Class: Virgil::SDK::Client::CardValidator

Inherits:

Object

Object
Virgil::SDK::Client::CardValidator

show all

Defined in:: lib/virgil/sdk/client/card_validator.rb

Overview

Class used for cards signatures validation.

Constant Summary collapse

SERVICE_CARD_ID =

ENV['VIRGIL_SERVICE_CARD_ID'] || '3e29d43373348cfb373b7eae189214dc01d7237765e572db685839b64adca853'

SERVICE_PUBLIC_KEY =

ENV['VIRGIL_SERVICE_PUBLIC_KEY'] || 'LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQVlSNTAx'\
'a1YxdFVuZTJ1T2RrdzRrRXJSUmJKcmMyU3lhejVWMWZ1RytyVnM9Ci0tLS0tRU5E'\
'IFBVQkxJQyBLRVktLS0tLQo='

Instance Attribute Summary collapse

#crypto ⇒ Object readonly

Returns the value of attribute crypto.
#verifiers ⇒ Object readonly

Returns the value of attribute verifiers.

Instance Method Summary collapse

#add_default_verifiers ⇒ Object

Add default service verifier to validator.
#add_verifier(card_id, public_key) ⇒ Object

Add signature verifier.
#initialize(crypto) ⇒ CardValidator constructor

Initializes a new instance of the CardValidator class.
#is_valid?(card) ⇒ Boolean

Validates Card using verifiers.

Constructor Details

#initialize(crypto) ⇒ `CardValidator`

Initializes a new instance of the Virgil::SDK::Client::CardValidator class.

# File 'lib/virgil/sdk/client/card_validator.rb', line 49

def initialize(crypto)
  @crypto = crypto
  @verifiers = {}
end

Instance Attribute Details

#crypto ⇒ `Object` (readonly)

Returns the value of attribute crypto



46
47
48

# File 'lib/virgil/sdk/client/card_validator.rb', line 46

def crypto
  @crypto
end

#verifiers ⇒ `Object` (readonly)

Returns the value of attribute verifiers



46
47
48

# File 'lib/virgil/sdk/client/card_validator.rb', line 46

def verifiers
  @verifiers
end

Instance Method Details

#add_default_verifiers ⇒ `Object`

Add default service verifier to validator.

# File 'lib/virgil/sdk/client/card_validator.rb', line 56

def add_default_verifiers
  public_key_bytes = Crypto::Bytes.from_base64(SERVICE_PUBLIC_KEY)
  public_key = crypto.import_public_key(public_key_bytes)
  @verifiers[SERVICE_CARD_ID] = public_key
end

#add_verifier(card_id, public_key) ⇒ `Object`

Add signature verifier.

Parameters:

card_id (String) —

Card identifier.
public_key (Cryptography::Keys::PublicKey) —

Public key used for signature verification.



66
67
68

# File 'lib/virgil/sdk/client/card_validator.rb', line 66

def add_verifier(card_id, public_key)
  @verifiers[card_id] = public_key
end

#is_valid?(card) ⇒ `Boolean`

Validates Card using verifiers.

Parameters:

card (Card) —

a card for validation.

Returns:

(Boolean) —

True if card signatures are valid, false otherwise.

# File 'lib/virgil/sdk/client/card_validator.rb', line 73

def is_valid?(card)

  return true if (card.version == '3.0' && card.scope == Client::Card::GLOBAL)

  if (card.nil? || !card.is_a?(Card) || card.snapshot.nil? || (card.signatures.nil? || card.signatures.empty?))
    return false
  end

  # add self signature verifier
  fingerprint = self.crypto.calculate_fingerprint(
      Crypto::Bytes.from_string(card.snapshot)
  )
  fingerprint_hex = fingerprint.to_hex
  return false if fingerprint_hex != card.id

  verifiers = self.verifiers.clone
  card_public_key = self.crypto.import_public_key(card.public_key)
  verifiers[fingerprint_hex] = card_public_key

  verifiers.each do |id, key|
    unless card.signatures.has_key?(id)
      return false
    end
    is_valid = self.crypto.verify(
        fingerprint.value,
        Crypto::Bytes.from_base64(card.signatures[id]),
        key
    )
    return false unless is_valid
  end
  true
end