nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactored signature validation got specs passing

Browse source
This commit is contained in:
Raphael 2010-08-17 23:21:00 -07:00
parent 7c75a54d90
commit 4a4686ce6e
7 changed files with 39 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/models/request.rb
View file

@ -42,8 +42,6 @@ class Request
end
#ENCRYPTION
#before_validation :sign_if_mine
#validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
xml_accessor :creator_signature
key :creator_signature, String
@ -62,6 +60,8 @@ class Request
(self.send accessor.to_sym).to_s}.join ';'
end
def signature_valid?; true; end
protected
def clean_link

9
app/models/user.rb
View file

@ -223,6 +223,7 @@ class User
def receive xml
object = Diaspora::Parser.from_xml(xml)
Rails.logger.debug("Receiving object:\n#{object.inspect}")
raise "Signature was not valid on: #{object.inspect}" unless object.signature_valid?
if object.is_a? Retraction
if object.type == 'Person' && object.signature_valid?
@ -246,13 +247,9 @@ class User
person.profile = object
person.save
elsif object.is_a?(Comment) && object.verify_post_creator_signature
if object.verify_creator_signature || object.person.nil?
elsif object.is_a?(Comment)
dispatch_comment object unless owns?(object)
end
elsif object.verify_creator_signature == true
else
Rails.logger.debug("Saving object: #{object}")
object.user_refs += 1
object.save

3
lib/encryptable.rb
View file

@ -2,7 +2,8 @@
def signable_string
raise NotImplementedException("Override this in your encryptable class")
end
def verify_creator_signature
def signature_valid?
verify_signature(creator_signature, person)
end

29
spec/lib/diaspora_parser_spec.rb
View file

@ -13,35 +13,6 @@ describe Diaspora::Parser do
@user2 = Factory.create(:user)
end
describe 'with encryption' do
before do
unstub_mocha_stubs
end
after do
stub_signature_verification
end
it "should not store posts from me" do
10.times {
message = Factory.build(:status_message, :person => @user)
xml = message.to_diaspora_xml
@user.receive xml
}
StatusMessage.count.should == 0
end
it "should reject xml with no sender" do
xml = "<XML>
<head>
</head>
<post><status_message>\n <message>Here is another message</message>\n <owner>a@a.com</owner>\n <snippet>a@a.com</snippet>\n <source>a@a.com</source>\n</status_message></post>
<post><person></person></post>
<post><status_message>\n <message>HEY DUDE</message>\n <owner>a@a.com</owner>\n <snippet>a@a.com</snippet>\n <source>a@a.com</source>\n</status_message></post>
</XML>"
@user.receive xml
Post.count.should == 0
end
end
describe "parsing compliant XML object" do
before do
@xml = Factory.build(:status_message).to_diaspora_xml

2
spec/models/photo_spec.rb
View file

@ -88,7 +88,7 @@ describe Photo do
it 'should save a signed photo to GridFS' do
photo = @user.post(:photo, :album => @album, :user_file => [File.open(@fixture_name)])
photo.save.should == true
photo.verify_creator_signature.should be true
photo.signature_valid?.should be true
end
end

18
spec/spec_helper.rb
View file

@ -42,23 +42,9 @@ end
end
def stub_signature_verification
post_models = []
get_models.each{ |model|
constant_model = model.camelize.constantize
if constant_model == Post || constant_model.superclass == Post
post_models << constant_model
(get_models.map{|model| model.camelize.constantize} - [User]).each do |model|
model.any_instance.stubs(:signature_valid?).returns(true)
end
}
post_models.each{ | model|
model.any_instance.stubs(:verify_creator_signature).returns(true)
model.any_instance.stubs(:verify_signature).returns(true)
}
Retraction.any_instance.stubs(:verify_signature).returns(true)
Request.any_instance.stubs(:verify_signature).returns(true)
Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
Comment.any_instance.stubs(:verify_creator_signature).returns(true)
end
def unstub_mocha_stubs

49
spec/user_encryption_spec.rb
View file

@ -37,21 +37,24 @@ describe 'user encryption' do
end
it 'should receive and marshal a public key from a request' do
person = Factory.build(:person, :url => "http://test.url/" )
person.encryption_key.nil?.should== false
remote_user = Factory.build(:user)
remote_user.encryption_key.nil?.should== false
#should move this to friend request, but i found it here
id = person.id
original_key = person.export_key
id = remote_user.person.id
original_key = remote_user.export_key
request = Request.instantiate(:to =>"http://www.google.com/", :from => person)
request = remote_user.send_friend_request_to(
@user.receive_url, remote_user.group(:name => "temp").id)
xml = request.to_diaspora_xml
person.destroy
personcount = Person.all.count
@user.receive xml
Person.all.count.should == personcount + 1
new_person = Person.first(:url => "http://test.url/")
new_person.id.should == id
remote_user.person.destroy
remote_user.destroy
person_count = Person.all.count
proc {@user.receive xml}.should_not raise_error /Signature was not valid/
Person.all.count.should == person_count + 1
new_person = Person.first(:id => id)
new_person.export_key.should == original_key
end
end
@ -60,7 +63,7 @@ describe 'user encryption' do
it 'should sign a message on create' do
message = @user.post :status_message, :message => "hi"
message.verify_creator_signature.should be true
message.signature_valid?.should be true
end
it 'should sign a retraction on create' do
@ -70,7 +73,7 @@ describe 'user encryption' do
retraction = @user.retract(message)
retraction.verify_creator_signature.should be true
retraction.signature_valid?.should be true
end
@ -78,14 +81,14 @@ describe 'user encryption' do
person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf")
message = Factory.build(:status_message, :person => person)
message.save(:validate => false)
lambda {message.verify_creator_signature.should be false}.should raise_error
lambda {message.signature_valid?.should be false}.should raise_error
end
it 'should verify a remote signature' do
message = Factory.build(:status_message, :person => @person)
message.creator_signature = message.send(:sign_with_key,@person.encryption_key)
message.save(:validate => false)
message.verify_creator_signature.should be true
message.signature_valid?.should be true
end
it 'should know if the signature is from the wrong person' do
@ -93,7 +96,7 @@ describe 'user encryption' do
message.save(:validate => false)
message.creator_signature = message.send(:sign_with_key,@person.encryption_key)
message.person = @user
message.verify_creator_signature.should be false
message.signature_valid?.should be false
end
it 'should know if the signature is for the wrong text' do
@ -101,7 +104,7 @@ describe 'user encryption' do
message.creator_signature = message.send(:sign_with_key,@person.encryption_key)
message.message = 'I love VENISON'
message.save(:validate => false)
message.verify_creator_signature.should be false
message.signature_valid?.should be false
end
end
@ -122,7 +125,7 @@ describe 'user encryption' do
xml = message.to_diaspora_xml
message.destroy
Post.count.should be 0
@user.receive xml
proc {@user.receive xml}.should raise_error /Signature was not valid/
Post.count.should be 0
end
@ -136,20 +139,20 @@ describe 'user encryption' do
end
it 'should attach the creator signature if the user is commenting' do
@user.comment "Yeah, it was great", :on => @remote_message
@remote_message.comments.first.verify_creator_signature.should be true
@remote_message.comments.first.signature_valid?.should be true
end
it 'should sign the comment if the user is the post creator' do
message = @user.post :status_message, :message => "hi"
@user.comment "Yeah, it was great", :on => message
message.comments.first.verify_creator_signature.should be true
message.comments.first.signature_valid?.should be true
message.comments.first.verify_post_creator_signature.should be true
end
it 'should verify a comment made on a remote post by a different friend' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.signature_valid?.should be true
comment.verify_post_creator_signature.should be false
comment.post_creator_signature = comment.send(:sign_with_key,@person.encryption_key)
comment.verify_post_creator_signature.should be true
@ -158,14 +161,14 @@ describe 'user encryption' do
it 'should reject comments on a remote post with only a creator sig' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.signature_valid?.should be true
comment.verify_post_creator_signature.should be false
end
it 'should receive remote comments on a user post with a creator sig' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.signature_valid?.should be true
comment.verify_post_creator_signature.should be false
end