Now signing only xml accessors other than person
This commit is contained in:
ilya
parent
8d525f2d4f
commit
add9961ca4
2 changed files with 17 additions and 5 deletions
|
|
@ -47,10 +47,22 @@ class Post
|
|||
|
||||
key :owner_signature, String
|
||||
|
||||
def signable_accessors
|
||||
accessors = self.class.roxml_attrs.collect{|definition|
|
||||
definition.accessor}
|
||||
accessors.delete 'person'
|
||||
accessors
|
||||
end
|
||||
|
||||
def signable_string
|
||||
signable_accessors.collect{|accessor|
|
||||
(self.send accessor.to_sym).to_s}.join ';'
|
||||
end
|
||||
|
||||
def verify_signature
|
||||
return false unless owner_signature && person.key_fingerprint
|
||||
validity = nil
|
||||
GPGME::verify(owner_signature, to_xml.to_s, {:armor => true, :always_trust => true}){ |signature|
|
||||
GPGME::verify(owner_signature, signable_string, {:armor => true, :always_trust => true}){ |signature|
|
||||
validity = signature.status == GPGME::GPG_ERR_NO_ERROR &&
|
||||
signature.fpr == person.key_fingerprint
|
||||
}
|
||||
|
|
@ -60,7 +72,7 @@ class Post
|
|||
protected
|
||||
def sign_if_mine
|
||||
if self.person == User.first
|
||||
self.owner_signature = GPGME::sign(to_xml.to_s,nil,
|
||||
self.owner_signature = GPGME::sign(signable_string,nil,
|
||||
{:armor=> true, :mode => GPGME::SIG_MODE_DETACH})
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ describe 'user encryption' do
|
|||
|
||||
it 'should verify a remote signature' do
|
||||
message = Factory.create(:status_message, :person => @person)
|
||||
message.owner_signature = GPGME.sign(message.to_xml.to_s, nil,
|
||||
message.owner_signature = GPGME.sign(message.signable_string, nil,
|
||||
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
|
||||
message.save
|
||||
message.verify_signature.should be true
|
||||
|
|
@ -100,7 +100,7 @@ describe 'user encryption' do
|
|||
|
||||
it 'should know if the signature is from the wrong person' do
|
||||
message = Factory.create(:status_message, :person => @person)
|
||||
message.owner_signature = GPGME.sign(message.to_xml.to_s, nil,
|
||||
message.owner_signature = GPGME.sign(message.signable_string, nil,
|
||||
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
|
||||
message.person = @u
|
||||
message.verify_signature.should be false
|
||||
|
|
@ -108,7 +108,7 @@ describe 'user encryption' do
|
|||
|
||||
it 'should know if the signature is for the wrong text' do
|
||||
message = Factory.create(:status_message, :person => @person)
|
||||
message.owner_signature = GPGME.sign(message.to_xml.to_s, nil,
|
||||
message.owner_signature = GPGME.sign(message.signable_string, nil,
|
||||
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
|
||||
message.message = 'I love VENISON'
|
||||
message.save
|
||||
|
|
|
|||
Loading…
Reference in a new issue