add test for signature

Qi He
1 parent cd5842a6
Showing 4 changed files with 20 additions and 6 deletions Show diff stats
lib/we_whisper/cipher.rb
lib/we_whisper/signature.rb
lib/we_whisper/whisper.rb
spec/we_whisper/signature_spec.rb
@@ -35,7 +35,6 @@ module WeWhisper
       decode_padding(plain)
     end
  
-    # app_id or corp_id
     def pack(content, app_id)
       random = SecureRandom.hex(8)
       text = content.force_encoding('ASCII-8BIT')
@@ -65,7 +64,7 @@ module WeWhisper
  
     def decode_padding(plain)
       pad = plain.bytes[-1]
-      # no padding
+      # if padding is less than 1 or larger than block size, then set to 0
       pad = 0 if pad < 1 || pad > BLOCK_SIZE
       plain[0...(plain.length - pad)]
     end
@@ -2,9 +2,9 @@ require &#39;digest/sha2&#39;
  
 module WeWhisper
   module Signature
-    def self.hexdigest(token, timestamp, nonce, msg_encrypt)
+    def self.sign(token, timestamp, nonce, encrypted)
       array = [token, timestamp, nonce]
-      array << msg_encrypt unless msg_encrypt.nil?
+      array << encrypted unless encrypted.nil?
       Digest::SHA1.hexdigest array.compact.collect(&:to_s).sort.join
     end
   end
@@ -35,7 +35,7 @@ module WeWhisper
       # 2. If we need to validate signature, generate one from the encrypted text
       #    and check with the Signature in message
       if options[:assert_signature] && signature = Message.get_signature_from_messge(message)
-        sign = Signature.hexdigest(token, timestamp, nonce, encrypted_text)
+        sign = Signature.sign(token, timestamp, nonce, encrypted_text)
         raise InvalidSignature if sign != signature
       end
  
@@ -55,7 +55,7 @@ module WeWhisper
       encrypt = Base64.strict_encode64(encrypt(pack(message, appid), encoding_aes_key))
  
       # 2. Create signature
-      sign = Signature.hexdigest(token, timestamp, nonce, encrypt)
+      sign = Signature.sign(token, timestamp, nonce, encrypt)
  
       # 3. Construct xml
       Message.to_xml(encrypt, sign, timestamp, nonce)
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe WeWhisper::Signature do
+
+  let(:timestamp) { "1415979516" }
+  let(:nonce)     { "1320562132" }
+  let(:signature) { "096d8cda45e4678ca23460f6b8cd281b3faf1fc3" }
+  let(:token)     { "spamtest" }
+  let(:encrypted) { "3kKZ++U5ocvIF8dAHPct7xvUqEv6vplhuzA8Vwj7OnVcBu9fdmbbI41zclSfKqP6/bdYAxuE3x8jse43ImHaV07siJF473TsXhl8Yt8task0n9KC7BDA73mFTwlhYvuCIFnU6wFlzOkHyM5Bh2qpOHYk5nSMRyUG4BwmXpxq8TvLgJV1jj2DXdGW4qdknGLfJgDH5sCPJeBzNC8j8KtrJFxmG7qIwKHn3H5sqBf6UqhXFdbLuTWL3jwE7yMLhzOmiHi/MX/ZsVQ7sMuBiV6bW0wkgielESC3yNUPo4q/RMAFEH0fRLr76BR5Ct0nUbf9PdClc0RdlYcztyOs54X/KLbYRNCQ2kXxmJYL6ekdNe70PCAReIEfXEp+pGpry4ss8bD6LKAtNvBJUwHshZe6sbf+fOiDiuKEqp1wdQLmgN+8nX62LklySWr8QrNCpsmKClxco0kbVYNX/QVh5yd0UA1sAqIn6baZ9G+Z/OXG+Q4n9lUuzLprLhDBPaCvXm4N14oqXNcw7tqU2xfhYNIDaD72djyIc/4eyAi2ZsJ+3hb+jgiISR5WVveRWYYqGZGTW3u+27JiXEo0fs3DQDbGVIcYxaMgU/RRIDdXzZSFcf6Z1azjzCDyV9FFEsicghHn" }
+
+  it "signs message" do
+    expect(subject.sign(token, timestamp, nonce, encrypted)).to eq signature
+  end
+
+end
...	...	@@ -35,7 +35,6 @@ module WeWhisper
35	35	decode_padding(plain)
36	36	end
37	37
38		- # app_id or corp_id
39	38	def pack(content, app_id)
40	39	random = SecureRandom.hex(8)
41	40	text = content.force_encoding('ASCII-8BIT')
...	...	@@ -65,7 +64,7 @@ module WeWhisper
65	64
66	65	def decode_padding(plain)
67	66	pad = plain.bytes[-1]
68		- # no padding
	67	+ # if padding is less than 1 or larger than block size, then set to 0
69	68	pad = 0 if pad < 1 \|\| pad > BLOCK_SIZE
70	69	plain[0...(plain.length - pad)]
71	70	end
...	...
...	...	@@ -2,9 +2,9 @@ require 'digest/sha2'
2	2
3	3	module WeWhisper
4	4	module Signature
5		- def self.hexdigest(token, timestamp, nonce, msg_encrypt)
	5	+ def self.sign(token, timestamp, nonce, encrypted)
6	6	array = [token, timestamp, nonce]
7		- array << msg_encrypt unless msg_encrypt.nil?
	7	+ array << encrypted unless encrypted.nil?
8	8	Digest::SHA1.hexdigest array.compact.collect(&:to_s).sort.join
9	9	end
10	10	end
...	...
...	...	@@ -35,7 +35,7 @@ module WeWhisper
35	35	# 2. If we need to validate signature, generate one from the encrypted text
36	36	# and check with the Signature in message
37	37	if options[:assert_signature] && signature = Message.get_signature_from_messge(message)
38		- sign = Signature.hexdigest(token, timestamp, nonce, encrypted_text)
	38	+ sign = Signature.sign(token, timestamp, nonce, encrypted_text)
39	39	raise InvalidSignature if sign != signature
40	40	end
41	41
...	...	@@ -55,7 +55,7 @@ module WeWhisper
55	55	encrypt = Base64.strict_encode64(encrypt(pack(message, appid), encoding_aes_key))
56	56
57	57	# 2. Create signature
58		- sign = Signature.hexdigest(token, timestamp, nonce, encrypt)
	58	+ sign = Signature.sign(token, timestamp, nonce, encrypt)
59	59
60	60	# 3. Construct xml
61	61	Message.to_xml(encrypt, sign, timestamp, nonce)
...	...
...	...	@@ -0,0 +1,15 @@
	1	+require 'spec_helper'
	2	+
	3	+describe WeWhisper::Signature do
	4	+
	5	+ let(:timestamp) { "1415979516" }
	6	+ let(:nonce) { "1320562132" }
	7	+ let(:signature) { "096d8cda45e4678ca23460f6b8cd281b3faf1fc3" }
	8	+ let(:token) { "spamtest" }
	9	+ let(:encrypted) { "3kKZ++U5ocvIF8dAHPct7xvUqEv6vplhuzA8Vwj7OnVcBu9fdmbbI41zclSfKqP6/bdYAxuE3x8jse43ImHaV07siJF473TsXhl8Yt8task0n9KC7BDA73mFTwlhYvuCIFnU6wFlzOkHyM5Bh2qpOHYk5nSMRyUG4BwmXpxq8TvLgJV1jj2DXdGW4qdknGLfJgDH5sCPJeBzNC8j8KtrJFxmG7qIwKHn3H5sqBf6UqhXFdbLuTWL3jwE7yMLhzOmiHi/MX/ZsVQ7sMuBiV6bW0wkgielESC3yNUPo4q/RMAFEH0fRLr76BR5Ct0nUbf9PdClc0RdlYcztyOs54X/KLbYRNCQ2kXxmJYL6ekdNe70PCAReIEfXEp+pGpry4ss8bD6LKAtNvBJUwHshZe6sbf+fOiDiuKEqp1wdQLmgN+8nX62LklySWr8QrNCpsmKClxco0kbVYNX/QVh5yd0UA1sAqIn6baZ9G+Z/OXG+Q4n9lUuzLprLhDBPaCvXm4N14oqXNcw7tqU2xfhYNIDaD72djyIc/4eyAi2ZsJ+3hb+jgiISR5WVveRWYYqGZGTW3u+27JiXEo0fs3DQDbGVIcYxaMgU/RRIDdXzZSFcf6Z1azjzCDyV9FFEsicghHn" }
	10	+
	11	+ it "signs message" do
	12	+ expect(subject.sign(token, timestamp, nonce, encrypted)).to eq signature
	13	+ end
	14	+
	15	+end
...	...