Class: AppleReceipt::Validator

Inherits:

Object

Object
AppleReceipt::Validator

show all

Defined in:: lib/apple_receipt/validator.rb

Overview

Validator allows one to check the validity of a receipt.

Constant Summary collapse

INTERMEDIATE_CERT_MAPPING =

{
  3 => 'AppleWorldwideDeveloperRelationsCertificationAuthority',
  2 => 'AppleITunesStoreCertificationAuthority'
}.freeze

Instance Method Summary collapse

#add_certificates(certificates) ⇒ Object
#add_named_certificate(name) ⇒ Object
#initialize(receipt, certificates: []) ⇒ Validator constructor

A new instance of Validator.
#populate_certificate_store(version, provided_certificates) ⇒ Object
#public_key ⇒ Object
#signed_data ⇒ Object
#store ⇒ Object
#valid? ⇒ Boolean

Constructor Details

#initialize(receipt, certificates: []) ⇒ `Validator`

Returns a new instance of Validator.

# File 'lib/apple_receipt/validator.rb', line 13

def initialize(receipt, certificates: [])
  populate_certificate_store(receipt.version, certificates)
  @receipt = receipt
end

Instance Method Details

#add_certificates(certificates) ⇒ `Object`

# File 'lib/apple_receipt/validator.rb', line 33

def add_certificates(certificates)
  certificates.each do |cert|
    store.add_cert(cert)
  end
end

#add_named_certificate(name) ⇒ `Object`

# File 'lib/apple_receipt/validator.rb', line 27

def add_named_certificate(name)
  cert_path = File.expand_path("../../certificates/#{name}.cer", __dir__)
  cert_file = File.read(cert_path)
  store.add_cert(OpenSSL::X509::Certificate.new(cert_file))
end

#populate_certificate_store(version, provided_certificates) ⇒ `Object`

# File 'lib/apple_receipt/validator.rb', line 18

def populate_certificate_store(version, provided_certificates)
  if provided_certificates.any?
    add_certificates(provided_certificates)
  else
    add_named_certificate('AppleRootCA')
    add_named_certificate(INTERMEDIATE_CERT_MAPPING[version])
  end
end

#public_key ⇒ `Object`



45
46
47

# File 'lib/apple_receipt/validator.rb', line 45

def public_key
  receipt.certificate.public_key
end

#signed_data ⇒ `Object`



49
50
51

# File 'lib/apple_receipt/validator.rb', line 49

def signed_data
  [receipt.version, receipt.data].pack('CA*')
end

#store ⇒ `Object`



53
54
55

# File 'lib/apple_receipt/validator.rb', line 53

def store
  @store ||= OpenSSL::X509::Store.new
end

#valid? ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/apple_receipt/validator.rb', line 39

def valid?
  store.verify(receipt.certificate) &&
    public_key.verify(OpenSSL::Digest::SHA1.new,
                      receipt.signature, signed_data)
end

Class: AppleReceipt::Validator

Overview

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(receipt, certificates: []) ⇒ Validator

Instance Method Details

#add_certificates(certificates) ⇒ Object

#add_named_certificate(name) ⇒ Object

#populate_certificate_store(version, provided_certificates) ⇒ Object

#public_key ⇒ Object

#signed_data ⇒ Object

#store ⇒ Object

#valid? ⇒ Boolean

#initialize(receipt, certificates: []) ⇒ `Validator`

#add_certificates(certificates) ⇒ `Object`

#add_named_certificate(name) ⇒ `Object`

#populate_certificate_store(version, provided_certificates) ⇒ `Object`

#public_key ⇒ `Object`

#signed_data ⇒ `Object`

#store ⇒ `Object`

#valid? ⇒ `Boolean`