webauthn 2.4.1 → 2.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1ffc928d4b54cc4c19c946a30e3e0d1e6a56b317d9d82376bb7f7f9693ee88a
4
- data.tar.gz: fe42ab966c5ec4ef20089f147276ba485496b8bcf284c1a16a05606c217a434a
3
+ metadata.gz: 1e6487b19f172c0c7e96af23d04e47f91bebd2ef7d20f144f99f85e761a2db86
4
+ data.tar.gz: 7623405e7cd01708f29897a0d4183fbc8c9b2a3dfb06b9c182646ddaf9c6cb0d
5
5
  SHA512:
6
- metadata.gz: bd77e2c99e1a08f63dc1986edef737e64872f48108e5e664c8517c7bea11e22a9b4c2bf6e07f7d370d09c3ba3ba3264dff309fd792a47c239d359b27bdd070db
7
- data.tar.gz: 36a50f38e8c7dac6e33e0494d9ebeac33587ace21d4cad022be1984bd7f915112ba99c6fb975186e63d2757156c09014538a8cfda55db8edeac5ef0327c42bc0
6
+ metadata.gz: d2f8d2137b2ee140a3258fbbff8d62e49264b2eafa80f0726dacc16a742addf75625b9da51696db6f3862a85e63f44ca5fc2b73320b1c256dd1c57f96121de24
7
+ data.tar.gz: dcb2ea914a14944b4bf7c4682394df12e00ddd4a4b0cc1076a03a7368bf4d563d08b61fbbe27ece3ddcbc05a9ed542d8236c1bfce833669c9b60c5d3387b35b4
@@ -0,0 +1,36 @@
1
+ # This workflow uses actions that are not certified by GitHub.
2
+ # They are provided by a third-party and are governed by
3
+ # separate terms of service, privacy policy, and support
4
+ # documentation.
5
+ # This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
6
+ # For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
7
+
8
+ name: build
9
+
10
+ on: push
11
+
12
+ jobs:
13
+ test:
14
+ runs-on: ubuntu-20.04
15
+ strategy:
16
+ fail-fast: false
17
+ matrix:
18
+ ruby:
19
+ - '3.0'
20
+ - '2.7'
21
+ - '2.6'
22
+ - '2.5'
23
+ - '2.4'
24
+ - truffleruby
25
+ gemfile:
26
+ - openssl_2_2
27
+ - openssl_2_1
28
+ env:
29
+ BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
30
+ steps:
31
+ - uses: actions/checkout@v2
32
+ - uses: ruby/setup-ruby@v1
33
+ with:
34
+ ruby-version: ${{ matrix.ruby }}
35
+ bundler-cache: true
36
+ - run: bundle exec rake
data/.rubocop.yml CHANGED
@@ -1,5 +1,6 @@
1
1
  require:
2
2
  - rubocop-rspec
3
+ - rubocop-rake
3
4
 
4
5
  inherit_mode:
5
6
  merge:
@@ -8,6 +9,7 @@ inherit_mode:
8
9
  AllCops:
9
10
  TargetRubyVersion: 2.4
10
11
  DisabledByDefault: true
12
+ NewCops: disable
11
13
  Exclude:
12
14
  - "gemfiles/**/*"
13
15
  - "vendor/**/*"
@@ -24,6 +26,9 @@ Layout:
24
26
  Layout/ClassStructure:
25
27
  Enabled: true
26
28
 
29
+ Layout/EmptyLineBetweenDefs:
30
+ AllowAdjacentOneLineDefs: true
31
+
27
32
  Layout/EmptyLinesAroundAttributeAccessor:
28
33
  Enabled: true
29
34
 
@@ -92,6 +97,9 @@ Lint/UnreachableLoop:
92
97
  Naming:
93
98
  Enabled: true
94
99
 
100
+ Naming/VariableNumber:
101
+ Enabled: false
102
+
95
103
  RSpec/Be:
96
104
  Enabled: true
97
105
 
data/Appraisals CHANGED
@@ -1,13 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- appraise "cose_head" do
4
- gem "cose", git: "https://github.com/cedarcode/cose-ruby"
5
- end
6
-
7
- appraise "openssl_head" do
8
- gem "openssl", git: "https://github.com/ruby/openssl"
9
- end
10
-
11
3
  appraise "openssl_2_2" do
12
4
  gem "openssl", "~> 2.2.0"
13
5
  end
@@ -15,7 +7,3 @@ end
15
7
  appraise "openssl_2_1" do
16
8
  gem "openssl", "~> 2.1.0"
17
9
  end
18
-
19
- appraise "openssl_2_0" do
20
- gem "openssl", "~> 2.0.0"
21
- end
data/CHANGELOG.md CHANGED
@@ -1,5 +1,22 @@
1
1
  # Changelog
2
2
 
3
+ ## [v3.0.0.alpha1] - 2020-06-27
4
+
5
+ ### Added
6
+
7
+ - Ability to define multiple relying parties with the introduction of the `WebAuthn::RelyingParty` class ([@padulafacundo], [@brauliomartinezlm])
8
+
9
+ ## [v2.5.0] - 2021-03-14
10
+
11
+ ### Added
12
+
13
+ - Support 'apple' attestation statement format ([#343](https://github.com/cedarcode/webauthn-ruby/pull/343) / [@juanarias93], [@santiagorodriguez96])
14
+ - Allow specifying an array of ids as `allow_credentials:` for `FakeClient#get` method ([#335](https://github.com/cedarcode/webauthn-ruby/pull/335) / [@kingjan1999])
15
+
16
+ ### Removed
17
+
18
+ - No longer accept "removed from the WebAuthn spec" options `rp: { icon: }` and `user: { icon: }` for `WebAuthn::Credential.options_for_create` method ([#326](https://github.com/cedarcode/webauthn-ruby/pull/326) / [@santiagorodriguez96])
19
+
3
20
  ## [v2.4.1] - 2021-02-15
4
21
 
5
22
  ### Fixed
@@ -307,6 +324,8 @@ Note: Both additions should help making it compatible with Chrome for Android 70
307
324
  - `WebAuthn::AuthenticatorAttestationResponse.valid?` can be used to validate fido-u2f attestations returned by the browser
308
325
  - Works with ruby 2.5
309
326
 
327
+ [v3.0.0.alpha1]: https://github.com/cedarcode/webauthn-ruby/compare/2-stable...v3.0.0.alpha1/
328
+ [v2.5.0]: https://github.com/cedarcode/webauthn-ruby/compare/v2.4.1...v2.5.0/
310
329
  [v2.4.1]: https://github.com/cedarcode/webauthn-ruby/compare/v2.4.0...v2.4.1/
311
330
  [v2.4.0]: https://github.com/cedarcode/webauthn-ruby/compare/v2.3.0...v2.4.0/
312
331
  [v2.3.0]: https://github.com/cedarcode/webauthn-ruby/compare/v2.2.1...v2.3.0/
@@ -336,6 +355,7 @@ Note: Both additions should help making it compatible with Chrome for Android 70
336
355
  [v0.2.0]: https://github.com/cedarcode/webauthn-ruby/compare/v0.1.0...v0.2.0/
337
356
  [v0.1.0]: https://github.com/cedarcode/webauthn-ruby/compare/v0.0.0...v0.1.0/
338
357
 
358
+ [@brauliomartinezlm]: https://github.com/brauliomartinezlm
339
359
  [@bdewater]: https://github.com/bdewater
340
360
  [@jdongelmans]: https://github.com/jdongelmans
341
361
  [@kalebtesfay]: https://github.com/kalebtesfay
@@ -345,3 +365,5 @@ Note: Both additions should help making it compatible with Chrome for Android 70
345
365
  [@padulafacundo]: https://github.com/padulafacundo
346
366
  [@santiagorodriguez96]: https://github.com/santiagorodriguez96
347
367
  [@lgarron]: https://github.com/lgarron
368
+ [@juanarias93]: https://github.com/juanarias93
369
+ [@kingjan1999]: https://github.com/@kingjan1999
data/README.md CHANGED
@@ -6,7 +6,7 @@ For the current release version see https://github.com/cedarcode/webauthn-ruby/b
6
6
  ![banner](assets/webauthn-ruby.png)
7
7
 
8
8
  [![Gem](https://img.shields.io/gem/v/webauthn.svg?style=flat-square)](https://rubygems.org/gems/webauthn)
9
- [![Travis](https://img.shields.io/travis/cedarcode/webauthn-ruby/master.svg?style=flat-square)](https://travis-ci.org/cedarcode/webauthn-ruby)
9
+ [![Travis](https://img.shields.io/travis/cedarcode/webauthn-ruby/master.svg?style=flat-square)](https://travis-ci.com/cedarcode/webauthn-ruby)
10
10
  [![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-informational.svg?style=flat-square)](https://conventionalcommits.org)
11
11
  [![Join the chat at https://gitter.im/cedarcode/webauthn-ruby](https://badges.gitter.im/cedarcode/webauthn-ruby.svg)](https://gitter.im/cedarcode/webauthn-ruby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
12
12
 
@@ -408,7 +408,7 @@ credential.authenticator_extension_outputs
408
408
 
409
409
  ## Attestation
410
410
 
411
- ### Attestation Statement Format
411
+ ### Attestation Statement Formats
412
412
 
413
413
  | Attestation Statement Format | Supported? |
414
414
  | -------- | :--------: |
@@ -417,6 +417,7 @@ credential.authenticator_extension_outputs
417
417
  | tpm (x5c attestation) | Yes |
418
418
  | android-key | Yes |
419
419
  | android-safetynet | Yes |
420
+ | apple | Yes |
420
421
  | fido-u2f | Yes |
421
422
  | none | Yes |
422
423
 
data/SECURITY.md CHANGED
@@ -4,9 +4,10 @@
4
4
 
5
5
  | Version | Supported |
6
6
  | ------- | ------------------ |
7
+ | 2.5.z | :white_check_mark: |
7
8
  | 2.4.z | :white_check_mark: |
8
9
  | 2.3.z | :white_check_mark: |
9
- | 2.2.z | :white_check_mark: |
10
+ | 2.2.z | :x: |
10
11
  | 2.1.z | :x: |
11
12
  | 2.0.z | :x: |
12
13
  | 1.18.z | :white_check_mark: |
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "webauthn/attestation_statement/android_key"
4
4
  require "webauthn/attestation_statement/android_safetynet"
5
+ require "webauthn/attestation_statement/apple"
5
6
  require "webauthn/attestation_statement/fido_u2f"
6
7
  require "webauthn/attestation_statement/none"
7
8
  require "webauthn/attestation_statement/packed"
@@ -18,6 +19,7 @@ module WebAuthn
18
19
  ATTESTATION_FORMAT_ANDROID_SAFETYNET = "android-safetynet"
19
20
  ATTESTATION_FORMAT_ANDROID_KEY = "android-key"
20
21
  ATTESTATION_FORMAT_TPM = "tpm"
22
+ ATTESTATION_FORMAT_APPLE = "apple"
21
23
 
22
24
  FORMAT_TO_CLASS = {
23
25
  ATTESTATION_FORMAT_NONE => WebAuthn::AttestationStatement::None,
@@ -25,7 +27,8 @@ module WebAuthn
25
27
  ATTESTATION_FORMAT_PACKED => WebAuthn::AttestationStatement::Packed,
26
28
  ATTESTATION_FORMAT_ANDROID_SAFETYNET => WebAuthn::AttestationStatement::AndroidSafetynet,
27
29
  ATTESTATION_FORMAT_ANDROID_KEY => WebAuthn::AttestationStatement::AndroidKey,
28
- ATTESTATION_FORMAT_TPM => WebAuthn::AttestationStatement::TPM
30
+ ATTESTATION_FORMAT_TPM => WebAuthn::AttestationStatement::TPM,
31
+ ATTESTATION_FORMAT_APPLE => WebAuthn::AttestationStatement::Apple
29
32
  }.freeze
30
33
 
31
34
  def self.from(format, statement)
@@ -20,10 +20,6 @@ module WebAuthn
20
20
 
21
21
  private
22
22
 
23
- def matching_public_key?(authenticator_data)
24
- attestation_certificate.public_key.to_der == authenticator_data.credential.public_key_object.to_der
25
- end
26
-
27
23
  def valid_attestation_challenge?(client_data_hash)
28
24
  android_key_attestation.verify_challenge(client_data_hash)
29
25
  rescue AndroidKeyAttestation::ChallengeMismatchError
@@ -16,10 +16,6 @@ module WebAuthn
16
16
  [attestation_type, attestation_trust_path]
17
17
  end
18
18
 
19
- def attestation_certificate
20
- attestation_trust_path.first
21
- end
22
-
23
19
  private
24
20
 
25
21
  def valid_response?(authenticator_data, client_data_hash)
@@ -52,7 +48,7 @@ module WebAuthn
52
48
  end
53
49
 
54
50
  # SafetyNetAttestation returns full chain including root, WebAuthn expects only the x5c certificates
55
- def attestation_trust_path
51
+ def certificates
56
52
  attestation_response.certificate_chain[0..-2]
57
53
  end
58
54
 
@@ -0,0 +1,65 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl"
4
+ require "webauthn/attestation_statement/base"
5
+
6
+ module WebAuthn
7
+ module AttestationStatement
8
+ class Apple < Base
9
+ # Source: https://www.apple.com/certificateauthority/private/
10
+ ROOT_CERTIFICATE =
11
+ OpenSSL::X509::Certificate.new(<<~PEM)
12
+ -----BEGIN CERTIFICATE-----
13
+ MIICEjCCAZmgAwIBAgIQaB0BbHo84wIlpQGUKEdXcTAKBggqhkjOPQQDAzBLMR8w
14
+ HQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJ
15
+ bmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MjEzMloXDTQ1MDMx
16
+ NTAwMDAwMFowSzEfMB0GA1UEAwwWQXBwbGUgV2ViQXV0aG4gUm9vdCBDQTETMBEG
17
+ A1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49
18
+ AgEGBSuBBAAiA2IABCJCQ2pTVhzjl4Wo6IhHtMSAzO2cv+H9DQKev3//fG59G11k
19
+ xu9eI0/7o6V5uShBpe1u6l6mS19S1FEh6yGljnZAJ+2GNP1mi/YK2kSXIuTHjxA/
20
+ pcoRf7XkOtO4o1qlcaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJtdk
21
+ 2cV4wlpn0afeaxLQG2PxxtcwDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cA
22
+ MGQCMFrZ+9DsJ1PW9hfNdBywZDsWDbWFp28it1d/5w2RPkRX3Bbn/UbDTNLx7Jr3
23
+ jAGGiQIwHFj+dJZYUJR786osByBelJYsVZd2GbHQu209b5RCmGQ21gpSAk9QZW4B
24
+ 1bWeT0vT
25
+ -----END CERTIFICATE-----
26
+ PEM
27
+
28
+ NONCE_EXTENSION_OID = "1.2.840.113635.100.8.2"
29
+
30
+ def valid?(authenticator_data, client_data_hash)
31
+ valid_nonce?(authenticator_data, client_data_hash) &&
32
+ matching_public_key?(authenticator_data) &&
33
+ trustworthy? &&
34
+ [attestation_type, attestation_trust_path]
35
+ end
36
+
37
+ private
38
+
39
+ def valid_nonce?(authenticator_data, client_data_hash)
40
+ extension = cred_cert&.extensions&.detect { |ext| ext.oid == NONCE_EXTENSION_OID }
41
+
42
+ if extension
43
+ sequence = OpenSSL::ASN1.decode(OpenSSL::ASN1.decode(extension.to_der).value[1].value)
44
+
45
+ sequence.tag == OpenSSL::ASN1::SEQUENCE &&
46
+ sequence.value.size == 1 &&
47
+ sequence.value[0].value[0].value ==
48
+ OpenSSL::Digest::SHA256.digest(authenticator_data.data + client_data_hash)
49
+ end
50
+ end
51
+
52
+ def attestation_type
53
+ WebAuthn::AttestationStatement::ATTESTATION_TYPE_ANONCA
54
+ end
55
+
56
+ def cred_cert
57
+ attestation_certificate
58
+ end
59
+
60
+ def default_root_certificates
61
+ [ROOT_CERTIFICATE]
62
+ end
63
+ end
64
+ end
65
+ end
@@ -16,11 +16,13 @@ module WebAuthn
16
16
  ATTESTATION_TYPE_SELF = "Self"
17
17
  ATTESTATION_TYPE_ATTCA = "AttCA"
18
18
  ATTESTATION_TYPE_BASIC_OR_ATTCA = "Basic_or_AttCA"
19
+ ATTESTATION_TYPE_ANONCA = "AnonCA"
19
20
 
20
21
  ATTESTATION_TYPES_WITH_ROOT = [
21
22
  ATTESTATION_TYPE_BASIC,
22
23
  ATTESTATION_TYPE_BASIC_OR_ATTCA,
23
- ATTESTATION_TYPE_ATTCA
24
+ ATTESTATION_TYPE_ATTCA,
25
+ ATTESTATION_TYPE_ANONCA
24
26
  ].freeze
25
27
 
26
28
  class Base
@@ -42,12 +44,6 @@ module WebAuthn
42
44
  certificates&.first
43
45
  end
44
46
 
45
- def certificate_chain
46
- if certificates
47
- certificates[1..-1]
48
- end
49
- end
50
-
51
47
  def attestation_certificate_key_id
52
48
  raw_subject_key_identifier&.unpack("H*")&.[](0)
53
49
  end
@@ -68,6 +64,10 @@ module WebAuthn
68
64
  end
69
65
  end
70
66
 
67
+ def matching_public_key?(authenticator_data)
68
+ attestation_certificate.public_key.to_der == authenticator_data.credential.public_key_object.to_der
69
+ end
70
+
71
71
  def certificates
72
72
  @certificates ||=
73
73
  raw_certificates&.map do |raw_certificate|
@@ -16,11 +16,7 @@ module WebAuthn
16
16
  class RootCertificateFinderNotSupportedError < Error; end
17
17
 
18
18
  class Configuration
19
- def self.if_pss_supported(algorithm)
20
- OpenSSL::PKey::RSA.instance_methods.include?(:verify_pss) ? algorithm : nil
21
- end
22
-
23
- DEFAULT_ALGORITHMS = ["ES256", if_pss_supported("PS256"), "RS256"].compact.freeze
19
+ DEFAULT_ALGORITHMS = ["ES256", "PS256", "RS256"].compact.freeze
24
20
 
25
21
  attr_accessor :algorithms
26
22
  attr_accessor :encoding
@@ -39,7 +35,7 @@ module WebAuthn
39
35
  @verify_attestation_statement = true
40
36
  @credential_options_timeout = 120000
41
37
  @silent_authentication = false
42
- @acceptable_attestation_types = ['None', 'Self', 'Basic', 'AttCA', 'Basic_or_AttCA']
38
+ @acceptable_attestation_types = ['None', 'Self', 'Basic', 'AttCA', 'Basic_or_AttCA', 'AnonCA']
43
39
  @attestation_root_certificates_finders = []
44
40
  end
45
41
 
@@ -50,12 +50,20 @@ module WebAuthn
50
50
  user_verified: false,
51
51
  aaguid: AuthenticatorData::AAGUID,
52
52
  sign_count: nil,
53
- extensions: nil
53
+ extensions: nil,
54
+ allow_credentials: nil
54
55
  )
55
56
  credential_options = credentials[rp_id]
56
57
 
57
58
  if credential_options
58
- credential_id, credential = credential_options.first
59
+ allow_credentials ||= credential_options.keys
60
+ credential_id = (credential_options.keys & allow_credentials).first
61
+ unless credential_id
62
+ raise "No matching credentials (allowed=#{allow_credentials}) " \
63
+ "found for RP #{rp_id} among credentials=#{credential_options}"
64
+ end
65
+
66
+ credential = credential_options[credential_id]
59
67
  credential_key = credential[:credential_key]
60
68
  credential_sign_count = credential[:sign_count]
61
69
 
@@ -74,19 +74,25 @@ module WebAuthn
74
74
  user_verified: false,
75
75
  sign_count: nil,
76
76
  extensions: nil,
77
- user_handle: nil)
77
+ user_handle: nil,
78
+ allow_credentials: nil)
78
79
  rp_id ||= URI.parse(origin).host
79
80
 
80
81
  client_data_json = data_json_for(:get, encoder.decode(challenge))
81
82
  client_data_hash = hashed(client_data_json)
82
83
 
84
+ if allow_credentials
85
+ allow_credentials = allow_credentials.map { |credential| encoder.decode(credential) }
86
+ end
87
+
83
88
  assertion = authenticator.get_assertion(
84
89
  rp_id: rp_id,
85
90
  client_data_hash: client_data_hash,
86
91
  user_present: user_present,
87
92
  user_verified: user_verified,
88
93
  sign_count: sign_count,
89
- extensions: extensions
94
+ extensions: extensions,
95
+ allow_credentials: allow_credentials
90
96
  )
91
97
 
92
98
  {
@@ -5,11 +5,10 @@ require "awrence"
5
5
  module WebAuthn
6
6
  class PublicKeyCredential
7
7
  class Entity
8
- attr_reader :name, :icon
8
+ attr_reader :name
9
9
 
10
- def initialize(name:, icon: nil)
10
+ def initialize(name:)
11
11
  @name = name
12
- @icon = icon
13
12
  end
14
13
 
15
14
  def as_json
@@ -37,7 +36,7 @@ module WebAuthn
37
36
  end
38
37
 
39
38
  def attributes
40
- [:name, :icon]
39
+ [:name]
41
40
  end
42
41
  end
43
42
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module WebAuthn
4
- VERSION = "2.4.1"
4
+ VERSION = "2.5.0"
5
5
  end
data/webauthn.gemspec CHANGED
@@ -38,16 +38,17 @@ Gem::Specification.new do |spec|
38
38
  spec.add_dependency "bindata", "~> 2.4"
39
39
  spec.add_dependency "cbor", "~> 0.5.9"
40
40
  spec.add_dependency "cose", "~> 1.1"
41
- spec.add_dependency "openssl", "~> 2.0"
41
+ spec.add_dependency "openssl", "~> 2.1"
42
42
  spec.add_dependency "safety_net_attestation", "~> 0.4.0"
43
43
  spec.add_dependency "securecompare", "~> 1.0"
44
44
  spec.add_dependency "tpm-key_attestation", "~> 0.10.0"
45
45
 
46
- spec.add_development_dependency "appraisal", "~> 2.3.0"
46
+ spec.add_development_dependency "appraisal", "~> 2.4"
47
47
  spec.add_development_dependency "bundler", ">= 1.17", "< 3.0"
48
48
  spec.add_development_dependency "byebug", "~> 11.0"
49
49
  spec.add_development_dependency "rake", "~> 13.0"
50
50
  spec.add_development_dependency "rspec", "~> 3.8"
51
- spec.add_development_dependency "rubocop", "0.89"
52
- spec.add_development_dependency "rubocop-rspec", "~> 1.38.1"
51
+ spec.add_development_dependency "rubocop", "~> 1.9.1"
52
+ spec.add_development_dependency "rubocop-rake", "~> 0.5.1"
53
+ spec.add_development_dependency "rubocop-rspec", "~> 2.2.0"
53
54
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: webauthn
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.4.1
4
+ version: 2.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gonzalo Rodriguez
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: exe
11
11
  cert_chain: []
12
- date: 2021-02-15 00:00:00.000000000 Z
12
+ date: 2021-03-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: android_key_attestation
@@ -87,14 +87,14 @@ dependencies:
87
87
  requirements:
88
88
  - - "~>"
89
89
  - !ruby/object:Gem::Version
90
- version: '2.0'
90
+ version: '2.1'
91
91
  type: :runtime
92
92
  prerelease: false
93
93
  version_requirements: !ruby/object:Gem::Requirement
94
94
  requirements:
95
95
  - - "~>"
96
96
  - !ruby/object:Gem::Version
97
- version: '2.0'
97
+ version: '2.1'
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: safety_net_attestation
100
100
  requirement: !ruby/object:Gem::Requirement
@@ -143,14 +143,14 @@ dependencies:
143
143
  requirements:
144
144
  - - "~>"
145
145
  - !ruby/object:Gem::Version
146
- version: 2.3.0
146
+ version: '2.4'
147
147
  type: :development
148
148
  prerelease: false
149
149
  version_requirements: !ruby/object:Gem::Requirement
150
150
  requirements:
151
151
  - - "~>"
152
152
  - !ruby/object:Gem::Version
153
- version: 2.3.0
153
+ version: '2.4'
154
154
  - !ruby/object:Gem::Dependency
155
155
  name: bundler
156
156
  requirement: !ruby/object:Gem::Requirement
@@ -217,30 +217,44 @@ dependencies:
217
217
  name: rubocop
218
218
  requirement: !ruby/object:Gem::Requirement
219
219
  requirements:
220
- - - '='
220
+ - - "~>"
221
221
  - !ruby/object:Gem::Version
222
- version: '0.89'
222
+ version: 1.9.1
223
223
  type: :development
224
224
  prerelease: false
225
225
  version_requirements: !ruby/object:Gem::Requirement
226
226
  requirements:
227
- - - '='
227
+ - - "~>"
228
+ - !ruby/object:Gem::Version
229
+ version: 1.9.1
230
+ - !ruby/object:Gem::Dependency
231
+ name: rubocop-rake
232
+ requirement: !ruby/object:Gem::Requirement
233
+ requirements:
234
+ - - "~>"
235
+ - !ruby/object:Gem::Version
236
+ version: 0.5.1
237
+ type: :development
238
+ prerelease: false
239
+ version_requirements: !ruby/object:Gem::Requirement
240
+ requirements:
241
+ - - "~>"
228
242
  - !ruby/object:Gem::Version
229
- version: '0.89'
243
+ version: 0.5.1
230
244
  - !ruby/object:Gem::Dependency
231
245
  name: rubocop-rspec
232
246
  requirement: !ruby/object:Gem::Requirement
233
247
  requirements:
234
248
  - - "~>"
235
249
  - !ruby/object:Gem::Version
236
- version: 1.38.1
250
+ version: 2.2.0
237
251
  type: :development
238
252
  prerelease: false
239
253
  version_requirements: !ruby/object:Gem::Requirement
240
254
  requirements:
241
255
  - - "~>"
242
256
  - !ruby/object:Gem::Version
243
- version: 1.38.1
257
+ version: 2.2.0
244
258
  description: |-
245
259
  WebAuthn ruby server library ― Make your application a W3C Web Authentication conformant
246
260
  Relying Party and allow your users to authenticate with U2F and FIDO2 authenticators.
@@ -251,10 +265,10 @@ executables: []
251
265
  extensions: []
252
266
  extra_rdoc_files: []
253
267
  files:
268
+ - ".github/workflows/build.yml"
254
269
  - ".gitignore"
255
270
  - ".rspec"
256
271
  - ".rubocop.yml"
257
- - ".travis.yml"
258
272
  - Appraisals
259
273
  - CHANGELOG.md
260
274
  - CONTRIBUTING.md
@@ -266,17 +280,15 @@ files:
266
280
  - bin/console
267
281
  - bin/setup
268
282
  - docs/u2f_migration.md
269
- - gemfiles/cose_head.gemfile
270
- - gemfiles/openssl_2_0.gemfile
271
283
  - gemfiles/openssl_2_1.gemfile
272
284
  - gemfiles/openssl_2_2.gemfile
273
- - gemfiles/openssl_head.gemfile
274
285
  - lib/cose/rsapkcs1_algorithm.rb
275
286
  - lib/webauthn.rb
276
287
  - lib/webauthn/attestation_object.rb
277
288
  - lib/webauthn/attestation_statement.rb
278
289
  - lib/webauthn/attestation_statement/android_key.rb
279
290
  - lib/webauthn/attestation_statement/android_safetynet.rb
291
+ - lib/webauthn/attestation_statement/apple.rb
280
292
  - lib/webauthn/attestation_statement/base.rb
281
293
  - lib/webauthn/attestation_statement/fido_u2f.rb
282
294
  - lib/webauthn/attestation_statement/fido_u2f/public_key.rb
@@ -316,8 +328,6 @@ files:
316
328
  - lib/webauthn/security_utils.rb
317
329
  - lib/webauthn/u2f_migrator.rb
318
330
  - lib/webauthn/version.rb
319
- - script/ci/install-openssl
320
- - script/ci/install-ruby
321
331
  - webauthn.gemspec
322
332
  homepage: https://github.com/cedarcode/webauthn-ruby
323
333
  licenses:
@@ -341,7 +351,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
341
351
  - !ruby/object:Gem::Version
342
352
  version: '0'
343
353
  requirements: []
344
- rubygems_version: 3.2.8
354
+ rubygems_version: 3.2.14
345
355
  signing_key:
346
356
  specification_version: 4
347
357
  summary: WebAuthn ruby server library
data/.travis.yml DELETED
@@ -1,39 +0,0 @@
1
- dist: bionic
2
- language: ruby
3
-
4
- cache:
5
- bundler: true
6
- directories:
7
- - /home/travis/.rvm/
8
-
9
- env:
10
- - LIBSSL=1.1 RB=2.7.1
11
- - LIBSSL=1.1 RB=2.6.6
12
- - LIBSSL=1.1 RB=2.5.8
13
- - LIBSSL=1.1 RB=2.4.10
14
- - LIBSSL=1.1 RB=ruby-head
15
- - LIBSSL=1.0 RB=2.7.1
16
- - LIBSSL=1.0 RB=2.6.6
17
- - LIBSSL=1.0 RB=2.5.8
18
- - LIBSSL=1.0 RB=2.4.10
19
- - LIBSSL=1.0 RB=ruby-head
20
-
21
- gemfile:
22
- - gemfiles/cose_head.gemfile
23
- - gemfiles/openssl_head.gemfile
24
- - gemfiles/openssl_2_2.gemfile
25
- - gemfiles/openssl_2_1.gemfile
26
- - gemfiles/openssl_2_0.gemfile
27
-
28
- matrix:
29
- fast_finish: true
30
- allow_failures:
31
- - env: LIBSSL=1.1 RB=ruby-head
32
- - env: LIBSSL=1.0 RB=ruby-head
33
- - gemfile: gemfiles/cose_head.gemfile
34
- - gemfile: gemfiles/openssl_head.gemfile
35
-
36
- before_install:
37
- - ./script/ci/install-openssl
38
- - ./script/ci/install-ruby
39
- - gem install bundler -v "~> 2.0"
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "cose", git: "https://github.com/cedarcode/cose-ruby"
6
-
7
- gemspec path: "../"
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "openssl", "~> 2.0.0"
6
-
7
- gemspec path: "../"
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "openssl", git: "https://github.com/ruby/openssl"
6
-
7
- gemspec path: "../"
@@ -1,7 +0,0 @@
1
- #!/bin/bash
2
-
3
- set -e
4
-
5
- if [[ "$LIBSSL" == "1.0" ]]; then
6
- sudo apt-get install libssl1.0-dev
7
- fi
@@ -1,13 +0,0 @@
1
- #!/bin/bash
2
-
3
- set -e
4
-
5
- source "$HOME/.rvm/scripts/rvm"
6
-
7
- if [[ "$LIBSSL" == "1.0" ]]; then
8
- rvm use --install $RB --autolibs=read-only --disable-binary
9
- elif [[ "$LIBSSL" == "1.1" ]]; then
10
- rvm use --install $RB --binary --fuzzy
11
- fi
12
-
13
- [[ "`ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'`" =~ "OpenSSL $LIBSSL" ]] || { echo "Wrong libssl version"; exit 1; }