Module: DiasporaFederation::Entities::Signable

Includes:
Logging
Included in:
AccountMigration::Signable, Relayable
Defined in:
lib/diaspora_federation/entities/signable.rb

Overview

Signable is a module that encapsulates basic signature generation/verification flow for entities.

Defined Under Namespace

Classes: PublicKeyNotFound, SignatureVerificationFailed

Constant Summary collapse

DIGEST =

Digest instance used for signing

OpenSSL::Digest::SHA256.new

Instance Method Summary collapse

Methods included from Logging

included

Instance Method Details

#sign_with_key(privkey) ⇒ String

Sign the data with the key



14
15
16
# File 'lib/diaspora_federation/entities/signable.rb', line 14

def sign_with_key(privkey)
  Base64.strict_encode64(privkey.sign(DIGEST, signature_data))
end

#signature_dataString

This method is abstract.

This method defines what data is used for a signature creation/verification

Raises:

  • (NotImplementedError)


41
42
43
# File 'lib/diaspora_federation/entities/signable.rb', line 41

def signature_data
  raise NotImplementedError.new("you must override this method to define signature base string")
end

#verify_signature(author, signature_key) ⇒ Object

Check that signature is a correct signature

Raises:



24
25
26
27
28
29
30
31
32
33
34
35
# File 'lib/diaspora_federation/entities/signable.rb', line 24

def verify_signature(author, signature_key)
  pubkey = DiasporaFederation.callbacks.trigger(:fetch_public_key, author)
  raise PublicKeyNotFound, "signature=#{signature_key} person=#{author} obj=#{self}" if pubkey.nil?

  signature = public_send(signature_key)
  raise SignatureVerificationFailed, "no #{signature_key} for #{self}" if signature.nil?

  valid = pubkey.verify(DIGEST, Base64.decode64(signature), signature_data)
  raise SignatureVerificationFailed, "wrong #{signature_key} for #{self}" unless valid

  logger.info "event=verify_signature signature=#{signature_key} status=valid obj=#{self}"
end