Module: RightSupport::Validation::OpenSSL
- Defined in:
- lib/right_support/validation/openssl.rb
Overview
Validation methods pertaining to OpenSSL cryptography, e.g. various widely-used key formats and encoding/envelope formats.
Instance Method Summary collapse
-
#pem_key?(key_material) ⇒ Boolean
Determine whether a string is a PEM-encoded public or private key.
-
#pem_private_key?(key_material, passphrase = nil) ⇒ Boolean
Determine whether a string is a valid PEM-encoded private key.
-
#pem_public_key?(key_material) ⇒ Boolean
Determine whether a string is a valid PEM-encoded public key.
Instance Method Details
#pem_key?(key_material) ⇒ Boolean
Determine whether a string is a PEM-encoded public or private key. Does not determine whether the key is valid, only that it is well-formed.
Parameters
- key_material(String)
-
the putative key material
Return
If the key is well-formed, return the OpenSSL class that can be used to process the key material (e.g. OpenSSL::PKey::RSA). Otherwise, return false.
39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/right_support/validation/openssl.rb', line 39 def pem_key?(key_material) return false if key_material.nil? || key_material.empty? m = /BEGIN ([A-Z]+) (PUBLIC|PRIVATE) KEY/.match(key_material) return false unless m case m[1] when 'DSA' then return ::OpenSSL::PKey::DSA when 'RSA' then return ::OpenSSL::PKey::RSA else return false end end |
#pem_private_key?(key_material, passphrase = nil) ⇒ Boolean
Determine whether a string is a valid PEM-encoded private key. Actually parses the key to prove validity as well as well-formedness. If the key is passphrase-protected, the passphrase is required in order to decrypt it; am incorrect passphrase will result in the key being recognized as not a valid key!
Parameters
- key_material(String)
-
the putative key material
- passphrase(String)
-
the encryption passphrase, if needed
Return
If the key is well-formed and valid, return true. Otherwise, return false.
64 65 66 67 68 69 70 71 72 73 |
# File 'lib/right_support/validation/openssl.rb', line 64 def pem_private_key?(key_material, passphrase=nil) alg = pem_key?(key_material) return false unless alg key = alg.new(key_material, passphrase || 'dummy passphrase, should never work') key.to_der #make sure it's valid in addition to being well formed # deal with varying interfaces between RSA/DSA/EC return (key.private? rescue false) || (key.private_key? rescue false) rescue ::OpenSSL::PKey::PKeyError, NotImplementedError return false end |
#pem_public_key?(key_material) ⇒ Boolean
Determine whether a string is a valid PEM-encoded public key. Actually parses the key to prove validity as well as well-formedness.
Parameters
- key_material(String)
-
the putative key material
Return
If the key is well-formed and valid, return true. Otherwise, return false.
83 84 85 86 87 88 89 90 91 92 |
# File 'lib/right_support/validation/openssl.rb', line 83 def pem_public_key?(key_material) alg = pem_key?(key_material) return false unless alg key = alg.new(key_material) key.to_der #make sure it's valid in addition to being well formed # deal with varying interfaces between RSA/DSA/EC return (key.public? rescue false) || (key.public_key? rescue false) rescue ::OpenSSL::PKey::PKeyError, NotImplementedError return false end |