SSB Log Entry 366

SSB Verification From Scratch in Ruby

I just did it (I think). I am going to post it here in tutorial form with the hope that it helps someone.

First we need a few dependencies:

ruby require "json" require "base64" require "ed25519"

Here's the message I want to verify:

ruby original_message = { previous: nil, author: "@z2M8msI2EUubNHnrEJncglDIy2/SUd+36jCyJnfeiHk=.ed25519", sequence: 1, timestamp: 1554164725521, hash: "sha256", content: { type: "about", about: "@z2M8msI2EUubNHnrEJncglDIy2/SUd+36jCyJnfeiHk=.ed25519", image: "&jqMB109+asDMUVWkeAsqK/4KlbF+6M2x+jtTdFIdVw8=.sha256", name: "Netscape Navigator", }, signature: "3er8E88P7WPSjnm+L3QmoPqNxhqAn/pOjvo6Owk0KNn69FgOjAYLOgRdrGnuihBp4QYWYPJ5bS1Gw9weQKj9DQ==.sig.ed25519", }

The original message was JSON.

We need to delete the signature from the message before we can verify:

ruby original_message.delete(:signature)

We also need a copy of our public key. I could have been fancy and exracted the value from original_message, but will instead copy/paste for readability:

ruby public_key = Base64.urlsafe_decode64("z2M8msI2EUubNHnrEJncglDIy2/SUd+36jCyJnfeiHk=")

Same thing with the signature. I am just copy/pasting the value found in original_message:

ruby signature = Base64.urlsafe_decode64("3er8E88P7WPSjnm+L3QmoPqNxhqAn/pOjvo6Owk0KNn69FgOjAYLOgRdrGnuihBp4QYWYPJ5bS1Gw9weQKj9DQ==")

Since JSON is not deterministic, we need to serialize the message exactly how we found it. Luckily the Ruby JSON lib follows those rules when using pretty_generate. Don't forget to call .chomp to remove any trailing carriage returns (they will invalidate the signature):

ruby message = JSON.pretty_generate(original_message).chomp

We now have a message and a private_key. We are ready to verify:

ruby Ed25519::VerifyKey.new(public_key).verify(signature, message)

The program will return true if OK (:tada:) or throw a Ed25519::VerifyError exception if verification fails.

How does that look to all of the #ssb experts reading this?