Class: EzCrypto::Verifier
- Inherits:
-
Object
- Object
- EzCrypto::Verifier
- Defined in:
- lib/ezsig.rb
Overview
The Verifier is used for verifying signatures. If you use the decode or
from_file methods you can use either raw PEM encoded public keys or certificate.
Direct Known Subclasses
Class Method Summary collapse
-
.decode(encoded) ⇒ Object
Decodes a PEM encoded Certificate or Public Key and returns a Verifier object.
-
.from_file(filename) ⇒ Object
Decodes a PEM encoded Certificate or Public Key from a file and returns a Verifier object.
-
.from_pkyp(digest) ⇒ Object
Load a certificate or public key from PKYP based on it’s hex digest.
-
.load_all_from_file(filename) ⇒ Object
Decodes all certificates or public keys in a file and returns an array.
Instance Method Summary collapse
-
#cert? ⇒ Boolean
Is the Verifier a Certificate or not.
-
#digest ⇒ Object
Returns the SHA1 hexdigest of the DER encoded public key.
-
#dsa? ⇒ Boolean
Is this a DSA key?.
-
#initialize(pub) ⇒ Verifier
constructor
Initializes a Verifier using a OpenSSL public key object.
-
#public_key ⇒ Object
Returns the OpenSSL public key object.
-
#register_with_pkyp ⇒ Object
Register the public key or certificate at PKYP.
-
#rsa? ⇒ Boolean
Is this a RSA key?.
-
#verify(sig, data) ⇒ Object
Returns true if the public key signed the given data.
Constructor Details
#initialize(pub) ⇒ Verifier
Initializes a Verifier using a OpenSSL public key object.
130 131 132 |
# File 'lib/ezsig.rb', line 130 def initialize(pub) @pub=pub end |
Class Method Details
.decode(encoded) ⇒ Object
Decodes a PEM encoded Certificate or Public Key and returns a Verifier object.
137 138 139 140 141 142 143 144 145 146 147 148 |
# File 'lib/ezsig.rb', line 137 def self.decode(encoded) case encoded when /-----BEGIN CERTIFICATE-----/ EzCrypto::Certificate.new(OpenSSL::X509::Certificate.new( encoded)) else begin EzCrypto::Verifier.new(OpenSSL::PKey::RSA.new( encoded)) rescue EzCrypto::Verifier.new(OpenSSL::PKey::DSA.new( encoded)) end end end |
.from_file(filename) ⇒ Object
Decodes a PEM encoded Certificate or Public Key from a file and returns a Verifier object.
153 154 155 156 |
# File 'lib/ezsig.rb', line 153 def self.from_file(filename) file = File.read( filename ) decode(file) end |
.from_pkyp(digest) ⇒ Object
Load a certificate or public key from PKYP based on it’s hex digest
161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 |
# File 'lib/ezsig.rb', line 161 def self.from_pkyp(digest) digest=digest.strip.downcase if digest=~/[0123456789abcdef]{40}/ # Net::HTTP.start("localhost", 9000) do |query| Net::HTTP.start("pkyp.org", 80) do |query| response=query.get "/#{digest}.pem" if response.code=="200" decode(response.body) else raise "Error occured (#{response.code}): #{response.body}" end end else raise "Invalid digest" end end |
.load_all_from_file(filename) ⇒ Object
Decodes all certificates or public keys in a file and returns an array.
181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 |
# File 'lib/ezsig.rb', line 181 def self.load_all_from_file(filename) file = File.read( filename ) certs=[] count=0 file.split( %q{-----BEGIN}).each do |pem| if pem and pem!="" pem="-----BEGIN#{pem}\n" cert=decode(pem) if cert.is_a? EzCrypto::Verifier certs<<cert end end end certs end |
Instance Method Details
#cert? ⇒ Boolean
Is the Verifier a Certificate or not.
200 201 202 |
# File 'lib/ezsig.rb', line 200 def cert? false end |
#digest ⇒ Object
Returns the SHA1 hexdigest of the DER encoded public key. This can be used as a unique key identifier.
214 215 216 |
# File 'lib/ezsig.rb', line 214 def digest Digest::SHA1.hexdigest(@pub.to_der) end |
#dsa? ⇒ Boolean
Is this a DSA key?
226 227 228 |
# File 'lib/ezsig.rb', line 226 def dsa? @pub.is_a? OpenSSL::PKey::DSA end |
#public_key ⇒ Object
Returns the OpenSSL public key object. You would normally not need to use this.
207 208 209 |
# File 'lib/ezsig.rb', line 207 def public_key @pub end |
#register_with_pkyp ⇒ Object
Register the public key or certificate at PKYP
247 248 249 |
# File 'lib/ezsig.rb', line 247 def register_with_pkyp send_to_pkyp(@pub.to_s) end |
#rsa? ⇒ Boolean
Is this a RSA key?
220 221 222 |
# File 'lib/ezsig.rb', line 220 def rsa? @pub.is_a? OpenSSL::PKey::RSA end |
#verify(sig, data) ⇒ Object
Returns true if the public key signed the given data.
234 235 236 237 238 239 240 241 242 |
# File 'lib/ezsig.rb', line 234 def verify(sig,data) if rsa? @pub.verify( OpenSSL::Digest::SHA1.new, sig, data ) elsif dsa? @pub.verify( OpenSSL::Digest::DSS1.new, sig, data ) else false end end |