diff options
author | ThibG <thib@sitedethib.com> | 2020-06-09 13:00:24 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-09 13:00:24 +0200 |
commit | 3287a10fe9658a6c370431a925abc50d4f68ea08 (patch) | |
tree | 88a408a943aa421a6ba844d309f673150cd92434 /app/validators | |
parent | f328f2faa3fbdb182921366c6a20e745c069b840 (diff) | |
parent | e9d7ca7645fc37534df1222e8d7ab8f3d533b852 (diff) |
Merge pull request #1350 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'app/validators')
-rw-r--r-- | app/validators/ed25519_key_validator.rb | 19 | ||||
-rw-r--r-- | app/validators/ed25519_signature_validator.rb | 29 |
2 files changed, 48 insertions, 0 deletions
diff --git a/app/validators/ed25519_key_validator.rb b/app/validators/ed25519_key_validator.rb new file mode 100644 index 000000000..00a448d5a --- /dev/null +++ b/app/validators/ed25519_key_validator.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +class Ed25519KeyValidator < ActiveModel::EachValidator + def validate_each(record, attribute, value) + return if value.blank? + + key = Base64.decode64(value) + + record.errors[attribute] << I18n.t('crypto.errors.invalid_key') unless verified?(key) + end + + private + + def verified?(key) + Ed25519.validate_key_bytes(key) + rescue ArgumentError + false + end +end diff --git a/app/validators/ed25519_signature_validator.rb b/app/validators/ed25519_signature_validator.rb new file mode 100644 index 000000000..77a21b837 --- /dev/null +++ b/app/validators/ed25519_signature_validator.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +class Ed25519SignatureValidator < ActiveModel::EachValidator + def validate_each(record, attribute, value) + return if value.blank? + + verify_key = Ed25519::VerifyKey.new(Base64.decode64(option_to_value(record, :verify_key))) + signature = Base64.decode64(value) + message = option_to_value(record, :message) + + record.errors[attribute] << I18n.t('crypto.errors.invalid_signature') unless verified?(verify_key, signature, message) + end + + private + + def verified?(verify_key, signature, message) + verify_key.verify(signature, message) + rescue Ed25519::VerifyError, ArgumentError + false + end + + def option_to_value(record, key) + if options[key].is_a?(Proc) + options[key].call(record) + else + record.public_send(options[key]) + end + end +end |