RS, IZ; Encryption specs now pass with openssl

bb66e879 · Raphael · f8e7d3f3 · bb66e879 · bb66e879 · bb66e879
--- a/app/models/retraction.rb
+++ b/app/models/retraction.rb
@@ -20,15 +20,23 @@ class Retraction
  attr_accessor :type
  def perform
-    return unless verify_signature(@creator_signature, Post.first(:id => post_id).person)
    begin
+      return unless signature_valid?
      self.type.constantize.destroy(self.post_id)
    rescue NameError
      Rails.logger.info("Retraction for unknown type recieved.")
    end
  end
+  def signature_valid?
+    target = self.type.constantize.first(:id => self.post_id)
+    if target.is_a? Person
+      verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id))
+    else 
+      verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id).person)
+    end
+  end
  def self.person_id_from(object)
    if object.is_a? Person
      object.id

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -128,10 +128,7 @@ class User < Person
  end
  def generate_key
-    puts "Generating key"
    OpenSSL::PKey::RSA::generate 1024 
  end
 end
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -12,16 +12,20 @@ Factory.define :person do |p|
  p.email "bob-person@aol.com"
  p.active true
  p.sequence(:url)  {|n|"http://google-#{n}.com/"}
-  p.key OpenSSL::PKey::RSA.new(OpenSSL::PKey::RSA.generate(1024).public_key) 
+  p.serialized_key OpenSSL::PKey::RSA.generate(1024).public_key.export
  p.profile Profile.new( :first_name => "Robert", :last_name => "Grimm" )
 end
+Factory.define :person_with_private_key, :parent => :person do |p|
+  p.serialized_key OpenSSL::PKey::RSA.generate(1024).export
+end
 Factory.define :user do |u|
  u.sequence(:email) {|n| "bob#{n}@aol.com"}
  u.password "bluepin7"
  u.password_confirmation "bluepin7"
  u.url  "www.example.com/"
-  u.key OpenSSL::PKey::RSA::generate 1024 
+  u.serialized_key OpenSSL::PKey::RSA::generate(1024).export 
  u.profile Profile.new( :first_name => "Bob", :last_name => "Smith" )
 end
 Factory.define :status_message do |m|

--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -52,11 +52,12 @@ end
    post_models.each{ | model|
      model.any_instance.stubs(:verify_creator_signature).returns(true)
+      model.any_instance.stubs(:verify_signature).returns(true)
    }
+    Retraction.any_instance.stubs(:verify_signature).returns(true)
+    Request.any_instance.stubs(:verify_signature).returns(true)
    Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
-    Person.any_instance.stubs(:remove_key).returns(true)
-    User.any_instance.stubs(:remove_key).returns(true)
  end
  def unstub_mocha_stubs

--- a/spec/user_encryption_spec.rb
+++ b/spec/user_encryption_spec.rb
@@ -12,16 +12,13 @@ describe 'user encryption' do
  before do
    unstub_mocha_stubs
    @user = Factory.create(:user)
-    @user.send(:assign_key)
    @user.save
-    @person = Factory.create(:person,
+    @person = Factory.create(:person_with_private_key,
-      :key_fingerprint => GPGME.list_keys("Remote Friend").first.subkeys.first.fpr,
      :profile => Profile.new(:first_name => 'Remote',
                              :last_name => 'Friend'),
      :email => 'somewhere@else.com',
      :url => 'http://distant-example.com/')
-    @person2 = Factory.create(:person,
+    @person2 = Factory.create(:person_with_private_key,
-      :key_fingerprint => GPGME.list_keys("Second Friend").first.subkeys.first.fpr,
      :profile => Profile.new(:first_name => 'Second',
                              :last_name => 'Friend'),
      :email => 'elsewhere@else.com',
@@ -35,26 +32,9 @@ describe 'user encryption' do
    #keys = ctx.keys
    #keys.each{|k| ctx.delete_key(k, true)}
  end
+  it 'should have a key' do
-  it 'should remove the key from the keyring on person destroy' do
+    @user.key.should_not be nil
-    person = Factory.create :person
-    keyid = person.key_fingerprint
-    original_key = person.export_key
-    GPGME.list_keys(keyid).count.should be 1
-    person.destroy
-    GPGME.list_keys(keyid).count.should be 0
-    GPGME.import(original_key)
-    GPGME.list_keys(keyid).count.should be 1
  end
-  it 'should have a key fingerprint' do
-    @user.key_fingerprint.should_not be nil
-  end
-  it 'should retrieve a user key' do
-    @user.key.subkeys[0].fpr.should  == @user.key_fingerprint
-  end
  describe 'key exchange on friending' do
       it 'should send over a public key' do
      Comment.send(:class_variable_get, :@@queue).stub!(:add_post_request)
@@ -64,9 +44,8 @@ describe 'user encryption' do
    it 'should receive and marshal a public key from a request' do
      person = Factory.build(:person, :url => "http://test.url/" )
-      person.key_fingerprint.nil?.should== false
+      person.key.nil?.should== false
      #should move this to friend request, but i found it here 
-      f = person.key_fingerprint
      id = person.id
      original_key = person.export_key
@@ -78,9 +57,7 @@ describe 'user encryption' do
      store_objects_from_xml(xml)
      Person.all.count.should == personcount + 1
      new_person = Person.first(:url => "http://test.url/")
-      new_person.key_fingerprint.nil?.should == false
      new_person.id.should == id
-      new_person.key_fingerprint.should == f
      new_person.export_key.should == original_key
    end 
  end
@@ -93,10 +70,10 @@ describe 'user encryption' do
    end
    it 'should not be able to verify a message from a person without a key' do 
-      person = Factory.create(:person, :key_fingerprint => "123")
+      person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf")
      message = Factory.build(:status_message, :person => person)
      message.save(:validate => false)
-      message.verify_creator_signature.should be false
+      lambda {message.verify_creator_signature.should be false}.should raise_error 
    end
    it 'should verify a remote signature' do