message_verifier
message_verifier.cr
Ruby on Rails compatible ActiveSupport::MessageVerifier
implementation for Crystal. Allows verified message passing back and forth between ruby and crystal-lang implementations.
Why? Perhaps you have a microservice written in Crystal and it needs to communicate with a ruby/rails app (or vice-versa), and the data passed between those services needs to be verified to be trustworthy?
Installation
Add this to your application's shard.yml
:
dependencies:
message_verifier:
github: danielwestendorf/message_verifier.cr
Usage
require "message_verifier"
Verify a message
verifier = MessageVerifier::Verifier.new("s3Krit", digest: :sha256)
msg = "eyJfcmFpbHMiOnsibWVzc2FnZSI6IkxTMHRDbTFsYzNOaFoyVTZJRTVsZG1WeUlHZHZibTVoSUdkcGRtVWdlVzkxSUhWd0xDQnVaWFpsY2lCbmIyNXVZU0JzWlhRZ2VXOTFJR1J2ZDI0SyIsImV4cCI6IjIwMTktMDEtMDNUMDA6MjI6MjMuMTc4MDQ0MDAwWiIsInB1ciI6ImV4YW1wbGUifX0=--efc837c7279a1030109ec7519418c8934a2cb38d2ce2882a826acf422e432f5e"
puts "Verified message: #{verifier.verify(msg, purpose: :example, parser: :JSON)}"
Generate a message
verifier = MessageVerifier::Verifier.new("s3Krit", digest: OpenSSL::Algorithm::SHA256)
msg = { "foo" => "bar" }
puts verifier.generate(msg.to_json, purpose: :example, expires_at: Time.now + 1.week, parser: :JSON)
See it in action
Examples of passing messages back and forth between ruby and crystal implementations.
gem install activesupport
if not installed already
$ echo "Very special message" | crystal run examples/sign.cr | ruby examples/verify.rb
$ echo "Some other special message" | ruby examples/sign.rb | crystal run examples/verify.cr
Progress
- [x] Message expiration dates, freshness
- Messages which have expired will return
nil
or raise aMessageVerifier::InvalidSignature
exception
- Messages which have expired will return
- [x] Message purposes
- [x] Message Serializers
- [x] JSON
- [x] YAML
- [x] Signature Digest Algorithms
- [x] All OpenSSL supported algos
- [ ] Rotating keys
Contributing
- Fork it (https://github.com/danielwestendorf/message_verifier.cr/fork)
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
Contributors
- danielwestendorf Daniel Westendorf - creator, maintainer