26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
# File 'lib/wallee-ruby-sdk/utils/encryption_util.rb', line 26
def self.is_content_valid(content, signature, public_key, encryption_algorithm)
if encryption_algorithm.nil? || encryption_algorithm.empty?
raise WalleeSdkException.new(
ErrorCode::MISSING_WEBHOOK_ENCRYPTION_ALGORYTHM,
"Webhook signature algorithm was not provided"
)
end
algorithm_class = get_algorithm_class(encryption_algorithm)
if algorithm_class.nil?
raise WalleeSdkException.new(ErrorCode::UNSUPPORTED_WEBHOOK_ENCRYPTION_ALGORYTHM,
"Unsupported webhook signature algorithm: '#{encryption_algorithm}'. " \
"This may indicate that the REST API is using a new encryption algorithm for webhooks. " \
"Please check whether a newer version of the SDK is available.")
end
begin
signature = Base64.decode64(signature)
rescue ArgumentError
raise WalleeSdkException.new(ErrorCode::INVALID_WEBHOOK_ENCRYPTION_CONTENT_SIGNATURE, 'Invalid signature value format')
end
begin
public_key_bytes = Base64.decode64(public_key)
rescue ArgumentError
raise WalleeSdkException.new(ErrorCode::INVALID_WEBHOOK_ENCRYPTION_PUBLIC_KEY, 'Invalid public key value format')
end
begin
public_key = OpenSSL::PKey.read(public_key_bytes)
rescue OpenSSL::PKey::PKeyError
raise WalleeSdkException.new(
ErrorCode::INVALID_WEBHOOK_ENCRYPTION_PUBLIC_KEY,
'Invalid public key: unsupported or unparseable format'
)
end
begin
return public_key.verify(OpenSSL::Digest::SHA256.new, signature, content)
rescue OpenSSL::PKey::PKeyError, OpenSSL::PKey::ECError, OpenSSL::PKey::EC::Point::Error
return false
end
end
|