Skip to content
Extraits de code Groupes Projets
Valider bb66e879 rédigé par Raphael's avatar Raphael
Parcourir les fichiers

RS, IZ; Encryption specs now pass with openssl

parent f8e7d3f3
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
......@@ -20,15 +20,23 @@ class Retraction
attr_accessor :type
def perform
return unless verify_signature(@creator_signature, Post.first(:id => post_id).person)
begin
return unless signature_valid?
self.type.constantize.destroy(self.post_id)
rescue NameError
Rails.logger.info("Retraction for unknown type recieved.")
end
end
def signature_valid?
target = self.type.constantize.first(:id => self.post_id)
if target.is_a? Person
verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id))
else
verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id).person)
end
end
def self.person_id_from(object)
if object.is_a? Person
object.id
......
......@@ -128,10 +128,7 @@ class User < Person
end
def generate_key
puts "Generating key"
OpenSSL::PKey::RSA::generate 1024
end
end
......@@ -12,16 +12,20 @@ Factory.define :person do |p|
p.email "bob-person@aol.com"
p.active true
p.sequence(:url) {|n|"http://google-#{n}.com/"}
p.key OpenSSL::PKey::RSA.new(OpenSSL::PKey::RSA.generate(1024).public_key)
p.serialized_key OpenSSL::PKey::RSA.generate(1024).public_key.export
p.profile Profile.new( :first_name => "Robert", :last_name => "Grimm" )
end
Factory.define :person_with_private_key, :parent => :person do |p|
p.serialized_key OpenSSL::PKey::RSA.generate(1024).export
end
Factory.define :user do |u|
u.sequence(:email) {|n| "bob#{n}@aol.com"}
u.password "bluepin7"
u.password_confirmation "bluepin7"
u.url "www.example.com/"
u.key OpenSSL::PKey::RSA::generate 1024
u.serialized_key OpenSSL::PKey::RSA::generate(1024).export
u.profile Profile.new( :first_name => "Bob", :last_name => "Smith" )
end
Factory.define :status_message do |m|
......
......@@ -52,11 +52,12 @@ end
post_models.each{ | model|
model.any_instance.stubs(:verify_creator_signature).returns(true)
model.any_instance.stubs(:verify_signature).returns(true)
}
Retraction.any_instance.stubs(:verify_signature).returns(true)
Request.any_instance.stubs(:verify_signature).returns(true)
Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
Person.any_instance.stubs(:remove_key).returns(true)
User.any_instance.stubs(:remove_key).returns(true)
end
def unstub_mocha_stubs
......
......@@ -12,16 +12,13 @@ describe 'user encryption' do
before do
unstub_mocha_stubs
@user = Factory.create(:user)
@user.send(:assign_key)
@user.save
@person = Factory.create(:person,
:key_fingerprint => GPGME.list_keys("Remote Friend").first.subkeys.first.fpr,
@person = Factory.create(:person_with_private_key,
:profile => Profile.new(:first_name => 'Remote',
:last_name => 'Friend'),
:email => 'somewhere@else.com',
:url => 'http://distant-example.com/')
@person2 = Factory.create(:person,
:key_fingerprint => GPGME.list_keys("Second Friend").first.subkeys.first.fpr,
@person2 = Factory.create(:person_with_private_key,
:profile => Profile.new(:first_name => 'Second',
:last_name => 'Friend'),
:email => 'elsewhere@else.com',
......@@ -35,26 +32,9 @@ describe 'user encryption' do
#keys = ctx.keys
#keys.each{|k| ctx.delete_key(k, true)}
end
it 'should remove the key from the keyring on person destroy' do
person = Factory.create :person
keyid = person.key_fingerprint
original_key = person.export_key
GPGME.list_keys(keyid).count.should be 1
person.destroy
GPGME.list_keys(keyid).count.should be 0
GPGME.import(original_key)
GPGME.list_keys(keyid).count.should be 1
it 'should have a key' do
@user.key.should_not be nil
end
it 'should have a key fingerprint' do
@user.key_fingerprint.should_not be nil
end
it 'should retrieve a user key' do
@user.key.subkeys[0].fpr.should == @user.key_fingerprint
end
describe 'key exchange on friending' do
it 'should send over a public key' do
Comment.send(:class_variable_get, :@@queue).stub!(:add_post_request)
......@@ -64,9 +44,8 @@ describe 'user encryption' do
it 'should receive and marshal a public key from a request' do
person = Factory.build(:person, :url => "http://test.url/" )
person.key_fingerprint.nil?.should== false
person.key.nil?.should== false
#should move this to friend request, but i found it here
f = person.key_fingerprint
id = person.id
original_key = person.export_key
......@@ -78,9 +57,7 @@ describe 'user encryption' do
store_objects_from_xml(xml)
Person.all.count.should == personcount + 1
new_person = Person.first(:url => "http://test.url/")
new_person.key_fingerprint.nil?.should == false
new_person.id.should == id
new_person.key_fingerprint.should == f
new_person.export_key.should == original_key
end
end
......@@ -93,10 +70,10 @@ describe 'user encryption' do
end
it 'should not be able to verify a message from a person without a key' do
person = Factory.create(:person, :key_fingerprint => "123")
person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf")
message = Factory.build(:status_message, :person => person)
message.save(:validate => false)
message.verify_creator_signature.should be false
lambda {message.verify_creator_signature.should be false}.should raise_error
end
it 'should verify a remote signature' do
......
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter