git_admin/nemo_encoder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update client key encryption

Browse Source
This commit is contained in:
Thein Lin Kyaw
2023-08-17 15:53:13 +06:30
parent d2b9a9e61f
commit 019902872b
3 changed files with 80 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/clients_controller.rb
View File

@@ -24,11 +24,10 @@ class ClientsController < ApplicationController
# POST /clients # POST /clients
# POST /clients.json # POST /clients.json
def create def create
@client = Client.new(client_params) @client = Client.new(client_params)
cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
key=cipher.random_key secrect_key = cipher.random_key
secrect_key= Base64.encode64(key) @client.secrect_key = secrect_key
@client.secrect_key=secrect_key
respond_to do |format| respond_to do |format|
if @client.save if @client.save
@@ -68,7 +67,7 @@ class ClientsController < ApplicationController
# DELETE /clients/1.json # DELETE /clients/1.json
def destroy def destroy
message="Client was successfully destroyed." message="Client was successfully destroyed."
find_batch=Batch.find_by_id(@client.id) find_batch=Batch.find_by_id(@client.id)
if !find_batch.nil? if !find_batch.nil?
message='Unable to delete client named '+ @client.name.to_s+'.' message='Unable to delete client named '+ @client.name.to_s+'.'
@@ -90,6 +89,6 @@ class ClientsController < ApplicationController
# Never trust parameters from the scary internet, only allow the white list through. # Never trust parameters from the scary internet, only allow the white list through.
def client_params def client_params
params.require(:client).permit(:name,:email, :phone, :address,:location_code) params.require(:client).permit(:name,:email, :phone, :address,:location_code)
end end
end end

133
app/models/batch_line_item.rb
View File

@@ -1,15 +1,15 @@
class BatchLineItem < ApplicationRecord class BatchLineItem < ApplicationRecord
belongs_to :batch belongs_to :batch
attr_accessor :secret_token attr_accessor :secret_token
attr_accessor :location attr_accessor :location
attr_accessor :product_type attr_accessor :product_type
require 'digest/md5' require 'digest/md5'
CARD = "Card" CARD = "Card"
WRISTBAND = "Wristband" WRISTBAND = "Wristband"
ACCOUNT_CARD = "Account Card" ACCOUNT_CARD = "Account Card"
def self.generate_account_no(location_code) def self.generate_account_no(location_code)
super_merchant = "101" super_merchant = "101"
account_type='1' account_type='1'
@@ -20,12 +20,12 @@ class BatchLineItem < ApplicationRecord
account_no = super_merchant+account_type+location+random_account_no account_no = super_merchant+account_type+location+random_account_no
find_account_no = BatchLineItem.find_by_asset_identity(account_no) find_account_no = BatchLineItem.find_by_asset_identity(account_no)
if !find_account_no.nil? if !find_account_no.nil?
o = [('0'..'9')].map { |i| i.to_a }.flatten o = [('0'..'9')].map { |i| i.to_a }.flatten
random_account_no = (0...9).map { o[rand(o.length)] }.join random_account_no = (0...9).map { o[rand(o.length)] }.join
account_no = super_merchant+account_type+location+random_account_no account_no = super_merchant+account_type+location+random_account_no
end end
return account_no return account_no
end end
def self.generate_security_code def self.generate_security_code
@@ -33,11 +33,11 @@ class BatchLineItem < ApplicationRecord
security_code = (0...8).map { o[rand(o.length)] }.join security_code = (0...8).map { o[rand(o.length)] }.join
find_account_no = BatchLineItem.find_by_security_code(security_code) find_account_no = BatchLineItem.find_by_security_code(security_code)
if !find_account_no.nil? if !find_account_no.nil?
o = [('0'..'8')].map { |i| i.to_a }.flatten o = [('0'..'8')].map { |i| i.to_a }.flatten
security_code = (0...8).map { o[rand(o.length)] }.join security_code = (0...8).map { o[rand(o.length)] }.join
end end
return security_code return security_code
end end
def self.generate_barcode def self.generate_barcode
@@ -45,12 +45,12 @@ class BatchLineItem < ApplicationRecord
# barcode = (0...8).map { o[rand(o.length)] }.join # barcode = (0...8).map { o[rand(o.length)] }.join
barcode= rand(1_000_000_0..9_999_999_9) barcode= rand(1_000_000_0..9_999_999_9)
find_account_no = BatchLineItem.find_by_barcode(barcode) find_account_no = BatchLineItem.find_by_barcode(barcode)
if !find_account_no.nil? if !find_account_no.nil?
# o = [('0'..'9')].map { |i| i.to_a }.flatten # o = [('0'..'9')].map { |i| i.to_a }.flatten
# barcode = (0...8).map { o[rand(o.length)] }.join # barcode = (0...8).map { o[rand(o.length)] }.join
barcode = rand(1_000_000_0..9_999_999_9) barcode = rand(1_000_000_0..9_999_999_9)
end end
return barcode return barcode
end end
def self.generate_serial_no(client_id) def self.generate_serial_no(client_id)
find_lookup=Lookup.find_by_name('generate_serial_no') find_lookup=Lookup.find_by_name('generate_serial_no')
@@ -58,52 +58,52 @@ class BatchLineItem < ApplicationRecord
max_value=find_lookup.max_value max_value=find_lookup.max_value
max_value=max_value +1 max_value=max_value +1
prefix=find_lookup.prefix prefix=find_lookup.prefix
max_length=find_lookup.max_length max_length=find_lookup.max_length
sufix_len=max_length-prefix.length sufix_len=max_length-prefix.length
sufix_str="0" * sufix_len sufix_str="0" * sufix_len
value_len= max_value.to_s.length value_len= max_value.to_s.length
start=0 start=0
ends=sufix_len-value_len-1 ends=sufix_len-value_len-1
sufix_str= sufix_str[start..ends] sufix_str= sufix_str[start..ends]
prefix_len=prefix.to_s.length prefix_len=prefix.to_s.length
client_len= client_id.to_s.length client_len= client_id.to_s.length
ends= prefix_len -client_len -1 ends= prefix_len -client_len -1
prefix=prefix[start..ends] prefix=prefix[start..ends]
prefix_str=prefix.to_s + client_id.to_s prefix_str=prefix.to_s + client_id.to_s
serial_no=prefix_str.to_s+sufix_str+max_value.to_s serial_no=prefix_str.to_s+sufix_str+max_value.to_s
return serial_no return serial_no
end end
end end
def self.to_csv(client_id,location_code) def self.to_csv(client_id,location_code)
encrypt_key="" encrypt_key=""
find_client=Client.find_by_id(client_id) find_client=Client.find_by_id(client_id)
if !find_client.nil? if !find_client.nil?
encrypt_key=find_client.secrect_key encrypt_key=find_client.secrect_key
end end
attributes = %w{serial_no asset_identity batch_id manufacture_uid asset_type secret_token location} attributes = %w{serial_no asset_identity batch_id manufacture_uid asset_type secret_token location}
CSV.generate(headers: true) do |csv| CSV.generate(headers: true) do |csv|
csv << attributes csv << attributes
all.each do |encoder| all.each do |encoder|
if encoder.product_type_id ==1 if encoder.product_type_id ==1
str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s
elsif encoder.product_type_id == 3 elsif encoder.product_type_id == 3
attributes = attributes+ %w{security_code} attributes = attributes+ %w{security_code}
str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s+"&security_code="+encoder.security_code.to_s str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s+"&security_code="+encoder.security_code.to_s
else else
str="manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s str="manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s
end end
encryptd_data=BatchLineItem.encrypted(str,encrypt_key) encryptd_data=BatchLineItem.encrypted(str,encrypt_key)
encoder.secret_token=encryptd_data encoder.secret_token=encryptd_data
encoder.location=location_code encoder.location=location_code
csv << attributes.map{ |attr| encoder.send(attr)} csv << attributes.map{ |attr| encoder.send(attr)}
end end
end end
@@ -111,50 +111,47 @@ class BatchLineItem < ApplicationRecord
def self.to_csv_seller(client_id,location_code) def self.to_csv_seller(client_id,location_code)
encrypt_key="" encrypt_key=""
find_client=Client.find_by_id(client_id) find_client=Client.find_by_id(client_id)
if !find_client.nil? if !find_client.nil?
encrypt_key=find_client.secrect_key encrypt_key=find_client.secrect_key
end end
attributes = %w{serial_no asset_identity batch_id manufacture_uid asset_type secret_token location barcode} attributes = %w{serial_no asset_identity batch_id manufacture_uid asset_type secret_token location barcode}
CSV.generate(headers: true) do |csv| CSV.generate(headers: true) do |csv|
csv << attributes csv << attributes
all.each do |encoder| all.each do |encoder|
if encoder.product_type_id ==1 if encoder.product_type_id ==1
str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s
elsif encoder.product_type_id == 3 elsif encoder.product_type_id == 3
attributes = attributes+ %w{security_code} attributes = attributes+ %w{security_code}
str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s+"&security_code="+encoder.security_code.to_s str="account_no="+encoder.asset_identity.to_s+"&manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s+"&security_code="+encoder.security_code.to_s
else else
str="manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s+"&barcode="+encoder.barcode.to_s str="manufacture_uid="+encoder.manufacture_uid.to_s+"&serial_no="+encoder.serial_no.to_s+"&barcode="+encoder.barcode.to_s
end end
encryptd_data=BatchLineItem.encrypted(str,encrypt_key) encryptd_data=BatchLineItem.encrypted(str,encrypt_key)
encoder.secret_token=encryptd_data encoder.secret_token=encryptd_data
encoder.location=location_code encoder.location=location_code
csv << attributes.map{ |attr| encoder.send(attr)} csv << attributes.map{ |attr| encoder.send(attr)}
end end
end end
end end
def self.encrypted(message,encrypt_key) def self.encrypted(message,encrypt_key)
cipher = OpenSSL::Cipher::Cipher.new("aes-128-cbc") cipher = OpenSSL::Cipher.new("aes-256-cbc")
cipher.encrypt cipher.encrypt
key = Digest::SHA1.hexdigest(encrypt_key)
iv =encrypt_key
cipher.key = encrypt_key cipher.key = encrypt_key
cipher.iv = encrypt_key cipher.iv = encrypt_key[0,16]
encrypted = cipher.update(message) encrypted = cipher.update(message)
encrypted << cipher.final encrypted << cipher.final
encrypted=Base64.encode64(encrypted) encrypted=Base64.encode64(encrypted)
return encrypted return encrypted
end end
def self.create_product(asset_identity,serial_no,batch_id,manufacture_uid,card_type,security_code=nil) def self.create_product(asset_identity,serial_no,batch_id,manufacture_uid,card_type,security_code=nil)
batchLineItem=BatchLineItem.new batchLineItem=BatchLineItem.new
@@ -175,7 +172,7 @@ class BatchLineItem < ApplicationRecord
max_serail_no=lookup.max_value max_serail_no=lookup.max_value
lookup.max_value=max_serail_no.to_i+1 lookup.max_value=max_serail_no.to_i+1
lookup.save lookup.save
card_qty=batch.qty_processing.to_i card_qty=batch.qty_processing.to_i
success_qty=batch.qty_success success_qty=batch.qty_success
@@ -190,15 +187,15 @@ class BatchLineItem < ApplicationRecord
batch.save batch.save
@result=false,'Error occurs in registration encoder!' @result=false,'Error occurs in registration encoder!'
end end
end end
def self.get_array def self.get_array
arr=Array.new arr=Array.new
(1..100).each do |i| (1..100).each do |i|
str= SecureRandom.hex str= SecureRandom.hex
uid=str[0..13] uid=str[0..13]
arr.push(uid) arr.push(uid)
end end
@arr=arr @arr=arr
end end
end end

12
app/models/client.rb
View File

@@ -1,6 +1,14 @@
class Client < ApplicationRecord class Client < ApplicationRecord
validates :name, presence: { message: "Please enter client name." } validates :name, presence: { message: "Please enter client name." }
validates :name, :uniqueness => {:message =>"This client name is already taken." } ,on: :create validates :name, :uniqueness => {:message =>"This client name is already taken." } ,on: :create
validates :location_code ,presence: { message: "Please enter client location code." } validates :location_code ,presence: { message: "Please enter client location code." }
validates :location_code, :uniqueness => {:message =>"This location code is already taken." } ,on: :create validates :location_code, :uniqueness => {:message =>"This location code is already taken." } ,on: :create
def secrect_key
Base64.decode64(super)
end
def secrect_key=(value)
super(Base64.encode64(value))
end
end end