |value|
+                  {
+                    :class => "de.schlichtherle.license.LicenseContent",
+                    :properties =>  lic_data.members.inject({}) {|props, prop|
+                                      props[prop.to_sym] = lic_data[prop]
+                                      props
+                                    }
+                  }
+                },
+                X500Principal => lambda { |value|
+                  {
+                    :class => "javax.security.auth.x500.X500Principal",
+                    :value => {
+                      :class => :string,
+                      :value => value.name
+                    }
+                  }
+                },
+                Time => lambda { |value|
+                  {
+                    :class => "java.util.Date",
+                    :value => {
+                      :class => :long,
+                      :value => value.to_i * 1000
+                    }
+                  }
+                },
+                String => lambda { |value|
+                  {
+                    :class => :string,
+                    :value => value
+                  }
+                }
+    outer = JavabeanXml.to_xml(
+              {
+                :class => "de.schlichtherle.xml.GenericCertificate",
+                :properties => {
+                  :encoded => inner,
+                  :signature => b64e(sign(inner)),
+                  :signatureAlgorithm => "SHA1withDSA",
+                  :signatureEncoding => "US-ASCII/Base64"
+                }
+              },
+              String => lambda { |value|
+                {
+                  :class => :string,
+                  :value => value
+                }
+              }
+            )
+    encrypt(gzip(outer))
+  end
+
+
+  private
+
+  def gzip data
+    gzipped = ""
+    zf = Zlib::GzipWriter.new(StringIO.new(gzipped))
+    zf << data
+    zf.close
+    gzipped
+  end
+
+  def gunzip data
+    Zlib::GzipReader.new(StringIO.new(data)).read
+  end
+
+  def sha1 data
+    OpenSSL::Digest::SHA1.digest(data)
+  end
+
+  def b64e data
+    Base64.encode64 data
+  end
+
+  def b64d string
+    Base64.decode64 string
+  end
+
+  def sign data
+    @key.syssign sha1(data)
+  end
+
+  def verify_signature data, signature
+    @key.sysverify(sha1(data), signature)
+  end
+
+  def crypt mode, data
+    unless @cipher[mode]
+      @cipher[mode] = OpenSSL::Cipher.new "DES"
+      @cipher[mode].send mode
+      @cipher[mode].pkcs5_keyivgen @password, @salt, @iterations
+    end
+    c = @cipher[mode]
+    c.update(data) + c.final
+  end
+
+  def decrypt data
+    crypt :decrypt, data
+  end
+
+  def encrypt data
+    crypt :encrypt, data
+  end
+
+end

data/test/test_truby_license.rb

@@ -0,0 +1,150 @@
+require "rubygems"
+require "test/unit"
+require "truby_license"
+class Fixnum
+  def seconds
+    self
+  end
+  def minutes
+    60 * seconds
+  end
+  def hours
+    60 * minutes
+  end
+  def days
+    24 * hours
+  end
+  def weeks
+    7 * days
+  end
+  def months
+    30 * days
+  end
+  def years
+    365 * days
+  end
+  def from_now
+    Time.at(Time.now.to_i + self)
+  end
+  def ago
+    Time.at(Time.now.to_i - self)
+  end
+end
+class TestTrubyLicense < Test::Unit::TestCase
+
+  def initialize *args
+    super *args
+    @key1 = { :priv => OpenSSL::PKey::DSA.generate(1024) }
+    @key1[:pub] = @key1[:priv].public_key
+
+    @key2 = { :priv => OpenSSL::PKey::DSA.generate(1024) }
+    @key2[:pub] = @key2[:priv].public_key
+  end
+
+  def test_serialize_deserialize
+    ld = TrubyLicense::LicenseData.new
+
+    ld.consumerType = "0"
+    ld.notBefore = 5.days.ago
+    ld.notAfter = 10.days.from_now
+    ld.extra = "an <html><document /></html>"
+    ld.subject = "Some subject"
+    ld.holder = TrubyLicense::X500Principal.new "CN=Einar Boson"
+    ld.issued = Time.at(Time.now.to_i) # strip ns
+    ld.issuer = TrubyLicense::X500Principal.new "CN=Einar Boson"
+    tl_priv = TrubyLicense.new "my secret password", @key1[:priv]
+    tl_pub = TrubyLicense.new "my secret password", @key1[:pub]
+
+    encoded = tl_priv.serialize_license ld
+    decoded = tl_pub.deserialize_license encoded
+    ld.each_pair do |prop, val|
+      assert_equal val, decoded[prop], "License data should not change through serialization/deserialization"
+    end
+  end
+
+  def test_automatic_x500_wrapping
+    ld = TrubyLicense::LicenseData.new
+
+    ld.consumerType = "0"
+    ld.notBefore = 5.days.ago
+    ld.notAfter = 10.days.from_now
+    ld.extra = "an <html><document /></html>"
+    ld.subject = "Some subject"
+    ld.holder = "CN=Einar Boson1"
+    ld.issued = Time.at(Time.now.to_i) # strip ns
+    ld.issuer = "CN=Einar Boson2"
+
+    tl_priv = TrubyLicense.new "my secret password", @key1[:priv]
+    tl_pub = TrubyLicense.new "my secret password", @key1[:pub]
+
+    encoded = tl_priv.serialize_license ld
+    decoded = tl_pub.deserialize_license encoded
+
+    assert decoded.holder.respond_to?(:name) && decoded.holder.name == "CN=Einar Boson1",
+            "holder should be automatically wrapped as an X500 object"
+    assert decoded.issuer.respond_to?(:name) && decoded.issuer.name == "CN=Einar Boson2",
+            "issuer should be automatically wrapped as an X500 object"
+
+  end
+
+  def test_exception_on_serializing_With_public_key
+    ld = TrubyLicense::LicenseData.new
+
+    ld.consumerType = "0"
+    ld.notBefore = 5.days.ago
+    ld.notAfter = 10.days.from_now
+    ld.extra = "an <html><document /></html>"
+    ld.subject = "Some subject"
+    ld.holder = "CN=Einar Boson1"
+    ld.issued = Time.at(Time.now.to_i) # strip ns
+    ld.issuer = "CN=Einar Boson2"
+
+    tl = TrubyLicense.new "my secret password", @key1[:pub]
+
+    assert_raise TrubyLicense::PrivateKeyNeeded do
+      tl.serialize_license ld
+    end
+  end
+
+  def test_license_invalid_if_signed_with_other_key
+    ld = TrubyLicense::LicenseData.new
+
+    ld.consumerType = "0"
+    ld.notBefore = 5.days.ago
+    ld.notAfter = 10.days.from_now
+    ld.extra = "an <html><document /></html>"
+    ld.subject = "Some subject"
+    ld.holder = TrubyLicense::X500Principal.new "CN=Einar Boson"
+    ld.issued = Time.at(Time.now.to_i) # strip ns
+    ld.issuer = TrubyLicense::X500Principal.new "CN=Einar Boson"
+    tl_priv = TrubyLicense.new "my secret password", @key1[:priv]
+    t2_pub = TrubyLicense.new "my secret password", @key2[:pub]
+
+    encoded = tl_priv.serialize_license ld
+
+    assert_raise TrubyLicense::InvalidLicense do
+      decoded = t2_pub.deserialize_license encoded
+    end
+  end
+
+  def test_license_invalid_if_wrong_password
+    ld = TrubyLicense::LicenseData.new
+
+    ld.consumerType = "0"
+    ld.notBefore = 5.days.ago
+    ld.notAfter = 10.days.from_now
+    ld.extra = "an <html><document /></html>"
+    ld.subject = "Some subject"
+    ld.holder = TrubyLicense::X500Principal.new "CN=Einar Boson"
+    ld.issued = Time.at(Time.now.to_i) # strip ns
+    ld.issuer = TrubyLicense::X500Principal.new "CN=Einar Boson"
+    tl_priv = TrubyLicense.new "my secret password", @key1[:priv]
+    t1_pub = TrubyLicense.new "wrong password", @key1[:pub]
+
+    encoded = tl_priv.serialize_license ld
+
+    assert_raise TrubyLicense::InvalidPassword do
+      decoded = t1_pub.deserialize_license encoded
+    end
+  end
+end

metadata

@@ -0,0 +1,97 @@
+--- !ruby/object:Gem::Specification 
+name: truby_license
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- "Einar Magn\xC3\xBAs Boson"
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-12-22 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: nokogiri
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 5
+        segments: 
+        - 1
+        - 5
+        version: "1.5"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: builder
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 3
+        - 0
+        version: "3.0"
+  type: :runtime
+  version_requirements: *id002
+description: Create and read True License files in ruby
+email: einar.boson@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- lib/truby_license.rb
+- test/test_truby_license.rb
+homepage: http://github.com/einarmagnus/truby_license
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 57
+      segments: 
+      - 1
+      - 8
+      - 7
+      version: 1.8.7
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.13
+signing_key: 
+specification_version: 3
+summary: True License for Ruby
+test_files: 
+- test/test_truby_license.rb