module DiasporaFederation::Entities::Signable
Signable
is a module that encapsulates basic signature generation/verification flow for entities.
Constants
- DIGEST
Digest instance used for signing
Public Instance Methods
sign_with_key(privkey)
click to toggle source
Sign the data with the key
@param [OpenSSL::PKey::RSA] privkey An RSA key @return [String] A Base64 encoded signature of signature_data
with key
# File lib/diaspora_federation/entities/signable.rb, line 16 def sign_with_key(privkey) Base64.strict_encode64(privkey.sign(DIGEST, signature_data)) end
signature_data()
click to toggle source
This method defines what data is used for a signature creation/verification
@abstract @return [String] a string to sign
# File lib/diaspora_federation/entities/signable.rb, line 43 def signature_data raise NotImplementedError.new("you must override this method to define signature base string") end
verify_signature(author, signature_key)
click to toggle source
Check that signature is a correct signature
@param [String] author The author of the signature @param [String] signature_key The signature to be verified @raise [SignatureVerificationFailed] if the signature is not valid @raise [PublicKeyNotFound] if no public key is found
# File lib/diaspora_federation/entities/signable.rb, line 26 def verify_signature(author, signature_key) pubkey = DiasporaFederation.callbacks.trigger(:fetch_public_key, author) raise PublicKeyNotFound, "signature=#{signature_key} person=#{author} obj=#{self}" if pubkey.nil? signature = public_send(signature_key) raise SignatureVerificationFailed, "no #{signature_key} for #{self}" if signature.nil? valid = pubkey.verify(DIGEST, Base64.decode64(signature), signature_data) raise SignatureVerificationFailed, "wrong #{signature_key} for #{self}" unless valid logger.info "event=verify_signature signature=#{signature_key} status=valid obj=#{self}" end