From f487e271c066e1ab44322fb1344fe3c6b9c01d15 Mon Sep 17 00:00:00 2001
From: Raphael <raphael@joindiaspora.com>
Date: Thu, 5 Aug 2010 10:43:02 -0700
Subject: [PATCH] RS, IZ; Posts now sign, signatures and keys now serialize
---
app/models/person.rb | 17 +++++++++++++----
app/models/post.rb | 34 +++++++++++++++++-----------------
app/models/user.rb | 8 ++++----
lib/encryptable.rb | 8 ++++----
4 files changed, 38 insertions(+), 29 deletions(-)
diff --git a/app/models/person.rb b/app/models/person.rb
index 3762d06495..234c780170 100644
--- a/app/models/person.rb
+++ b/app/models/person.rb
@@ -12,7 +12,8 @@ class Person
key :email, String
key :url, String
key :active, Boolean, :default => false
- key :key, OpenSSL::PKey::RSA
+
+ key :serialized_key, String
one :profile, :class_name => 'Profile'
many :posts, :class_name => 'Post', :foreign_key => :person_id
@@ -21,13 +22,13 @@ class Person
timestamps!
before_validation :clean_url
- validates_presence_of :email, :url, :key
+ validates_presence_of :email, :url, :serialized_key
validates_format_of :url, :with =>
/^(https?):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*(\.[a-z]{2,5})?(:[0-9]{1,5})?(\/.*)?$/ix
validates_true_for :url, :logic => lambda { self.url_unique?}
- after_destroy :remove_all_traces, :remove_key
+ after_destroy :remove_all_traces
scope :friends, where(:_type => "Person", :active => true)
@@ -37,8 +38,16 @@ class Person
"#{profile.first_name.to_s} #{profile.last_name.to_s}"
end
+ def key
+ OpenSSL::PKey::RSA.new( serialized_key )
+ end
+
+ def key= new_key
+ raise TypeError unless new_key.class == OpenSSL::PKey::RSA
+ serialized_key = new_key.export
+ end
def export_key
- key.public_key.to_s
+ key.public_key.export
end
protected
diff --git a/app/models/post.rb b/app/models/post.rb
index b1002ce917..1b4149fdcb 100644
--- a/app/models/post.rb
+++ b/app/models/post.rb
@@ -49,24 +49,24 @@ class Post
end
#ENCRYPTION
- before_validation :sign_if_mine
- validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
-
- xml_accessor :creator_signature
- key :creator_signature, String
-
- def signable_accessors
- accessors = self.class.roxml_attrs.collect{|definition|
- definition.accessor}
- accessors.delete 'person'
- accessors.delete 'creator_signature'
- accessors
- end
+ before_validation :sign_if_mine
+ validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
+
+ xml_accessor :creator_signature
+ key :creator_signature, String
+
+ def signable_accessors
+ accessors = self.class.roxml_attrs.collect{|definition|
+ definition.accessor}
+ accessors.delete 'person'
+ accessors.delete 'creator_signature'
+ accessors
+ end
- def signable_string
- signable_accessors.collect{|accessor|
- (self.send accessor.to_sym).to_s}.join ';'
- end
+ def signable_string
+ signable_accessors.collect{|accessor|
+ (self.send accessor.to_sym).to_s}.join ';'
+ end
def log_inspection
Rails.logger.info self.inspect
diff --git a/app/models/user.rb b/app/models/user.rb
index f104c983ba..780bdd8023 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -74,7 +74,7 @@ class User < Person
def receive_friend_request(friend_request)
Rails.logger.info("receiving friend request #{friend_request.to_json}")
- friend_request.person.key = OpenSSL::PKey::RSA.new(friend_request.exported_key)
+ friend_request.person.serialized_key = friend_request.exported_key
if Request.where(:callback_url => friend_request.callback_url).first
friend_request.activate_friend
friend_request.destroy
@@ -124,14 +124,14 @@ class User < Person
protected
def assign_key
- generate_key
+ self.serialized_key ||= generate_key.export
end
def generate_key
puts "Generating key"
- self.key = OpenSSL::PKey::RSA::generate 1024
-
+ OpenSSL::PKey::RSA::generate 1024
+
end
end
diff --git a/lib/encryptable.rb b/lib/encryptable.rb
index 0009c85f60..12b7bf90af 100644
--- a/lib/encryptable.rb
+++ b/lib/encryptable.rb
@@ -8,10 +8,10 @@
def verify_signature(signature, person)
return false unless signature && person.key
- validity = nil
Rails.logger.info("Verifying sig on #{signable_string} from person #{person.real_name}")
- person.key.verify "SHA", signature, signable_string
-
+ validity = person.key.verify "SHA", Base64.decode64(signature), signable_string
+ Rails.logger.info("Validity: #{validity}")
+ validity
end
protected
@@ -27,7 +27,7 @@
def sign_with_key(key)
Rails.logger.info("Signing #{signable_string}")
- key.sign "SHA", signable_string
+ Base64.encode64(key.sign "SHA", signable_string)
end
end
--
GitLab