module MixinBot::API::Pin

Public Instance Methods

decrypt_pin(msg) click to toggle source

decrypt the encrpted pin, just for test

# File lib/mixin_bot/api/pin.rb, line 34
def decrypt_pin(msg)
  msg = Base64.strict_decode64 msg
  iv = msg[0..15]
  cipher = msg[16..47]
  alg = 'AES-256-CBC'
  decode_cipher = OpenSSL::Cipher.new(alg)
  decode_cipher.decrypt
  decode_cipher.iv = iv
  decode_cipher.key = _generate_aes_key
  decoded = decode_cipher.update(cipher)
  decoded[0..5]
end
encrypt_pin(pin_code, iterator: nil) click to toggle source

developers.mixin.one/api/alpha-mixin-network/encrypted-pin/ use timestamp(timestamp) for iterator as default: must be bigger than the previous, the first time must be greater than 0. After a new session created, it will be reset to 0.

# File lib/mixin_bot/api/pin.rb, line 49
def encrypt_pin(pin_code, iterator: nil)
  iterator ||= Time.now.utc.to_i
  tszero = iterator % 0x100
  tsone = (iterator % 0x10000) >> 8
  tstwo = (iterator % 0x1000000) >> 16
  tsthree = (iterator % 0x100000000) >> 24
  tsstring = "#{tszero.chr}#{tsone.chr}#{tstwo.chr}#{tsthree.chr}\u0000\u0000\u0000\u0000"
  encrypt_content = pin_code + tsstring + tsstring
  pad_count = 16 - encrypt_content.length % 16
  padded_content =
    if pad_count.positive?
      encrypt_content + pad_count.chr * pad_count
    else
      encrypt_content
    end

  alg = 'AES-256-CBC'
  aes = OpenSSL::Cipher.new(alg)
  iv = OpenSSL::Cipher.new(alg).random_iv
  aes.encrypt
  aes.key = _generate_aes_key
  aes.iv = iv
  cipher = aes.update(padded_content)
  msg = iv + cipher
  Base64.strict_encode64 msg
end
update_pin(old_pin:, pin:) click to toggle source

developers.mixin.one/api/alpha-mixin-network/create-pin/

# File lib/mixin_bot/api/pin.rb, line 19
def update_pin(old_pin:, pin:)
  path = '/pin/update'
  encrypted_old_pin = old_pin.nil? ? '' : encrypt_pin(old_pin, iterator: Time.now.utc.to_i)
  encrypted_pin = encrypt_pin(pin, iterator: Time.now.utc.to_i + 1)
  payload = {
    old_pin: encrypted_old_pin,
    pin: encrypted_pin
  }

  access_token = access_token('POST', path, payload.to_json)
  authorization = format('Bearer %<access_token>s', access_token: access_token)
  client.post(path, headers: { 'Authorization': authorization }, json: payload)
end
verify_pin(pin_code) click to toggle source

developers.mixin.one/api/alpha-mixin-network/verify-pin/

# File lib/mixin_bot/api/pin.rb, line 7
def verify_pin(pin_code)
  path = '/pin/verify'
  payload = {
    pin: encrypt_pin(pin_code)
  }

  access_token = access_token('POST', path, payload.to_json)
  authorization = format('Bearer %<access_token>s', access_token: access_token)
  client.post(path, headers: { 'Authorization': authorization }, json: payload)
end