u2f 0.2.1 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/u2f/register_request.rb +10 -3
- data/lib/u2f/request_base.rb +1 -9
- data/lib/u2f/sign_request.rb +5 -4
- data/lib/u2f/sign_response.rb +6 -1
- data/lib/u2f/u2f.rb +4 -6
- data/lib/version.rb +1 -1
- data/spec/lib/register_request_spec.rb +2 -4
- data/spec/lib/register_response_spec.rb +1 -1
- data/spec/lib/sign_request_spec.rb +2 -6
- data/spec/lib/u2f_spec.rb +1 -1
- metadata +12 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6e0ab3b3eb230926d60ba6c8d81cae756f87c600
|
4
|
+
data.tar.gz: 45249dfefef68ba3b21eb10701fdcbfdb50ed48b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ecca8a5e02031e7d14698436aacecf61d6b615051128685f64c16546ad86e63cd9e52536cee122af66721696c28bbb9d028582078c92f42045479277ca70d0e3
|
7
|
+
data.tar.gz: 6062a5d9a6de64b7e9ff2c602ff46f51329a9950eb408702117f8de45dc135476ed37f609829b2288566ba5a254f9cb31efaff9eb4c02a3b06bdf791eb583595
|
data/README.md
CHANGED
@@ -38,9 +38,9 @@ The U2F library has two major tasks:
|
|
38
38
|
- **Register** new devices.
|
39
39
|
- **Authenticate** previously registered devices.
|
40
40
|
|
41
|
-
Each task starts by generating a challenge on the server, which is rendered to a web view, read by the browser
|
41
|
+
Each task starts by generating a challenge on the server, which is rendered to a web view, read by the browser APIs and transmitted to the plugged in U2F devices for verification. The U2F device responds and triggers a callback in the browser, and a form is posted back to your server where you verify the challenge and store the U2F device information to your database.
|
42
42
|
|
43
|
-
You'll need an instance of `U2F
|
43
|
+
You'll need an instance of `U2F::U2F`, which is conveniently placed in an [instance method](https://github.com/castle/ruby-u2f/blob/master/example/app/helpers/helpers.rb) on the controller. The initializer takes an **App ID** as argument.
|
44
44
|
|
45
45
|
```ruby
|
46
46
|
def u2f
|
@@ -188,7 +188,7 @@ def create
|
|
188
188
|
|
189
189
|
begin
|
190
190
|
u2f.authenticate!(session[:challenges], response,
|
191
|
-
Base64.decode64(registration.public_key),
|
191
|
+
Base64.decode64(registration.public_key),
|
192
192
|
registration.counter)
|
193
193
|
rescue U2F::Error => e
|
194
194
|
return "Unable to authenticate: <%= e.class.name %>"
|
data/lib/u2f/register_request.rb
CHANGED
@@ -1,10 +1,17 @@
|
|
1
1
|
module U2F
|
2
2
|
class RegisterRequest
|
3
3
|
include RequestBase
|
4
|
+
attr_accessor :challenge
|
4
5
|
|
5
|
-
def initialize(challenge
|
6
|
+
def initialize(challenge)
|
6
7
|
@challenge = challenge
|
7
|
-
|
8
|
+
end
|
9
|
+
|
10
|
+
def as_json(options = {})
|
11
|
+
{
|
12
|
+
version: version,
|
13
|
+
challenge: challenge
|
14
|
+
}
|
8
15
|
end
|
9
16
|
end
|
10
|
-
end
|
17
|
+
end
|
data/lib/u2f/request_base.rb
CHANGED
@@ -1,14 +1,6 @@
|
|
1
1
|
module U2F
|
2
2
|
module RequestBase
|
3
|
-
attr_accessor :version
|
4
|
-
|
5
|
-
def as_json(options = {})
|
6
|
-
{
|
7
|
-
version: version,
|
8
|
-
challenge: challenge,
|
9
|
-
appId: app_id
|
10
|
-
}
|
11
|
-
end
|
3
|
+
attr_accessor :version
|
12
4
|
|
13
5
|
def to_json(options = {})
|
14
6
|
::JSON.pretty_generate(as_json, options)
|
data/lib/u2f/sign_request.rb
CHANGED
@@ -3,14 +3,15 @@ module U2F
|
|
3
3
|
include RequestBase
|
4
4
|
attr_accessor :key_handle
|
5
5
|
|
6
|
-
def initialize(key_handle
|
6
|
+
def initialize(key_handle)
|
7
7
|
@key_handle = key_handle
|
8
|
-
@challenge = challenge
|
9
|
-
@app_id = app_id
|
10
8
|
end
|
11
9
|
|
12
10
|
def as_json(options = {})
|
13
|
-
|
11
|
+
{
|
12
|
+
version: version,
|
13
|
+
keyHandle: key_handle
|
14
|
+
}
|
14
15
|
end
|
15
16
|
end
|
16
17
|
end
|
data/lib/u2f/sign_response.rb
CHANGED
@@ -29,10 +29,15 @@ module U2F
|
|
29
29
|
signature_data.byteslice(5..-1)
|
30
30
|
end
|
31
31
|
|
32
|
+
# Bit 0 being set to 1 indicates that the user is present. A different value
|
33
|
+
# of Bit 0, as well as Bits 1 through 7, are reserved for future use.
|
34
|
+
USER_PRESENCE_MASK = 0b00000001
|
35
|
+
|
32
36
|
##
|
33
37
|
# If user presence was verified
|
34
38
|
def user_present?
|
35
|
-
signature_data.byteslice(0).unpack('C').first
|
39
|
+
byte = signature_data.byteslice(0).unpack('C').first
|
40
|
+
byte & USER_PRESENCE_MASK == 1
|
36
41
|
end
|
37
42
|
|
38
43
|
##
|
data/lib/u2f/u2f.rb
CHANGED
@@ -21,7 +21,7 @@ module U2F
|
|
21
21
|
def authentication_requests(key_handles)
|
22
22
|
key_handles = [key_handles] unless key_handles.is_a? Array
|
23
23
|
key_handles.map do |key_handle|
|
24
|
-
SignRequest.new(key_handle
|
24
|
+
SignRequest.new(key_handle)
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
@@ -41,13 +41,11 @@ module U2F
|
|
41
41
|
# - +UserNotPresentError+:: if the user wasn't present during the authentication
|
42
42
|
# - +CounterTooLowError+:: if there is a counter mismatch between the registered one and the one in the response.
|
43
43
|
#
|
44
|
-
def authenticate!(
|
44
|
+
def authenticate!(challenge, response, registration_public_key,
|
45
45
|
registration_counter)
|
46
|
-
# Handle both single and Array input
|
47
|
-
challenges = [challenges] unless challenges.is_a? Array
|
48
46
|
|
49
47
|
# TODO: check that it's the correct key_handle as well
|
50
|
-
unless
|
48
|
+
unless challenge == response.client_data.challenge
|
51
49
|
fail NoMatchingRequestError
|
52
50
|
end
|
53
51
|
|
@@ -84,7 +82,7 @@ module U2F
|
|
84
82
|
#
|
85
83
|
def registration_requests
|
86
84
|
# TODO: generate a request for each supported version
|
87
|
-
[RegisterRequest.new(challenge
|
85
|
+
[RegisterRequest.new(challenge)]
|
88
86
|
end
|
89
87
|
|
90
88
|
##
|
data/lib/version.rb
CHANGED
@@ -1,11 +1,10 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe U2F::RegisterRequest do
|
4
|
-
let(:app_id) { 'http://example.com' }
|
5
4
|
let(:challenge) { 'fEnc9oV79EaBgK5BoNERU5gPKM2XGYWrz4fUjgc0Q7g' }
|
6
5
|
|
7
6
|
let(:sign_request) do
|
8
|
-
U2F::RegisterRequest.new(challenge
|
7
|
+
U2F::RegisterRequest.new(challenge)
|
9
8
|
end
|
10
9
|
|
11
10
|
describe '#to_json' do
|
@@ -13,9 +12,8 @@ describe U2F::RegisterRequest do
|
|
13
12
|
it do
|
14
13
|
is_expected.to match_json_expression(
|
15
14
|
version: String,
|
16
|
-
appId: String,
|
17
15
|
challenge: String
|
18
16
|
)
|
19
17
|
end
|
20
18
|
end
|
21
|
-
end
|
19
|
+
end
|
@@ -12,7 +12,7 @@ describe U2F::RegisterResponse do
|
|
12
12
|
device.register_response(challenge).gsub(" ", "")
|
13
13
|
end
|
14
14
|
let(:error_response) { device.register_response(challenge, error = true) }
|
15
|
-
let(:registration_request) { U2F::RegisterRequest.new(challenge
|
15
|
+
let(:registration_request) { U2F::RegisterRequest.new(challenge) }
|
16
16
|
let(:register_response) do
|
17
17
|
U2F::RegisterResponse.load_from_json(registration_data_json)
|
18
18
|
end
|
@@ -1,13 +1,11 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe U2F::SignRequest do
|
4
|
-
let(:app_id) { 'http://example.com' }
|
5
|
-
let(:challenge) { 'fEnc9oV79EaBgK5BoNERU5gPKM2XGYWrz4fUjgc0Q7g' }
|
6
4
|
let(:key_handle) do
|
7
5
|
'CTUayZo8hCBeC-sGQJChC0wW-bBg99bmOlGCgw8XGq4dLsxO3yWh9mRYArZxocP5hBB1pEGB3bbJYiM-5acc5w=='
|
8
6
|
end
|
9
7
|
let(:sign_request) do
|
10
|
-
U2F::SignRequest.new(key_handle
|
8
|
+
U2F::SignRequest.new(key_handle)
|
11
9
|
end
|
12
10
|
|
13
11
|
describe '#to_json' do
|
@@ -15,10 +13,8 @@ describe U2F::SignRequest do
|
|
15
13
|
it do
|
16
14
|
is_expected.to match_json_expression(
|
17
15
|
version: String,
|
18
|
-
appId: String,
|
19
|
-
challenge: String,
|
20
16
|
keyHandle: String
|
21
17
|
)
|
22
18
|
end
|
23
19
|
end
|
24
|
-
end
|
20
|
+
end
|
data/spec/lib/u2f_spec.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: u2f
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Johan Brissmyr
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2017-03-05 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rake
|
@@ -17,28 +17,28 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - "~>"
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version: 10.3
|
20
|
+
version: '10.3'
|
21
21
|
type: :development
|
22
22
|
prerelease: false
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
24
24
|
requirements:
|
25
25
|
- - "~>"
|
26
26
|
- !ruby/object:Gem::Version
|
27
|
-
version: 10.3
|
27
|
+
version: '10.3'
|
28
28
|
- !ruby/object:Gem::Dependency
|
29
29
|
name: rspec
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
31
31
|
requirements:
|
32
32
|
- - "~>"
|
33
33
|
- !ruby/object:Gem::Version
|
34
|
-
version: 3.1
|
34
|
+
version: '3.1'
|
35
35
|
type: :development
|
36
36
|
prerelease: false
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
38
38
|
requirements:
|
39
39
|
- - "~>"
|
40
40
|
- !ruby/object:Gem::Version
|
41
|
-
version: 3.1
|
41
|
+
version: '3.1'
|
42
42
|
- !ruby/object:Gem::Dependency
|
43
43
|
name: json_expressions
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
@@ -73,28 +73,28 @@ dependencies:
|
|
73
73
|
requirements:
|
74
74
|
- - "~>"
|
75
75
|
- !ruby/object:Gem::Version
|
76
|
-
version: 0.
|
76
|
+
version: 0.8.10
|
77
77
|
type: :development
|
78
78
|
prerelease: false
|
79
79
|
version_requirements: !ruby/object:Gem::Requirement
|
80
80
|
requirements:
|
81
81
|
- - "~>"
|
82
82
|
- !ruby/object:Gem::Version
|
83
|
-
version: 0.
|
83
|
+
version: 0.8.10
|
84
84
|
- !ruby/object:Gem::Dependency
|
85
85
|
name: simplecov
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
87
87
|
requirements:
|
88
88
|
- - "~>"
|
89
89
|
- !ruby/object:Gem::Version
|
90
|
-
version: 0.
|
90
|
+
version: 0.11.1
|
91
91
|
type: :development
|
92
92
|
prerelease: false
|
93
93
|
version_requirements: !ruby/object:Gem::Requirement
|
94
94
|
requirements:
|
95
95
|
- - "~>"
|
96
96
|
- !ruby/object:Gem::Version
|
97
|
-
version: 0.
|
97
|
+
version: 0.11.1
|
98
98
|
description: Library for handling registration and authentication of U2F devices
|
99
99
|
email:
|
100
100
|
- brissmyr@gmail.com
|
@@ -136,7 +136,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
136
136
|
requirements:
|
137
137
|
- - ">="
|
138
138
|
- !ruby/object:Gem::Version
|
139
|
-
version:
|
139
|
+
version: 2.0.0
|
140
140
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
141
141
|
requirements:
|
142
142
|
- - ">="
|
@@ -144,7 +144,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
144
144
|
version: '0'
|
145
145
|
requirements: []
|
146
146
|
rubyforge_project:
|
147
|
-
rubygems_version: 2.
|
147
|
+
rubygems_version: 2.6.10
|
148
148
|
signing_key:
|
149
149
|
specification_version: 4
|
150
150
|
summary: U2F library
|