TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
016b796ee9
rails/activesupport/lib/active_support/message_verifier.rb

339 lines
14 KiB
Ruby
Raw Normal View History

Use frozen-string-literal in ActiveSupport
2017-07-09 12:06:36 +00:00
# frozen_string_literal: true
[Active Support] `rubocop -a --only Layout/EmptyLineAfterMagicComment`
2017-07-10 13:39:13 +00:00
Extract components from signed messages by calculating their indexes ActiveSupport::MessageVerifier#verified is causing signed_message to be split twice: first inside #valid_message? and then inside #verified. This is ultimately unnecessary. We can avoid String#split all together by calculating the indexes of the data and the digest in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator.
2021-07-30 09:12:42 +00:00
require "openssl"
applies new string literal convention in activesupport/lib The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
2016-08-06 15:58:50 +00:00
require "base64"
[Active Support] require_relative => require This basically reverts 8da30ad6be34339124ba4cb4e36aea260dda12bc
2017-10-21 13:11:29 +00:00
require "active_support/core_ext/object/blank"
require "active_support/security_utils"
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
require "active_support/messages/codec"
[Active Support] require_relative => require This basically reverts 8da30ad6be34339124ba4cb4e36aea260dda12bc
2017-10-21 13:11:29 +00:00
require "active_support/messages/rotator"
message_verifier.rb needs active_support/base64
2010-01-01 19:59:51 +00:00
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
module ActiveSupport
Add missing headers to Active Support docs [ci-skip] Having a h1 heading will improve SEO and makes things look more consistent.
2023-04-23 13:48:37 +00:00
# = Active Support Message Verifier
#
update AS docs [ci skip]
2012-09-17 05:22:18 +00:00
# +MessageVerifier+ makes it easy to generate and verify messages which are
# signed to prevent tampering.
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# In a Rails application, you can use +Rails.application.message_verifier+
# to manage unique instances of verifiers for each use case.
# {Learn more}[link:classes/Rails/Application.html#method-i-message_verifier].
#
update AS docs [ci skip]
2012-09-17 05:22:18 +00:00
# This is useful for cases like remember-me tokens and auto-unsubscribe links
Replace comments' non-breaking spaces with spaces Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code.
2012-12-05 06:11:54 +00:00
# where the session store isn't suitable or available.
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# First, generate a signed message:
# cookies[:remember_me] = Rails.application.message_verifier(:remember_me).generate([@user.id, 2.weeks.from_now])
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# Later verify that message:
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# id, time = Rails.application.message_verifier(:remember_me).verify(cookies[:remember_me])
# if time.future?
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
# self.current_user = User.find(id)
# end
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# === Confine messages to a specific purpose
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# It's not recommended to use the same verifier for different purposes in your application.
# Doing so could allow a malicious actor to re-use a signed message to perform an unauthorized
# action.
# You can reduce this risk by confining signed messages to a specific +:purpose+.
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# token = @verifier.generate("signed message", purpose: :login)
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
# Then that same purpose must be passed when verifying to get the data back out:
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# @verifier.verified(token, purpose: :login) # => "signed message"
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
# @verifier.verified(token, purpose: :shipping) # => nil
# @verifier.verified(token) # => nil
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# @verifier.verify(token, purpose: :login) # => "signed message"
# @verifier.verify(token, purpose: :shipping) # => raises ActiveSupport::MessageVerifier::InvalidSignature
# @verifier.verify(token) # => raises ActiveSupport::MessageVerifier::InvalidSignature
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
# Likewise, if a message has no purpose it won't be returned when verifying with
# a specific purpose.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# token = @verifier.generate("signed message")
# @verifier.verified(token, purpose: :redirect) # => nil
# @verifier.verified(token) # => "signed message"
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# @verifier.verify(token, purpose: :redirect) # => raises ActiveSupport::MessageVerifier::InvalidSignature
# @verifier.verify(token) # => "signed message"
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# === Expiring messages
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
# By default messages last forever and verifying one year from now will still
# return the original value. But messages can be set to expire at a given
# time with +:expires_in+ or +:expires_at+.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# @verifier.generate("signed message", expires_in: 1.month)
# @verifier.generate("signed message", expires_at: Time.now.end_of_year)
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# Messages can then be verified and returned until expiry.
document metadata support added to message encryptor and message verifier [ci skip]
2017-07-22 14:31:53 +00:00
# Thereafter, the +verified+ method returns +nil+ while +verify+ raises
# <tt>ActiveSupport::MessageVerifier::InvalidSignature</tt>.
Add key rotation message Encryptor and Verifier Both classes now have a rotate method where new instances are added for each call. When decryption or verification fails the next rotation instance is tried.
2017-09-23 21:16:21 +00:00
#
# === Rotating keys
#
[ci skip] Attempt a new explanation for rotations. It's become clear to me that the use case is still a bit muddy and the upgrade path is going to be tough for people to figure out. This attempts at understanding it better through documentation, but still needs follow up work. [ Michael Coyne & Kasper Timm Hansen ]
2017-09-24 19:41:16 +00:00
# MessageVerifier also supports rotating out old configurations by falling
[ci skip] Fix typo in MessageVerifier docs
2021-05-14 11:10:29 +00:00
# back to a stack of verifiers. Call +rotate+ to build and add a verifier so
# either +verified+ or +verify+ will also try verifying with the fallback.
[ci skip] Attempt a new explanation for rotations. It's become clear to me that the use case is still a bit muddy and the upgrade path is going to be tough for people to figure out. This attempts at understanding it better through documentation, but still needs follow up work. [ Michael Coyne & Kasper Timm Hansen ]
2017-09-24 19:41:16 +00:00
#
# By default any rotated verifiers use the values of the primary
# verifier unless specified otherwise.
#
# You'd give your verifier the new defaults:
#
# verifier = ActiveSupport::MessageVerifier.new(@secret, digest: "SHA512", serializer: JSON)
#
# Then gradually rotate the old values out by adding them as fallbacks. Any message
# generated with the old values will then work until the rotation is removed.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier.rotate(old_secret) # Fallback to an old secret instead of @secret.
# verifier.rotate(digest: "SHA256") # Fallback to an old digest instead of SHA512.
# verifier.rotate(serializer: Marshal) # Fallback to an old serializer instead of JSON.
[ci skip] Attempt a new explanation for rotations. It's become clear to me that the use case is still a bit muddy and the upgrade path is going to be tough for people to figure out. This attempts at understanding it better through documentation, but still needs follow up work. [ Michael Coyne & Kasper Timm Hansen ]
2017-09-24 19:41:16 +00:00
#
# Though the above would most likely be combined into one rotation:
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier.rotate(old_secret, digest: "SHA256", serializer: Marshal)
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
class MessageVerifier < Messages::Codec
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
prepend Messages::Rotator
Add key rotation message Encryptor and Verifier Both classes now have a rotate method where new instances are added for each call. When decryption or verification fails the next rotation instance is tried.
2017-09-23 21:16:21 +00:00
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
class InvalidSignature < StandardError; end
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
Extract components from signed messages by calculating their indexes ActiveSupport::MessageVerifier#verified is causing signed_message to be split twice: first inside #valid_message? and then inside #verified. This is ultimately unnecessary. We can avoid String#split all together by calculating the indexes of the data and the digest in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator.
2021-07-30 09:12:42 +00:00
SEPARATOR = "--" # :nodoc:
SEPARATOR_LENGTH = SEPARATOR.length # :nodoc:
Revert "Revert "Merge pull request #42843 from buckley-w-david/message-verifier-default-serializer"" This reverts commit fd4e63cc28863b9d1b7cca2da80bb0b1e879c2d3.
2022-03-01 23:14:43 +00:00
cattr_accessor :default_message_verifier_serializer, instance_accessor: false, default: :marshal
Configure serialization of metadata per MessageVerifier object
2023-04-05 14:15:43 +00:00
# Initialize a new MessageVerifier with a secret for the signature.
#
# ==== Options
#
# [+:digest+]
Fix monospace formatting [ci-skip] Follow-up to #47916. RDoc requires `<tt>` in this case.
2023-04-16 23:00:00 +00:00
# Digest used for signing. The default is <tt>"SHA1"</tt>. See
# +OpenSSL::Digest+ for alternatives.
Configure serialization of metadata per MessageVerifier object
2023-04-05 14:15:43 +00:00
#
# [+:serializer+]
# By default, MessageVerifier uses JSON to serialize the message. If you want
# to use another serialization method, you can pass an object that responds
# to +load+ and +dump+, like +Marshal+ or +YAML+.
# +:marshal+, +:hybrid+, and +:json+ are also supported.
#
# [+:url_safe+]
# By default, MessageVerifier generates RFC 4648 compliant strings which are
# not URL-safe. In other words, they can contain "+" and "/". If you want to
# generate URL-safe strings (in compliance with "Base 64 Encoding with URL
# and Filename Safe Alphabet" in RFC 4648), you can pass +true+.
#
# [+:force_legacy_metadata_serializer+]
# Whether to use the legacy metadata serializer, which serializes the
# message first, then wraps it in an envelope which is also serialized. This
# was the default in \Rails 7.0 and below.
#
# If you don't pass a truthy value, the default is set using
# +config.active_support.use_message_serializer_for_metadata+.
def initialize(secret, digest: nil, serializer: nil, url_safe: false, force_legacy_metadata_serializer: false)
applies new string literal convention in activesupport/lib The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
2016-08-06 15:58:50 +00:00
raise ArgumentError, "Secret should not be nil." unless secret
Configure serialization of metadata per MessageVerifier object
2023-04-05 14:15:43 +00:00
super(
serializer: serializer || @@default_message_verifier_serializer,
url_safe: url_safe,
force_legacy_metadata_serializer: force_legacy_metadata_serializer,
)
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
@secret = secret
Extract components from signed messages by calculating their indexes ActiveSupport::MessageVerifier#verified is causing signed_message to be split twice: first inside #valid_message? and then inside #verified. This is ultimately unnecessary. We can avoid String#split all together by calculating the indexes of the data and the digest in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator.
2021-07-30 09:12:42 +00:00
@digest = digest&.to_s || "SHA1"
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
end
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
# Checks if a signed message could have been generated by signing an object
# with the +MessageVerifier+'s secret.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier = ActiveSupport::MessageVerifier.new("secret")
# signed_message = verifier.generate("signed message")
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
# verifier.valid_message?(signed_message) # => true
#
# tampered_message = signed_message.chop # editing the message invalidates the signature
# verifier.valid_message?(tampered_message) # => false
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
def valid_message?(message)
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
!!catch_and_ignore(:invalid_message_format) { extract_encoded(message) }
Add `#verified` and `#valid_message?` to MessageVerifier This commit adds a `#verified` method to `ActiveSupport::MessageVerifier` which will return either `false` when it encounters an error or the message. `#verify` continues to raise an `InvalidSignature` exception on error. This commit also adds a convenience boolean method on `MessageVerifier` as a way to check if a message is valid without performing the decoding.
2014-11-21 23:52:22 +00:00
end
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
# Decodes the signed message using the +MessageVerifier+'s secret.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier = ActiveSupport::MessageVerifier.new("secret")
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# signed_message = verifier.generate("signed message")
# verifier.verified(signed_message) # => "signed message"
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
# Returns +nil+ if the message was not signed with the same secret.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# other_verifier = ActiveSupport::MessageVerifier.new("different_secret")
Copy-edit the MessageVerifier documentation [ci skip]
2014-12-04 16:09:47 +00:00
# other_verifier.verified(signed_message) # => nil
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
# Returns +nil+ if the message is not Base64-encoded.
#
# invalid_message = "f--46a0120593880c733a53b6dad75b42ddc1c8996d"
Copy-edit the MessageVerifier documentation [ci skip]
2014-12-04 16:09:47 +00:00
# verifier.verified(invalid_message) # => nil
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
# Raises any error raised while decoding the signed message.
#
# incompatible_message = "test--dad7b06c94abba8d46a15fafaef56c327665d5ff"
Copy-edit the MessageVerifier documentation [ci skip]
2014-12-04 16:09:47 +00:00
# verifier.verified(incompatible_message) # => TypeError: incompatible marshal file format
Document MessageVerifier method options [ci-skip] This documents the options on the methods themselves, so that the reader does not have to scan the class summary documentation for a specific option.
2023-02-07 22:31:44 +00:00
#
# ==== Options
#
# [+:purpose+]
# The purpose that the message was generated with. If the purpose does not
# match, +verified+ will return +nil+.
#
# message = verifier.generate("hello", purpose: "greeting")
# verifier.verified(message, purpose: "greeting") # => "hello"
# verifier.verified(message, purpose: "chatting") # => nil
# verifier.verified(message) # => nil
#
# message = verifier.generate("bye")
# verifier.verified(message) # => "bye"
# verifier.verified(message, purpose: "greeting") # => nil
#
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
def verified(message, **options)
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
catch_and_ignore :invalid_message_format do
catch_and_raise :invalid_message_serialization do
catch_and_ignore :invalid_message_content do
read_message(message, **options)
end
end
end
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
end
Prefer object/nil over `true`/`false` This is the project guideline and the reasons are: * That follows standard Ruby semantics. * Allows the implementation to avoid artificial code like !! or something ? true : false * You do not need to rely on the exact type of 3rd party code. For example, if your method returns str.end_with?('foo') you do not need to make sure end_with? returns a singleton. Your predicate just propagates predicate semantics up regardless of what end_with? returns.
2014-12-02 15:10:18 +00:00
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
# Decodes the signed message using the +MessageVerifier+'s secret.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier = ActiveSupport::MessageVerifier.new("secret")
# signed_message = verifier.generate("signed message")
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier.verify(signed_message) # => "signed message"
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
# Raises +InvalidSignature+ if the message was not signed with the same
# secret or was not Base64-encoded.
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# other_verifier = ActiveSupport::MessageVerifier.new("different_secret")
[ci skip] fix typo in MessageVerifier#verify docs
2014-12-09 23:23:15 +00:00
# other_verifier.verify(signed_message) # => ActiveSupport::MessageVerifier::InvalidSignature
Document MessageVerifier method options [ci-skip] This documents the options on the methods themselves, so that the reader does not have to scan the class summary documentation for a specific option.
2023-02-07 22:31:44 +00:00
#
# ==== Options
#
# [+:purpose+]
# The purpose that the message was generated with. If the purpose does not
# match, +verify+ will raise ActiveSupport::MessageVerifier::InvalidSignature.
#
# message = verifier.generate("hello", purpose: "greeting")
# verifier.verify(message, purpose: "greeting") # => "hello"
# verifier.verify(message, purpose: "chatting") # => raises InvalidSignature
# verifier.verify(message) # => raises InvalidSignature
#
# message = verifier.generate("bye")
# verifier.verify(message) # => "bye"
# verifier.verify(message, purpose: "greeting") # => raises InvalidSignature
#
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
def verify(message, **options)
catch_and_raise :invalid_message_format, as: InvalidSignature do
catch_and_raise :invalid_message_serialization do
catch_and_raise :invalid_message_content, as: InvalidSignature do
read_message(message, **options)
end
end
end
Add `#verified` and `#valid_message?` to MessageVerifier This commit adds a `#verified` method to `ActiveSupport::MessageVerifier` which will return either `false` when it encounters an error or the message. `#verify` continues to raise an `InvalidSignature` exception on error. This commit also adds a convenience boolean method on `MessageVerifier` as a way to check if a message is valid without performing the decoding.
2014-11-21 23:52:22 +00:00
end
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
# Generates a signed message for the provided value.
#
Update message verifier documentation [ci skip] Generate method of ActiveSupport Message verifier implied that the message is encrypted, but the message is simply Base64-encoded.
2019-07-10 15:39:26 +00:00
# The message is signed with the +MessageVerifier+'s secret.
# Returns Base64-encoded message joined with the generated signature.
Add documentation to MessageVerifier [ci skip] Complements #17727 and closes ee73d9ff8. @lleger How do you feel about this?
2014-12-04 02:00:32 +00:00
#
[ci skip] Improve ActiveSupport::MessageVerifier docs (#44332) * [ci skip] Refer to Rails.application.message_verifier in MessageVerifier docs * [ci skip] Clarify authentication example * [ci skip] Use meaningful example data for message verifier docs * [ci skip] Link to Rails.application.message_verifier docs * [ci skip] Clarify order of message signing and verification * [ci skip] Re-order sections in order of expected use * [ci skip] Recommend using a purpose to reduce risks * [ci skip] More consistent parentheses
2022-02-04 16:03:25 +00:00
# verifier = ActiveSupport::MessageVerifier.new("secret")
# verifier.generate("signed message") # => "BAhJIhNzaWduZWQgbWVzc2FnZQY6BkVU--f67d5f27c3ee0b8483cebf2103757455e947493b"
Document MessageVerifier method options [ci-skip] This documents the options on the methods themselves, so that the reader does not have to scan the class summary documentation for a specific option.
2023-02-07 22:31:44 +00:00
#
# ==== Options
#
# [+:expires_at+]
# The datetime at which the message expires. After this datetime,
# verification of the message will fail.
#
# message = verifier.generate("hello", expires_at: Time.now.tomorrow)
# verifier.verified(message) # => "hello"
# # 24 hours later...
# verifier.verified(message) # => nil
# verifier.verify(message) # => raises ActiveSupport::MessageVerifier::InvalidSignature
#
# [+:expires_in+]
# The duration for which the message is valid. After this duration has
# elapsed, verification of the message will fail.
#
# message = verifier.generate("hello", expires_in: 24.hours)
# verifier.verified(message) # => "hello"
# # 24 hours later...
# verifier.verified(message) # => nil
# verifier.verify(message) # => raises ActiveSupport::MessageVerifier::InvalidSignature
#
# [+:purpose+]
# The purpose of the message. If specified, the same purpose must be
# specified when verifying the message; otherwise, verification will fail.
# (See #verified and #verify.)
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
def generate(value, **options)
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
create_message(value, **options)
end
def create_message(value, **options) # :nodoc:
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
sign_encoded(encode(serialize_with_metadata(value, **options)))
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
end
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;)
2010-08-14 05:13:00 +00:00
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
def read_message(message, **options) # :nodoc:
deserialize_with_metadata(decode(extract_encoded(message)), **options)
end
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
private
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
def sign_encoded(encoded)
digest = generate_digest(encoded)
encoded << SEPARATOR << digest
Abstract encoding strategy for ActiveSupport::MessageVerifier
2014-11-12 22:48:44 +00:00
end
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
def extract_encoded(signed)
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
if signed.nil? || !signed.valid_encoding?
throw :invalid_message_format, "invalid message string"
end
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
if separator_index = separator_index_for(signed)
encoded = signed[0, separator_index]
digest = signed[separator_index + SEPARATOR_LENGTH, digest_length_in_hex]
end
Use throw for message error handling control flow There are multiple points of failure when processing a message with `MessageEncryptor` or `MessageVerifier`, and there several ways we might want to handle those failures. For example, swallowing a failure with `MessageVerifier#verified`, or raising a specific exception with `MessageVerifier#verify`, or conditionally ignoring a failure when rotations are configured. Prior to this commit, the _internal_ logic of handling failures was implemented using a mix of `nil` return values and raised exceptions. This commit reimplements the internal logic using `throw` and a few precisely targeted `rescue`s. This accomplishes several things: * Allow rotation of serializers for `MessageVerifier`. Previously, errors from a `MessageVerifier`'s initial serializer were never rescued. Thus, the serializer could not be rotated: ```ruby old_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: Marshal) new_verifier = ActiveSupport::MessageVerifier.new("secret", serializer: JSON) new_verifier.rotate(serializer: Marshal) message = old_verifier.generate("message") new_verifier.verify(message) # BEFORE: # => raises JSON::ParserError # AFTER: # => "message" ``` * Allow rotation of serializers for `MessageEncryptor` when using a non-standard initial serializer. Similar to `MessageVerifier`, the serializer could not be rotated when the initial serializer raised an error other than `TypeError` or `JSON::ParserError`, such as `Psych::SyntaxError` or a custom error. * Raise `MessageEncryptor::InvalidMessage` from `decrypt_and_verify` regardless of cipher. Previously, when a `MessageEncryptor` was using a non-AEAD cipher such as AES-256-CBC, a corrupt or tampered message would raise `MessageVerifier::InvalidSignature` due to reliance on `MessageVerifier` for verification. Now, the verification mechanism is transparent to the user: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-gcm") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # => raises ActiveSupport::MessageEncryptor::InvalidMessage encryptor = ActiveSupport::MessageEncryptor.new("x" * 32, cipher: "aes-256-cbc") message = encryptor.encrypt_and_sign("message") encryptor.decrypt_and_verify(message.next) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => raises ActiveSupport::MessageEncryptor::InvalidMessage ``` * Support `nil` original value when using `MessageVerifier#verify`. Previously, `MessageVerifier#verify` did not work with `nil` original values, though both `MessageVerifier#verified` and `MessageEncryptor#decrypt_and_verify` do: ```ruby encryptor = ActiveSupport::MessageEncryptor.new("x" * 32) message = encryptor.encrypt_and_sign(nil) encryptor.decrypt_and_verify(message) # => nil verifier = ActiveSupport::MessageVerifier.new("secret") message = verifier.generate(nil) verifier.verified(message) # => nil verifier.verify(message) # BEFORE: # => raises ActiveSupport::MessageVerifier::InvalidSignature # AFTER: # => nil ``` * Improve performance of verifying a message when it has expired and one or more rotations have been configured: ```ruby # frozen_string_literal: true require "benchmark/ips" require "active_support/all" verifier = ActiveSupport::MessageVerifier.new("new secret") verifier.rotate("old secret") message = verifier.generate({ "data" => "x" * 100 }, expires_at: 1.day.ago) Benchmark.ips do |x| x.report("expired message") do verifier.verified(message) end end ``` __Before__ ``` Warming up -------------------------------------- expired message 1.442k i/100ms Calculating ------------------------------------- expired message 14.403k (± 1.7%) i/s - 72.100k in 5.007382s ``` __After__ ``` Warming up -------------------------------------- expired message 1.995k i/100ms Calculating ------------------------------------- expired message 19.992k (± 2.0%) i/s - 101.745k in 5.091421s ``` Fixes #47185.
2023-02-07 19:56:59 +00:00
unless digest_matches_data?(digest, encoded)
throw :invalid_message_format, "mismatched digest"
end
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
encoded
Abstract encoding strategy for ActiveSupport::MessageVerifier
2014-11-12 22:48:44 +00:00
end
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
def generate_digest(data)
Extract components from signed messages by calculating their indexes ActiveSupport::MessageVerifier#verified is causing signed_message to be split twice: first inside #valid_message? and then inside #verified. This is ultimately unnecessary. We can avoid String#split all together by calculating the indexes of the data and the digest in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator.
2021-07-30 09:12:42 +00:00
OpenSSL::HMAC.hexdigest(@digest, @secret, data)
end
def digest_length_in_hex
# In hexadecimal (AKA base16) it takes 4 bits to represent a character,
# hence we multiply the digest's length (in bytes) by 8 to get it in
# bits and divide by 4 to get its number of characters it hex. Well, 8
# divided by 4 is 2.
@digest_length_in_hex ||= OpenSSL::Digest.new(@digest).digest_length * 2
end
Improve the performance of ActiveSupport::MessageVerifier We can avoid using String#split by calculating the indexes of the encrypted data, IV, and auth tag in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator. This is a follow up to the work in PR #42919.
2021-09-01 21:28:33 +00:00
def separator_at?(signed_message, index)
signed_message[index, SEPARATOR_LENGTH] == SEPARATOR
end
Extract components from signed messages by calculating their indexes ActiveSupport::MessageVerifier#verified is causing signed_message to be split twice: first inside #valid_message? and then inside #verified. This is ultimately unnecessary. We can avoid String#split all together by calculating the indexes of the data and the digest in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator.
2021-07-30 09:12:42 +00:00
def separator_index_for(signed_message)
index = signed_message.length - digest_length_in_hex - SEPARATOR_LENGTH
Refactor MessageEncryptor and MessageVerifier This factors common methods into a `ActiveSupport::Messages::Codec` base class. This also disentangles serialization (and deserialization) from encryption (and decryption) in `MessageEncryptor`.
2023-02-07 19:51:28 +00:00
index unless index.negative? || !separator_at?(signed_message, index)
Extract components from signed messages by calculating their indexes ActiveSupport::MessageVerifier#verified is causing signed_message to be split twice: first inside #valid_message? and then inside #verified. This is ultimately unnecessary. We can avoid String#split all together by calculating the indexes of the data and the digest in the payload. This increases the resistance of the solution against ill-formed payloads that don't include the separator.
2021-07-30 09:12:42 +00:00
end
def digest_matches_data?(digest, data)
data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
2008-11-23 14:29:11 +00:00
end
end
Lazy-require OpenSSL
2008-11-23 23:29:03 +00:00
end
Reference in New Issue Copy Permalink