Module: Familia::VerifiableIdentifier
- Extended by:
- SecureIdentifier
- Defined in:
- lib/familia/verifiable_identifier.rb
Overview
Creates and verifies identifiers that contain an embedded HMAC signature, allowing for stateless verification of an identifier's authenticity.
Constant Summary collapse
- RANDOM_HEX_LENGTH =
The length of the random part of the ID in hex characters (256 bits).
64- TAG_HEX_LENGTH =
The length of the HMAC tag in hex characters (64 bits). 64 bits is strong enough to prevent forgery (1 in 18 quintillion chance).
16
Class Method Summary collapse
-
.generate_verifiable_id(base_or_scope = nil, scope: nil, base: 36) ⇒ String
Generates a verifiable, base-36 encoded identifier.
-
.plausible_identifier?(identifier_str, base = 36) ⇒ Boolean
Checks if an identifier is plausible (correct format and length) without performing cryptographic verification.
-
.reset_secret_key! ⇒ nil
Clears the memoized secret so the next VerifiableIdentifier.secret_key call re-reads the environment.
-
.secret_key ⇒ String
The secret key for HMAC generation, loaded from an environment variable.
-
.verified_identifier?(verifiable_id, base_or_scope = nil, scope: nil, base: 36) ⇒ Boolean
Verifies the authenticity of a given identifier using a timing-safe comparison.
Methods included from SecureIdentifier
generate_id, generate_lite_id, generate_trace_id, shorten_to_trace_id, truncate_hex
Class Method Details
.generate_verifiable_id(base_or_scope = nil, scope: nil, base: 36) ⇒ String
Generates a verifiable, base-36 encoded identifier.
The final identifier contains a 256-bit random component and a 64-bit authentication tag.
93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 |
# File 'lib/familia/verifiable_identifier.rb', line 93 def self.generate_verifiable_id(base_or_scope = nil, scope: nil, base: 36) # Handle backward compatibility with positional base argument if base_or_scope.is_a?(Integer) base = base_or_scope # scope remains as passed in keyword argument elsif base_or_scope.is_a?(String) || base_or_scope.nil? scope = base_or_scope if scope.nil? # base remains as passed in keyword argument or default end # Re-use generate_id from the SecureIdentifier module. random_hex = generate_id(16) tag_hex = generate_tag(random_hex, scope: scope) combined_hex = random_hex + tag_hex # Re-use the min_length_for_bits helper from the SecureIdentifier module. total_bits = (RANDOM_HEX_LENGTH + TAG_HEX_LENGTH) * 4 target_length = Familia::SecureIdentifier.min_length_for_bits(total_bits, base) combined_hex.to_i(16).to_s(base).rjust(target_length, '0') end |
.plausible_identifier?(identifier_str, base = 36) ⇒ Boolean
Checks if an identifier is plausible (correct format and length) without performing cryptographic verification.
This can be used as a fast pre-flight check to reject obviously malformed identifiers.
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 |
# File 'lib/familia/verifiable_identifier.rb', line 152 def self.plausible_identifier?(identifier_str, base = 36) return false unless identifier_str.is_a?(::String) # 1. Check length total_bits = (RANDOM_HEX_LENGTH + TAG_HEX_LENGTH) * 4 expected_length = Familia::SecureIdentifier.min_length_for_bits(total_bits, base) return false unless identifier_str.length == expected_length # 2. Check character set # The most efficient way to check for invalid characters is to attempt # conversion and rescue the error. Integer(identifier_str, base) true rescue ArgumentError false end |
.reset_secret_key! ⇒ nil
Clears the memoized secret so the next secret_key call re-reads the environment. Intended for test suites that swap the configured secret (or exercise the missing-secret path) within a single process. Production code never needs this: the secret is fixed for a deployment, and rotating it requires a restart (and invalidates every previously generated identifier).
76 77 78 |
# File 'lib/familia/verifiable_identifier.rb', line 76 def self.reset_secret_key! @secret_key = nil end |
.secret_key ⇒ String
Security Considerations:
- Secrecy: This key MUST be kept secret and secure, just like a database password or API key. Do not commit it to version control.
- Consistency: All running instances of your application must use the exact same key, otherwise verification will fail across different servers.
- Rotation: If this key is ever compromised, it must be rotated. Be aware that rotating the key will invalidate all previously generated verifiable identifiers.
- No committed fallback: There is intentionally NO default. A hardcoded secret in source would be public knowledge, letting anyone forge valid identifiers (issue #310, S1). A missing OR blank secret raises -- but lazily, the first time an identifier is actually minted or verified, so merely requiring this file (e.g. for introspection) never blows up.
The secret key for HMAC generation, loaded from an environment variable.
This key is the root of trust for verifying identifier authenticity. It must be a long, random, and cryptographically strong string.
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'lib/familia/verifiable_identifier.rb', line 45 def self.secret_key # Treat a present-but-blank value the same as absent. ENV.fetch only fires # its default block when the key is missing, so a blank # VERIFIABLE_ID_HMAC_SECRET="" (or a whitespace-only " ", e.g. from a YAML # parser or templating tool) would otherwise sail through and HMAC every # identifier under an effectively empty key -- silently reintroducing the # forgeable-key weakness #310 S1 closed. This bites container setups that # inject `VERIFIABLE_ID_HMAC_SECRET=${VERIFIABLE_ID_HMAC_SECRET:-}`, which # supplies an empty string whenever the outer variable is unset. strip.empty? # fails closed on nil, "", and all-whitespace alike. @secret_key ||= begin value = ENV.fetch('VERIFIABLE_ID_HMAC_SECRET', nil) if value.nil? || value.strip.empty? raise KeyError, <<~MSG.strip VERIFIABLE_ID_HMAC_SECRET is not set (or is blank). Familia::VerifiableIdentifier refuses to fall back to a committed default or empty secret -- a known or empty key would let anyone forge valid identifiers. Generate one with `openssl rand -hex 32` and export it before generating or verifying identifiers. MSG end value end end |
.verified_identifier?(verifiable_id, base_or_scope = nil, scope: nil, base: 36) ⇒ Boolean
Verifies the authenticity of a given identifier using a timing-safe comparison.
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 |
# File 'lib/familia/verifiable_identifier.rb', line 121 def self.verified_identifier?(verifiable_id, base_or_scope = nil, scope: nil, base: 36) # Handle backward compatibility with positional base argument if base_or_scope.is_a?(Integer) base = base_or_scope # scope remains as passed in keyword argument elsif base_or_scope.is_a?(String) || base_or_scope.nil? scope = base_or_scope if scope.nil? # base remains as passed in keyword argument or default end return false unless plausible_identifier?(verifiable_id, base) expected_hex_length = (RANDOM_HEX_LENGTH + TAG_HEX_LENGTH) combined_hex = verifiable_id.to_i(base).to_s(16).rjust(expected_hex_length, '0') random_part = combined_hex[0...RANDOM_HEX_LENGTH] tag_part = combined_hex[RANDOM_HEX_LENGTH..] expected_tag = generate_tag(random_part, scope: scope) OpenSSL.secure_compare(expected_tag, tag_part) end |