u2f 0.2.1 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/u2f/register_request.rb +10 -3
  4. data/lib/u2f/request_base.rb +1 -9
  5. data/lib/u2f/sign_request.rb +5 -4
  6. data/lib/u2f/sign_response.rb +6 -1
  7. data/lib/u2f/u2f.rb +4 -6
  8. data/lib/version.rb +1 -1
  9. data/spec/lib/register_request_spec.rb +2 -4
  10. data/spec/lib/register_response_spec.rb +1 -1
  11. data/spec/lib/sign_request_spec.rb +2 -6
  12. data/spec/lib/u2f_spec.rb +1 -1
  13. metadata +12 -12
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e589a4313b54ef4f09bd93ee9d3ae3dc796a55d8
4
- data.tar.gz: 6af61bb8549b978fc2e0de34eb1096aa7391df97
3
+ metadata.gz: 6e0ab3b3eb230926d60ba6c8d81cae756f87c600
4
+ data.tar.gz: 45249dfefef68ba3b21eb10701fdcbfdb50ed48b
5
5
  SHA512:
6
- metadata.gz: 2b719b5857602edb742ce3d4e9ef90ae448a286e23abdd58696e52bf5f7d92a9afb88c8666a571f8af62ca6981db3313f7c0d7fb0fab016e2b71adfed68274f1
7
- data.tar.gz: c9efc1c6157f3c6e846b237e545fdda917d9871098f0686ceb1ec21f7ddb73a75bdd6571bca92083f9ce35ecaeec519c4a6ff33f0b6c26a96cb415c2840a34eb
6
+ metadata.gz: ecca8a5e02031e7d14698436aacecf61d6b615051128685f64c16546ad86e63cd9e52536cee122af66721696c28bbb9d028582078c92f42045479277ca70d0e3
7
+ data.tar.gz: 6062a5d9a6de64b7e9ff2c602ff46f51329a9950eb408702117f8de45dc135476ed37f609829b2288566ba5a254f9cb31efaff9eb4c02a3b06bdf791eb583595
data/README.md CHANGED
@@ -38,9 +38,9 @@ The U2F library has two major tasks:
38
38
  - **Register** new devices.
39
39
  - **Authenticate** previously registered devices.
40
40
 
41
- Each task starts by generating a challenge on the server, which is rendered to a web view, read by the browser API:s and transmitted to the plugged in U2F devices for verification. The U2F device responds and triggers a callback in the browser, and a form is posted back to your server where you verify the challenge and store the U2F device information to your database.
41
+ Each task starts by generating a challenge on the server, which is rendered to a web view, read by the browser APIs and transmitted to the plugged in U2F devices for verification. The U2F device responds and triggers a callback in the browser, and a form is posted back to your server where you verify the challenge and store the U2F device information to your database.
42
42
 
43
- You'll need an instance of `U2F:U2F`, which is conveniently placed in an [instance method](https://github.com/castle/ruby-u2f/blob/master/example/app/helpers/helpers.rb) on the controller. The initializer takes an **App ID** as argument.
43
+ You'll need an instance of `U2F::U2F`, which is conveniently placed in an [instance method](https://github.com/castle/ruby-u2f/blob/master/example/app/helpers/helpers.rb) on the controller. The initializer takes an **App ID** as argument.
44
44
 
45
45
  ```ruby
46
46
  def u2f
@@ -188,7 +188,7 @@ def create
188
188
 
189
189
  begin
190
190
  u2f.authenticate!(session[:challenges], response,
191
- Base64.decode64(registration.public_key),
191
+ Base64.decode64(registration.public_key),
192
192
  registration.counter)
193
193
  rescue U2F::Error => e
194
194
  return "Unable to authenticate: <%= e.class.name %>"
data/lib/u2f/register_request.rb CHANGED
@@ -1,10 +1,17 @@
1
1
  module U2F
2
2
  class RegisterRequest
3
3
  include RequestBase
4
+ attr_accessor :challenge
4
5
 
5
- def initialize(challenge, app_id)
6
+ def initialize(challenge)
6
7
  @challenge = challenge
7
- @app_id = app_id
8
+ end
9
+
10
+ def as_json(options = {})
11
+ {
12
+ version: version,
13
+ challenge: challenge
14
+ }
8
15
  end
9
16
  end
10
- end
17
+ end
data/lib/u2f/request_base.rb CHANGED
@@ -1,14 +1,6 @@
1
1
  module U2F
2
2
  module RequestBase
3
- attr_accessor :version, :challenge, :app_id
4
-
5
- def as_json(options = {})
6
- {
7
- version: version,
8
- challenge: challenge,
9
- appId: app_id
10
- }
11
- end
3
+ attr_accessor :version
12
4
 
13
5
  def to_json(options = {})
14
6
  ::JSON.pretty_generate(as_json, options)
data/lib/u2f/sign_request.rb CHANGED
@@ -3,14 +3,15 @@ module U2F
3
3
  include RequestBase
4
4
  attr_accessor :key_handle
5
5
 
6
- def initialize(key_handle, challenge, app_id)
6
+ def initialize(key_handle)
7
7
  @key_handle = key_handle
8
- @challenge = challenge
9
- @app_id = app_id
10
8
  end
11
9
 
12
10
  def as_json(options = {})
13
- super.merge(keyHandle: key_handle)
11
+ {
12
+ version: version,
13
+ keyHandle: key_handle
14
+ }
14
15
  end
15
16
  end
16
17
  end
data/lib/u2f/sign_response.rb CHANGED
@@ -29,10 +29,15 @@ module U2F
29
29
  signature_data.byteslice(5..-1)
30
30
  end
31
31
 
32
+ # Bit 0 being set to 1 indicates that the user is present. A different value
33
+ # of Bit 0, as well as Bits 1 through 7, are reserved for future use.
34
+ USER_PRESENCE_MASK = 0b00000001
35
+
32
36
  ##
33
37
  # If user presence was verified
34
38
  def user_present?
35
- signature_data.byteslice(0).unpack('C').first == 1
39
+ byte = signature_data.byteslice(0).unpack('C').first
40
+ byte & USER_PRESENCE_MASK == 1
36
41
  end
37
42
 
38
43
  ##
data/lib/u2f/u2f.rb CHANGED
@@ -21,7 +21,7 @@ module U2F
21
21
  def authentication_requests(key_handles)
22
22
  key_handles = [key_handles] unless key_handles.is_a? Array
23
23
  key_handles.map do |key_handle|
24
- SignRequest.new(key_handle, challenge, app_id)
24
+ SignRequest.new(key_handle)
25
25
  end
26
26
  end
27
27
 
@@ -41,13 +41,11 @@ module U2F
41
41
  # - +UserNotPresentError+:: if the user wasn't present during the authentication
42
42
  # - +CounterTooLowError+:: if there is a counter mismatch between the registered one and the one in the response.
43
43
  #
44
- def authenticate!(challenges, response, registration_public_key,
44
+ def authenticate!(challenge, response, registration_public_key,
45
45
  registration_counter)
46
- # Handle both single and Array input
47
- challenges = [challenges] unless challenges.is_a? Array
48
46
 
49
47
  # TODO: check that it's the correct key_handle as well
50
- unless challenges.include?(response.client_data.challenge)
48
+ unless challenge == response.client_data.challenge
51
49
  fail NoMatchingRequestError
52
50
  end
53
51
 
@@ -84,7 +82,7 @@ module U2F
84
82
  #
85
83
  def registration_requests
86
84
  # TODO: generate a request for each supported version
87
- [RegisterRequest.new(challenge, @app_id)]
85
+ [RegisterRequest.new(challenge)]
88
86
  end
89
87
 
90
88
  ##
data/lib/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module U2F
2
- VERSION = "0.2.1"
2
+ VERSION = '1.0.0'
3
3
  end
data/spec/lib/register_request_spec.rb CHANGED
@@ -1,11 +1,10 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe U2F::RegisterRequest do
4
- let(:app_id) { 'http://example.com' }
5
4
  let(:challenge) { 'fEnc9oV79EaBgK5BoNERU5gPKM2XGYWrz4fUjgc0Q7g' }
6
5
 
7
6
  let(:sign_request) do
8
- U2F::RegisterRequest.new(challenge, app_id)
7
+ U2F::RegisterRequest.new(challenge)
9
8
  end
10
9
 
11
10
  describe '#to_json' do
@@ -13,9 +12,8 @@ describe U2F::RegisterRequest do
13
12
  it do
14
13
  is_expected.to match_json_expression(
15
14
  version: String,
16
- appId: String,
17
15
  challenge: String
18
16
  )
19
17
  end
20
18
  end
21
- end
19
+ end
data/spec/lib/register_response_spec.rb CHANGED
@@ -12,7 +12,7 @@ describe U2F::RegisterResponse do
12
12
  device.register_response(challenge).gsub(" ", "")
13
13
  end
14
14
  let(:error_response) { device.register_response(challenge, error = true) }
15
- let(:registration_request) { U2F::RegisterRequest.new(challenge, app_id) }
15
+ let(:registration_request) { U2F::RegisterRequest.new(challenge) }
16
16
  let(:register_response) do
17
17
  U2F::RegisterResponse.load_from_json(registration_data_json)
18
18
  end
data/spec/lib/sign_request_spec.rb CHANGED
@@ -1,13 +1,11 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe U2F::SignRequest do
4
- let(:app_id) { 'http://example.com' }
5
- let(:challenge) { 'fEnc9oV79EaBgK5BoNERU5gPKM2XGYWrz4fUjgc0Q7g' }
6
4
  let(:key_handle) do
7
5
  'CTUayZo8hCBeC-sGQJChC0wW-bBg99bmOlGCgw8XGq4dLsxO3yWh9mRYArZxocP5hBB1pEGB3bbJYiM-5acc5w=='
8
6
  end
9
7
  let(:sign_request) do
10
- U2F::SignRequest.new(key_handle, challenge, app_id)
8
+ U2F::SignRequest.new(key_handle)
11
9
  end
12
10
 
13
11
  describe '#to_json' do
@@ -15,10 +13,8 @@ describe U2F::SignRequest do
15
13
  it do
16
14
  is_expected.to match_json_expression(
17
15
  version: String,
18
- appId: String,
19
- challenge: String,
20
16
  keyHandle: String
21
17
  )
22
18
  end
23
19
  end
24
- end
20
+ end
data/spec/lib/u2f_spec.rb CHANGED
@@ -21,7 +21,7 @@ describe U2F do
21
21
  U2F::SignResponse.load_from_json sign_response_json
22
22
  end
23
23
  let(:sign_request) do
24
- U2F::SignRequest.new(key_handle, auth_challenge, app_id)
24
+ U2F::SignRequest.new(key_handle)
25
25
  end
26
26
 
27
27
  describe '#authentication_requests' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: u2f
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Brissmyr
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-10-06 00:00:00.000000000 Z
12
+ date: 2017-03-05 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rake
@@ -17,28 +17,28 @@ dependencies:
17
17
  requirements:
18
18
  - - "~>"
19
19
  - !ruby/object:Gem::Version
20
- version: 10.3.2
20
+ version: '10.3'
21
21
  type: :development
22
22
  prerelease: false
23
23
  version_requirements: !ruby/object:Gem::Requirement
24
24
  requirements:
25
25
  - - "~>"
26
26
  - !ruby/object:Gem::Version
27
- version: 10.3.2
27
+ version: '10.3'
28
28
  - !ruby/object:Gem::Dependency
29
29
  name: rspec
30
30
  requirement: !ruby/object:Gem::Requirement
31
31
  requirements:
32
32
  - - "~>"
33
33
  - !ruby/object:Gem::Version
34
- version: 3.1.0
34
+ version: '3.1'
35
35
  type: :development
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
39
  - - "~>"
40
40
  - !ruby/object:Gem::Version
41
- version: 3.1.0
41
+ version: '3.1'
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: json_expressions
44
44
  requirement: !ruby/object:Gem::Requirement
@@ -73,28 +73,28 @@ dependencies:
73
73
  requirements:
74
74
  - - "~>"
75
75
  - !ruby/object:Gem::Version
76
- version: 0.7.2
76
+ version: 0.8.10
77
77
  type: :development
78
78
  prerelease: false
79
79
  version_requirements: !ruby/object:Gem::Requirement
80
80
  requirements:
81
81
  - - "~>"
82
82
  - !ruby/object:Gem::Version
83
- version: 0.7.2
83
+ version: 0.8.10
84
84
  - !ruby/object:Gem::Dependency
85
85
  name: simplecov
86
86
  requirement: !ruby/object:Gem::Requirement
87
87
  requirements:
88
88
  - - "~>"
89
89
  - !ruby/object:Gem::Version
90
- version: 0.9.1
90
+ version: 0.11.1
91
91
  type: :development
92
92
  prerelease: false
93
93
  version_requirements: !ruby/object:Gem::Requirement
94
94
  requirements:
95
95
  - - "~>"
96
96
  - !ruby/object:Gem::Version
97
- version: 0.9.1
97
+ version: 0.11.1
98
98
  description: Library for handling registration and authentication of U2F devices
99
99
  email:
100
100
  - brissmyr@gmail.com
@@ -136,7 +136,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
136
136
  requirements:
137
137
  - - ">="
138
138
  - !ruby/object:Gem::Version
139
- version: '0'
139
+ version: 2.0.0
140
140
  required_rubygems_version: !ruby/object:Gem::Requirement
141
141
  requirements:
142
142
  - - ">="
@@ -144,7 +144,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
144
144
  version: '0'
145
145
  requirements: []
146
146
  rubyforge_project:
147
- rubygems_version: 2.4.5.1
147
+ rubygems_version: 2.6.10
148
148
  signing_key:
149
149
  specification_version: 4
150
150
  summary: U2F library