diff --git a/app/models/post.rb b/app/models/post.rb index c6ce1fb5f..872c3942e 100644 --- a/app/models/post.rb +++ b/app/models/post.rb @@ -47,8 +47,11 @@ class Post key :owner_signature, String def verify_signature return false unless owner_signature && person.key_fingerprint - - GPGME::verify(owner_signature, {:always_trust => true}){ |signature| + puts to_xml.to_s + puts owner_signature + GPGME::verify(owner_signature, nil, {:armor => true, :always_trust => true}){ |signature| + puts signature + puts signature.inspect return signature.status == GPGME::GPG_ERR_NO_ERROR && #signature.to_s.include?("Good signature from ") && signature.fpr == person.key_fingerprint @@ -60,7 +63,7 @@ class Post def sign_if_mine if self.person == User.first self.owner_signature = GPGME::sign(to_xml.to_s,nil,{ - :armor=> true, :mode => GPGME::SIG_MODE_DETACH}) + :armor=> true}) end end diff --git a/spec/fixtures/msg.xml b/spec/fixtures/msg.xml new file mode 100644 index 000000000..aa1fbf054 --- /dev/null +++ b/spec/fixtures/msg.xml @@ -0,0 +1,14 @@ + + jimmy's 1 whales + <_id>4c3b7cf9312f91367f000004 + + bob1@aol.com + http://www.example.com/ + <_id>4c3b7c64312f913664000005 + 0264242496D4B585297BF236BEEFE6DEBE3407AA + + Bob + Smith + + + \ No newline at end of file diff --git a/spec/fixtures/msg.xml.detached.asc b/spec/fixtures/msg.xml.detached.asc index 1f3dbcc21..66012caef 100644 --- a/spec/fixtures/msg.xml.detached.asc +++ b/spec/fixtures/msg.xml.detached.asc @@ -1,7 +1,7 @@ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) -iEYEABECAAYFAkw7p+YACgkQ5hWCpTN+yRIrHgCghpIwNtqODBwaEjL6duFNcTKv -+XYAoKWvcAz76dmAvD71QkTue5F67cq8 -=jIOx +iEYEABECAAYFAkw72oUACgkQ5hWCpTN+yRLSuwCgwphc3LWMM0LOZ5wreKjNeaja +BCsAoIzYO9AG3fgV0KbtIFAtuwlNiFxt +=W2K4 -----END PGP SIGNATURE----- diff --git a/spec/user_encryption_spec.rb b/spec/user_encryption_spec.rb index 75630ee32..784866b6a 100644 --- a/spec/user_encryption_spec.rb +++ b/spec/user_encryption_spec.rb @@ -85,7 +85,7 @@ describe 'user encryption' do it 'should verify a remote signature' do person = Factory.create(:person, :key_fingerprint => GPGME.list_keys("Ilya").first.subkeys.first.fpr) message = Factory.create(:status_message, :person => person, - :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read) + :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read) # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.detached.asc").read) # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.clear.asc").read) @@ -95,7 +95,7 @@ describe 'user encryption' do it 'should know if the signature is from the wrong person' do person = Factory.create(:person, :key_fingerprint => GPGME.list_keys("Ilya").first.subkeys.first.fpr) message = Factory.create(:status_message, :person => person, - :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read) + :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read) # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.detached.asc").read) # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.clear.asc").read) @@ -104,7 +104,11 @@ describe 'user encryption' do end it 'should know if the signature is for the wrong text' do - pending + person = Factory.create(:person, :key_fingerprint => GPGME.list_keys("Ilya").first.subkeys.first.fpr) + message = Factory.create(:status_message, :message => 'I love VENISON', :person => person, + :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read) + message.verify_signature.should be false + end end end