OpenSSL::SignatureAlgorithm
ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 signature algorithms for ruby
Sign and verify using signature algorithm wrappers, instead of key objects.
Provides OpenSSL::SignatureAlgorithm::ECDSA
, OpenSSL::SignatureAlgorithm::EdDSA
, OpenSSL::SignatureAlgorithm::RSAPSS
and OpenSSL::SignatureAlgorithm::RSAPKCS1
ruby object wrappers on top of OpenSSL::PKey::EC
and OpenSSL::PKey::RSA
, so that you can reason in terms of the algorithms and do less when
signing or verifying signatures.
Loosely inspired by rbnacl's Digital Signatures interface.
Installation
Add this line to your application's Gemfile:
gem 'openssl-signature_algorithm'
And then execute:
$ bundle install
Or install it yourself as:
$ gem install openssl-signature_algorithm
Usage
ECDSA
to_be_signed = "to-be-signed"
# Signer
algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new
signing_key = algorithm.generate_signing_key
signature = algorithm.sign(to_be_signed)
# Signer sends verify key to Verifier
verify_key_string = signing_key.verify_key.serialize
# Verifier
verify_key = OpenSSL::SignatureAlgorithm::ECDSA::VerifyKey.deserialize(verify_key_string)
algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new
algorithm.verify_key = verify_key
algorithm.verify(signature, to_be_signed)
EdDSA
Requires adding the ed25519
gem to your Gemfile
require "openssl/signature_algorithm/eddsa"
to_be_signed = "to-be-signed"
# Signer
algorithm = OpenSSL::SignatureAlgorithm::EdDSA.new
signing_key = algorithm.generate_signing_key
signature = algorithm.sign(to_be_signed)
# Signer sends verify key to Verifier
verify_key_string = signing_key.verify_key.serialize
# Verifier
verify_key = OpenSSL::SignatureAlgorithm::EdDSA::VerifyKey.deserialize(verify_key_string)
algorithm = OpenSSL::SignatureAlgorithm::EdDSA.new
algorithm.verify_key = verify_key
algorithm.verify(signature, to_be_signed)
RSA-PSS
to_be_signed = "to-be-signed"
# Signer
algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new
signing_key = algorithm.generate_signing_key
signature = algorithm.sign(to_be_signed)
# Signer sends verify key to Verifier
verify_key_string = signing_key.verify_key.serialize
# Verifier
verify_key = OpenSSL::SignatureAlgorithm::RSAPSS::VerifyKey.deserialize(verify_key_string)
algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new
algorithm.verify_key = verify_key
algorithm.verify(signature, to_be_signed)
RSA-PKCS1_v1.5
to_be_signed = "to-be-signed"
# Signer
algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new
signing_key = algorithm.generate_signing_key
signature = algorithm.sign(to_be_signed)
# Signer sends verify key to Verifier
verify_key_string = signing_key.verify_key.serialize
# Verifier
verify_key = OpenSSL::SignatureAlgorithm::RSAPKCS1::VerifyKey.deserialize(verify_key_string)
algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new
algorithm.verify_key = verify_key
algorithm.verify(signature, to_be_signed)
Development
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/cedarcode/openssl-signature_algorithm.