Class: Minisign::PrivateKey
- Inherits:
-
Object
- Object
- Minisign::PrivateKey
- Includes:
- Utils
- Defined in:
- lib/minisign/private_key.rb
Overview
The private key used to create signatures
Instance Attribute Summary collapse
-
#key_id ⇒ Object
readonly
Returns the value of attribute key_id.
Instance Method Summary collapse
-
#change_password!(new_password) ⇒ Object
Change or remove a password.
-
#initialize(str, password = nil) ⇒ PrivateKey
constructor
Parse signing information from the minisign private key.
-
#public_key ⇒ Minisign::PublicKey
Get the corresponding public key from the private key.
-
#sign(filename, message, trusted_comment = nil, untrusted_comment = nil) ⇒ Minisign::Signature
Sign a file/message.
-
#to_s ⇒ String
A string in the minisign.pub format.
Methods included from Utils
#blake2b256, #blake2b512, #derive_key, #xor
Constructor Details
#initialize(str, password = nil) ⇒ PrivateKey
Parse signing information from the minisign private key
15 16 17 18 19 20 21 22 23 24 |
# File 'lib/minisign/private_key.rb', line 15 def initialize(str, password = nil) comment, data = str.split("\n") @password = password decoded = Base64.decode64(data) @untrusted_comment = comment.split('untrusted comment: ').last @bytes = decoded.bytes @kdf_salt, @kdf_opslimit, @kdf_memlimit = scrypt_params(@bytes) @key_id, @ed25519_private_key_bytes, @ed25519_public_key_bytes, @checksum = key_data(password, @bytes[54..157]) assert_valid_key! end |
Instance Attribute Details
#key_id ⇒ Object (readonly)
Returns the value of attribute key_id.
7 8 9 |
# File 'lib/minisign/private_key.rb', line 7 def key_id @key_id end |
Instance Method Details
#change_password!(new_password) ⇒ Object
Change or remove a password
68 69 70 71 |
# File 'lib/minisign/private_key.rb', line 68 def change_password!(new_password) @password = new_password @bytes[2..3] = [0, 0] if new_password.nil? # kdf_algorithm end |
#public_key ⇒ Minisign::PublicKey
Get the corresponding public key from the private key
29 30 31 32 |
# File 'lib/minisign/private_key.rb', line 29 def public_key data = Base64.strict_encode64("Ed#{@key_id.pack('C*')}#{@ed25519_public_key_bytes.pack('C*')}") Minisign::PublicKey.new(data) end |
#sign(filename, message, trusted_comment = nil, untrusted_comment = nil) ⇒ Minisign::Signature
Sign a file/message
41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/minisign/private_key.rb', line 41 def sign(filename, , trusted_comment = nil, untrusted_comment = nil) signature = ed25519_signing_key.sign(blake2b512()) trusted_comment ||= "timestamp:#{Time.now.to_i}\tfile:#{filename}\thashed" untrusted_comment ||= 'signature from minisign secret key' global_signature = ed25519_signing_key.sign("#{signature}#{trusted_comment}") Minisign::Signature.new([ "untrusted comment: #{untrusted_comment}", Base64.strict_encode64("ED#{@key_id.pack('C*')}#{signature}"), "trusted comment: #{trusted_comment}", "#{Base64.strict_encode64(global_signature)}\n" ].join("\n")) end |
#to_s ⇒ String
Returns A string in the minisign.pub format.
55 56 57 58 59 60 61 62 63 |
# File 'lib/minisign/private_key.rb', line 55 def to_s kdf_salt = @kdf_salt.pack('C*') kdf_opslimit = [@kdf_opslimit, 0].pack('L*') kdf_memlimit = [@kdf_memlimit, 0].pack('L*') keynum_sk = key_data(@password, @key_id + @ed25519_private_key_bytes + @ed25519_public_key_bytes + @checksum).flatten data = "Ed#{kdf_algorithm}B2#{kdf_salt}#{kdf_opslimit}#{kdf_memlimit}#{keynum_sk.pack('C*')}" "untrusted comment: #{@untrusted_comment}\n#{Base64.strict_encode64(data)}\n" end |