add test for signature

Qi He
1 parent cd5842a6
Showing 4 changed files with 20 additions and 6 deletions Show diff stats
lib/we_whisper/cipher.rb
lib/we_whisper/signature.rb
lib/we_whisper/whisper.rb
spec/we_whisper/signature_spec.rb
@@ -35,7 +35,6 @@ module WeWhisper
       decode_padding(plain)
     end
-    # app_id or corp_id
     def pack(content, app_id)
       random = SecureRandom.hex(8)
       text = content.force_encoding('ASCII-8BIT')
@@ -65,7 +64,7 @@ module WeWhisper
     def decode_padding(plain)
       pad = plain.bytes[-1]
-      # no padding
+      # if padding is less than 1 or larger than block size, then set to 0
       pad = 0 if pad < 1 || pad > BLOCK_SIZE
       plain[0...(plain.length - pad)]
     end
@@ -2,9 +2,9 @@ require &#39;digest/sha2&#39;
 module WeWhisper
   module Signature
-    def self.hexdigest(token, timestamp, nonce, msg_encrypt)
+    def self.sign(token, timestamp, nonce, encrypted)
       array = [token, timestamp, nonce]
-      array << msg_encrypt unless msg_encrypt.nil?
+      array << encrypted unless encrypted.nil?
       Digest::SHA1.hexdigest array.compact.collect(&:to_s).sort.join
     end
   end
@@ -35,7 +35,7 @@ module WeWhisper
       # 2. If we need to validate signature, generate one from the encrypted text
       #    and check with the Signature in message
       if options[:assert_signature] && signature = Message.get_signature_from_messge(message)
-        sign = Signature.hexdigest(token, timestamp, nonce, encrypted_text)
+        sign = Signature.sign(token, timestamp, nonce, encrypted_text)
         raise InvalidSignature if sign != signature
       end
@@ -55,7 +55,7 @@ module WeWhisper
       encrypt = Base64.strict_encode64(encrypt(pack(message, appid), encoding_aes_key))
       # 2. Create signature
-      sign = Signature.hexdigest(token, timestamp, nonce, encrypt)
+      sign = Signature.sign(token, timestamp, nonce, encrypt)
       # 3. Construct xml
       Message.to_xml(encrypt, sign, timestamp, nonce)
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe WeWhisper::Signature do
+
+  let(:timestamp) { "1415979516" }
+  let(:nonce)     { "1320562132" }
+  let(:signature) { "096d8cda45e4678ca23460f6b8cd281b3faf1fc3" }
+  let(:token)     { "spamtest" }
+  let(:encrypted) { "3kKZ++U5ocvIF8dAHPct7xvUqEv6vplhuzA8Vwj7OnVcBu9fdmbbI41zclSfKqP6/bdYAxuE3x8jse43ImHaV07siJF473TsXhl8Yt8task0n9KC7BDA73mFTwlhYvuCIFnU6wFlzOkHyM5Bh2qpOHYk5nSMRyUG4BwmXpxq8TvLgJV1jj2DXdGW4qdknGLfJgDH5sCPJeBzNC8j8KtrJFxmG7qIwKHn3H5sqBf6UqhXFdbLuTWL3jwE7yMLhzOmiHi/MX/ZsVQ7sMuBiV6bW0wkgielESC3yNUPo4q/RMAFEH0fRLr76BR5Ct0nUbf9PdClc0RdlYcztyOs54X/KLbYRNCQ2kXxmJYL6ekdNe70PCAReIEfXEp+pGpry4ss8bD6LKAtNvBJUwHshZe6sbf+fOiDiuKEqp1wdQLmgN+8nX62LklySWr8QrNCpsmKClxco0kbVYNX/QVh5yd0UA1sAqIn6baZ9G+Z/OXG+Q4n9lUuzLprLhDBPaCvXm4N14oqXNcw7tqU2xfhYNIDaD72djyIc/4eyAi2ZsJ+3hb+jgiISR5WVveRWYYqGZGTW3u+27JiXEo0fs3DQDbGVIcYxaMgU/RRIDdXzZSFcf6Z1azjzCDyV9FFEsicghHn" }
+
+  it "signs message" do
+    expect(subject.sign(token, timestamp, nonce, encrypted)).to eq signature
+  end
+
+end
	@@ -2,9 +2,9 @@ require 'digest/sha2'		@@ -2,9 +2,9 @@ require 'digest/sha2'
2		2
3	module WeWhisper	3	module WeWhisper
4	module Signature	4	module Signature
5	- def self.hexdigest(token, timestamp, nonce, msg_encrypt)	5	+ def self.sign(token, timestamp, nonce, encrypted)
6	array = [token, timestamp, nonce]	6	array = [token, timestamp, nonce]
7	- array << msg_encrypt unless msg_encrypt.nil?	7	+ array << encrypted unless encrypted.nil?
8	Digest::SHA1.hexdigest array.compact.collect(&:to_s).sort.join	8	Digest::SHA1.hexdigest array.compact.collect(&:to_s).sort.join
9	end	9	end
10	end	10	end
	@@ -35,7 +35,7 @@ module WeWhisper		@@ -35,7 +35,7 @@ module WeWhisper
35	# 2. If we need to validate signature, generate one from the encrypted text	35	# 2. If we need to validate signature, generate one from the encrypted text
36	# and check with the Signature in message	36	# and check with the Signature in message
37	if options[:assert_signature] && signature = Message.get_signature_from_messge(message)	37	if options[:assert_signature] && signature = Message.get_signature_from_messge(message)
38	- sign = Signature.hexdigest(token, timestamp, nonce, encrypted_text)	38	+ sign = Signature.sign(token, timestamp, nonce, encrypted_text)
39	raise InvalidSignature if sign != signature	39	raise InvalidSignature if sign != signature
40	end	40	end
41		41
	@@ -55,7 +55,7 @@ module WeWhisper		@@ -55,7 +55,7 @@ module WeWhisper
55	encrypt = Base64.strict_encode64(encrypt(pack(message, appid), encoding_aes_key))	55	encrypt = Base64.strict_encode64(encrypt(pack(message, appid), encoding_aes_key))
56		56
57	# 2. Create signature	57	# 2. Create signature
58	- sign = Signature.hexdigest(token, timestamp, nonce, encrypt)	58	+ sign = Signature.sign(token, timestamp, nonce, encrypt)
59		59
60	# 3. Construct xml	60	# 3. Construct xml
61	Message.to_xml(encrypt, sign, timestamp, nonce)	61	Message.to_xml(encrypt, sign, timestamp, nonce)
@@ -0,0 +1,15 @@		@@ -0,0 +1,15 @@
	1	+require 'spec_helper'
	2	+
	3	+describe WeWhisper::Signature do
	4	+
	5	+ let(:timestamp) { "1415979516" }
	6	+ let(:nonce) { "1320562132" }
	7	+ let(:signature) { "096d8cda45e4678ca23460f6b8cd281b3faf1fc3" }
	8	+ let(:token) { "spamtest" }
	9	+ let(:encrypted) { "3kKZ++U5ocvIF8dAHPct7xvUqEv6vplhuzA8Vwj7OnVcBu9fdmbbI41zclSfKqP6/bdYAxuE3x8jse43ImHaV07siJF473TsXhl8Yt8task0n9KC7BDA73mFTwlhYvuCIFnU6wFlzOkHyM5Bh2qpOHYk5nSMRyUG4BwmXpxq8TvLgJV1jj2DXdGW4qdknGLfJgDH5sCPJeBzNC8j8KtrJFxmG7qIwKHn3H5sqBf6UqhXFdbLuTWL3jwE7yMLhzOmiHi/MX/ZsVQ7sMuBiV6bW0wkgielESC3yNUPo4q/RMAFEH0fRLr76BR5Ct0nUbf9PdClc0RdlYcztyOs54X/KLbYRNCQ2kXxmJYL6ekdNe70PCAReIEfXEp+pGpry4ss8bD6LKAtNvBJUwHshZe6sbf+fOiDiuKEqp1wdQLmgN+8nX62LklySWr8QrNCpsmKClxco0kbVYNX/QVh5yd0UA1sAqIn6baZ9G+Z/OXG+Q4n9lUuzLprLhDBPaCvXm4N14oqXNcw7tqU2xfhYNIDaD72djyIc/4eyAi2ZsJ+3hb+jgiISR5WVveRWYYqGZGTW3u+27JiXEo0fs3DQDbGVIcYxaMgU/RRIDdXzZSFcf6Z1azjzCDyV9FFEsicghHn" }
	10	+
	11	+ it "signs message" do
	12	+ expect(subject.sign(token, timestamp, nonce, encrypted)).to eq signature
	13	+ end
	14	+
	15	+end