rails/activesupport/lib/active_support/message_verifier.rb

require 'base64'
require 'active_support/core_ext/object/blank'

module ActiveSupport
  # +MessageVerifier+ makes it easy to generate and verify messages which are
  # signed to prevent tampering.
  #
  # This is useful for cases like remember-me tokens and auto-unsubscribe links
  # where the session store isn't suitable or available.
  #
  # Remember Me:
  #   cookies[:remember_me] = @verifier.generate([@user.id, 2.weeks.from_now])
  #
  # In the authentication filter:
  #
  #   id, time = @verifier.verify(cookies[:remember_me])
  #   if time < Time.now
  #     self.current_user = User.find(id)
  #   end
  #
  # By default it uses Marshal to serialize the message. If you want to use
  # another serialization method, you can set the serializer attribute to
  # something that responds to dump and load, e.g.:
  #
  #   @verifier.serializer = YAML
  class MessageVerifier
    class InvalidSignature < StandardError; end

    def initialize(secret, options = {})
      @secret = secret
      @digest = options[:digest] || 'SHA1'
      @serializer = options[:serializer] || Marshal
    end

    def verify(signed_message)
      raise InvalidSignature if signed_message.blank?

      data, digest = signed_message.split("--")
      if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
        @serializer.load(::Base64.decode64(data))
      else
        raise InvalidSignature
      end
    end

    def generate(value)
      data = ::Base64.strict_encode64(@serializer.dump(value))
      "#{data}--#{generate_digest(data)}"
    end

    private
      # constant-time comparison algorithm to prevent timing attacks
      def secure_compare(a, b)
        return false unless a.bytesize == b.bytesize

        l = a.unpack "C#{a.bytesize}"

        res = 0
        b.each_byte { |byte| res |= byte ^ l.shift }
        res == 0
      end

      def generate_digest(data)
        require 'openssl' unless defined?(OpenSSL)
        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
      end
  end
end
remove ActiveSupport::Base64 in favor of ::Base64 2012-01-01 17:57:55 +00:00			`require 'base64'`
message_verifier.rb needs active_support/core_ext/object/blank 2010-01-01 20:00:37 +00:00			`require 'active_support/core_ext/object/blank'`
message_verifier.rb needs active_support/base64 2010-01-01 19:59:51 +00:00
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`module ActiveSupport`
update AS docs [ci skip] 2012-09-17 05:22:18 +00:00			`# +MessageVerifier+ makes it easy to generate and verify messages which are`
			`# signed to prevent tampering.`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00			`#`
update AS docs [ci skip] 2012-09-17 05:22:18 +00:00			`# This is useful for cases like remember-me tokens and auto-unsubscribe links`
Replace comments' non-breaking spaces with spaces Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code. 2012-12-05 06:11:54 +00:00			`# where the session store isn't suitable or available.`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`#`
			`# Remember Me:`
Don't need _message as it's in the class name already 2008-11-23 15:33:56 +00:00			`# cookies[:remember_me] = @verifier.generate([@user.id, 2.weeks.from_now])`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00			`#`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`# In the authentication filter:`
			`#`
Don't need _message as it's in the class name already 2008-11-23 15:33:56 +00:00			`# id, time = @verifier.verify(cookies[:remember_me])`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`# if time < Time.now`
			`# self.current_user = User.find(id)`
			`# end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00			`#`
update AS docs [ci skip] 2012-09-17 05:22:18 +00:00			`# By default it uses Marshal to serialize the message. If you want to use`
			`# another serialization method, you can set the serializer attribute to`
			`# something that responds to dump and load, e.g.:`
Add some documentation for the new serializer property of MessageVerifier and MessageEncryptor. 2011-09-15 17:23:08 +00:00			`#`
			`# @verifier.serializer = YAML`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`class MessageVerifier`
			`class InvalidSignature < StandardError; end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00
Use an options hash to specify digest/cipher algorithm and a serializer for MessageVerifier and MessageEncryptor. 2011-09-15 18:27:12 +00:00			`def initialize(secret, options = {})`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`@secret = secret`
Use an options hash to specify digest/cipher algorithm and a serializer for MessageVerifier and MessageEncryptor. 2011-09-15 18:27:12 +00:00			`@digest = options[:digest] \|\| 'SHA1'`
			`@serializer = options[:serializer] \|\| Marshal`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00
Don't need _message as it's in the class name already 2008-11-23 15:33:56 +00:00			`def verify(signed_message)`
MessageVerifier#verify raises InvalidSignature if the signature is blank Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2009-10-05 12:27:54 +00:00			`raise InvalidSignature if signed_message.blank?`

Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`data, digest = signed_message.split("--")`
Ensure MessageVerifier raises appropriate exception on tampered data 2009-10-09 01:26:08 +00:00			`if data.present? && digest.present? && secure_compare(digest, generate_digest(data))`
remove ActiveSupport::Base64 in favor of ::Base64 2012-01-01 17:57:55 +00:00			`@serializer.load(::Base64.decode64(data))`
Fix timing attack vulnerability in ActiveSupport::MessageVerifier. Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC. Signed-off-by: Michael Koziarski <michael@koziarski.com> 2009-08-13 17:03:08 +00:00			`else`
			`raise InvalidSignature`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`end`
			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00
Don't need _message as it's in the class name already 2008-11-23 15:33:56 +00:00			`def generate(value)`
remove ActiveSupport::Base64 in favor of ::Base64 2012-01-01 17:57:55 +00:00			`data = ::Base64.strict_encode64(@serializer.dump(value))`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`"#{data}--#{generate_digest(data)}"`
			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 05:13:00 +00:00
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`private`
making secure_compare faster [#3195 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2009-09-13 07:32:30 +00:00			`# constant-time comparison algorithm to prevent timing attacks`
			`def secure_compare(a, b)`
			`return false unless a.bytesize == b.bytesize`
Revert "ruby 1.9 friendly secure_compare" because it breaks CI and Sam Ruby's suite This reverts commit 5de75398c495f109772b622291362a98bc6c21d1. 2009-09-12 19:35:03 +00:00
Revert "Improve performance of MessageVerifier while keeping it constant time" This reverts commit 8b05c5207dd5757d55d0c384740db289e6bd5415. 2010-07-13 23:13:37 +00:00			`l = a.unpack "C#{a.bytesize}"`
making secure_compare faster [#3195 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2009-09-13 07:32:30 +00:00
Revert "Improve performance of MessageVerifier while keeping it constant time" This reverts commit 8b05c5207dd5757d55d0c384740db289e6bd5415. 2010-07-13 23:13:37 +00:00			`res = 0`
			`b.each_byte { \|byte\| res \|= byte ^ l.shift }`
			`res == 0`
Fix timing attack vulnerability in ActiveSupport::MessageVerifier. Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC. Signed-off-by: Michael Koziarski <michael@koziarski.com> 2009-08-13 17:03:08 +00:00			`end`

Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`def generate_digest(data)`
Lazy-require OpenSSL 2008-11-23 23:29:03 +00:00			`require 'openssl' unless defined?(OpenSSL)`
Use OpenSSL::Digest.const(...).new instead of OpenSSL::Digest::Digest.new(...) 2009-09-25 05:43:45 +00:00			`OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 14:29:11 +00:00			`end`
			`end`
Lazy-require OpenSSL 2008-11-23 23:29:03 +00:00			`end`