rails--rails/activesupport/lib/active_support/message_verifier.rb

require 'base64'
require 'active_support/core_ext/object/blank'

module ActiveSupport
  # +MessageVerifier+ makes it easy to generate and verify messages which are
  # signed to prevent tampering.
  #
  # This is useful for cases like remember-me tokens and auto-unsubscribe links
  # where the session store isn't suitable or available.
  #
  # Remember Me:
  #   cookies[:remember_me] = @verifier.generate([@user.id, 2.weeks.from_now])
  #
  # In the authentication filter:
  #
  #   id, time = @verifier.verify(cookies[:remember_me])
  #   if time < Time.now
  #     self.current_user = User.find(id)
  #   end
  #
  # By default it uses Marshal to serialize the message. If you want to use
  # another serialization method, you can set the serializer in the options
  # hash upon initialization:
  #
  #   @verifier = ActiveSupport::MessageVerifier.new('s3Krit', serializer: YAML)
  class MessageVerifier
    class InvalidSignature < StandardError; end

    def initialize(secret, options = {})
      @secret = secret
      @digest = options[:digest] || 'SHA1'
      @serializer = options[:serializer] || Marshal
    end

    def verify(signed_message)
      raise InvalidSignature if signed_message.blank?

      data, digest = signed_message.split("--")
      if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
        begin
          @serializer.load(::Base64.strict_decode64(data))
        rescue ArgumentError => argument_error
          raise InvalidSignature if argument_error.message =~ %r{invalid base64}
          raise
        end
      else
        raise InvalidSignature
      end
    end

    def generate(value)
      data = ::Base64.strict_encode64(@serializer.dump(value))
      "#{data}--#{generate_digest(data)}"
    end

    private
      # constant-time comparison algorithm to prevent timing attacks
      def secure_compare(a, b)
        return false unless a.bytesize == b.bytesize

        l = a.unpack "C#{a.bytesize}"

        res = 0
        b.each_byte { |byte| res |= byte ^ l.shift }
        res == 0
      end

      def generate_digest(data)
        require 'openssl' unless defined?(OpenSSL)
        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
      end
  end
end
remove ActiveSupport::Base64 in favor of ::Base64 2012-01-01 12:57:55 -05:00			`require 'base64'`
message_verifier.rb needs active_support/core_ext/object/blank 2010-01-01 15:00:37 -05:00			`require 'active_support/core_ext/object/blank'`
message_verifier.rb needs active_support/base64 2010-01-01 14:59:51 -05:00
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`module ActiveSupport`
update AS docs [ci skip] 2012-09-17 01:22:18 -04:00			`# +MessageVerifier+ makes it easy to generate and verify messages which are`
			`# signed to prevent tampering.`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00			`#`
update AS docs [ci skip] 2012-09-17 01:22:18 -04:00			`# This is useful for cases like remember-me tokens and auto-unsubscribe links`
Replace comments' non-breaking spaces with spaces Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code. 2012-12-05 01:11:54 -05:00			`# where the session store isn't suitable or available.`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`#`
			`# Remember Me:`
Don't need _message as it's in the class name already 2008-11-23 10:33:56 -05:00			`# cookies[:remember_me] = @verifier.generate([@user.id, 2.weeks.from_now])`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00			`#`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`# In the authentication filter:`
			`#`
Don't need _message as it's in the class name already 2008-11-23 10:33:56 -05:00			`# id, time = @verifier.verify(cookies[:remember_me])`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`# if time < Time.now`
			`# self.current_user = User.find(id)`
			`# end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00			`#`
update AS docs [ci skip] 2012-09-17 01:22:18 -04:00			`# By default it uses Marshal to serialize the message. If you want to use`
Updated docs due to removal of serializer accessor 2013-03-24 14:46:46 -04:00			`# another serialization method, you can set the serializer in the options`
			`# hash upon initialization:`
Add some documentation for the new serializer property of MessageVerifier and MessageEncryptor. 2011-09-15 13:23:08 -04:00			`#`
Updated docs due to removal of serializer accessor 2013-03-24 14:46:46 -04:00			`# @verifier = ActiveSupport::MessageVerifier.new('s3Krit', serializer: YAML)`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`class MessageVerifier`
			`class InvalidSignature < StandardError; end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Use an options hash to specify digest/cipher algorithm and a serializer for MessageVerifier and MessageEncryptor. 2011-09-15 14:27:12 -04:00			`def initialize(secret, options = {})`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`@secret = secret`
Use an options hash to specify digest/cipher algorithm and a serializer for MessageVerifier and MessageEncryptor. 2011-09-15 14:27:12 -04:00			`@digest = options[:digest] \|\| 'SHA1'`
			`@serializer = options[:serializer] \|\| Marshal`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Don't need _message as it's in the class name already 2008-11-23 10:33:56 -05:00			`def verify(signed_message)`
MessageVerifier#verify raises InvalidSignature if the signature is blank Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2009-10-05 08:27:54 -04:00			`raise InvalidSignature if signed_message.blank?`

Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`data, digest = signed_message.split("--")`
Ensure MessageVerifier raises appropriate exception on tampered data 2009-10-08 21:26:08 -04:00			`if data.present? && digest.present? && secure_compare(digest, generate_digest(data))`
Use `Base.strict_decode64` instead of `Base.decode64` just as we do in encoding; Also reduce extra object allocation by creating string directly instead of join on Array 2013-05-15 10:11:04 -04:00			`begin`
			`@serializer.load(::Base64.strict_decode64(data))`
PR #10635 introduces rescue from ArgumentError thrown by `Base64.strict_decode64`. This broke natural order of things for `StaleSessionCheck#stale_session_check!` which tried auto_loading a class based on `ArgumentError` message , and later retrying the `Marshal#load` of class, successfully allowing auto_loading. This PR tries to fix this behavior by forwarding `ArgumentError` 's not raised by `Base64.strict_decode64` , as is, ahead to `StaleSessionCheck#stale_session_check!` 2013-12-07 13:56:09 -05:00			`rescue ArgumentError => argument_error`
			`raise InvalidSignature if argument_error.message =~ %r{invalid base64}`
			`raise`
Use `Base.strict_decode64` instead of `Base.decode64` just as we do in encoding; Also reduce extra object allocation by creating string directly instead of join on Array 2013-05-15 10:11:04 -04:00			`end`
Fix timing attack vulnerability in ActiveSupport::MessageVerifier. Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC. Signed-off-by: Michael Koziarski <michael@koziarski.com> 2009-08-13 13:03:08 -04:00			`else`
			`raise InvalidSignature`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`end`
			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Don't need _message as it's in the class name already 2008-11-23 10:33:56 -05:00			`def generate(value)`
remove ActiveSupport::Base64 in favor of ::Base64 2012-01-01 12:57:55 -05:00			`data = ::Base64.strict_encode64(@serializer.dump(value))`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`"#{data}--#{generate_digest(data)}"`
			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`private`
making secure_compare faster [#3195 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2009-09-13 03:32:30 -04:00			`# constant-time comparison algorithm to prevent timing attacks`
			`def secure_compare(a, b)`
			`return false unless a.bytesize == b.bytesize`
Revert "ruby 1.9 friendly secure_compare" because it breaks CI and Sam Ruby's suite This reverts commit 5de75398c495f109772b622291362a98bc6c21d1. 2009-09-12 15:35:03 -04:00
Revert "Improve performance of MessageVerifier while keeping it constant time" This reverts commit 8b05c5207dd5757d55d0c384740db289e6bd5415. 2010-07-13 19:13:37 -04:00			`l = a.unpack "C#{a.bytesize}"`
making secure_compare faster [#3195 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2009-09-13 03:32:30 -04:00
Revert "Improve performance of MessageVerifier while keeping it constant time" This reverts commit 8b05c5207dd5757d55d0c384740db289e6bd5415. 2010-07-13 19:13:37 -04:00			`res = 0`
			`b.each_byte { \|byte\| res \|= byte ^ l.shift }`
			`res == 0`
Fix timing attack vulnerability in ActiveSupport::MessageVerifier. Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC. Signed-off-by: Michael Koziarski <michael@koziarski.com> 2009-08-13 13:03:08 -04:00			`end`

Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`def generate_digest(data)`
Lazy-require OpenSSL 2008-11-23 18:29:03 -05:00			`require 'openssl' unless defined?(OpenSSL)`
Use OpenSSL::Digest.const(...).new instead of OpenSSL::Digest::Digest.new(...) 2009-09-25 01:43:45 -04:00			`OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)`
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc. This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails. 2008-11-23 09:29:11 -05:00			`end`
			`end`
Lazy-require OpenSSL 2008-11-23 18:29:03 -05:00			`end`