Class: RbNaCl::Signatures::Ed25519::VerifyKey

Inherits:

Object

• Object
• RbNaCl::Signatures::Ed25519::VerifyKey

Extended by:

RbNaCl::Sodium

Includes:

KeyComparator, RbNaCl::Serializable

Defined in:

lib/rbnacl/signatures/ed25519/verify_key.rb

Overview

The public key counterpart to an Ed25519 SigningKey for producing digital signatures. Like the name says, VerifyKeys can be used to verify that a given digital signature is authentic.

For more information on the Ed25519 digital signature system, please see the SigningKey documentation.

Class Method Summary

• .signature_bytes ⇒ Integer

  The size of signatures verified by the VerifyKey class.

Instance Method Summary

• #initialize(key) ⇒ RbNaCl::VerifyKey constructor

  Create a new VerifyKey object from a public key.

• #primitive ⇒ Symbol

  The crypto primitive this VerifyKey class uses for signatures.

• #signature_bytes ⇒ Integer

  The size of signatures verified by the VerifyKey instance.

• #to_bytes ⇒ String

  Return the raw key in byte format.

• #to_curve25519_public_key ⇒ RbNaCl::PublicKey

  Return a new curve25519 (x25519) public key converted from this key.

• #verify(signature, message) ⇒ Boolean

  Verify a signature for a given message.

• #verify_attached(signed_message) ⇒ Boolean

  Verify a signature for a given signed message.

Methods included from RbNaCl::Sodium

sodium_constant, sodium_function, sodium_function_with_return_code, sodium_primitive, sodium_type

Methods included from RbNaCl::Serializable

#inspect, #to_s, #to_str

Methods included from KeyComparator

#<=>, #==

Constructor Details

#initialize(key) ⇒ RbNaCl::VerifyKey

Create a new VerifyKey object from a public key.

Parameters:

• key (String) —

  Ed25519 public key

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 35

def initialize(key)
  @key = key.to_str
  Util.check_length(@key, Ed25519::VERIFYKEYBYTES, "key")
end

Class Method Details

.signature_bytes ⇒ Integer

The size of signatures verified by the VerifyKey class

Returns:

• (Integer) —

  The number of bytes in a signature

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 96

def self.signature_bytes
  Ed25519::SIGNATUREBYTES
end

Instance Method Details

#primitive ⇒ Symbol

The crypto primitive this VerifyKey class uses for signatures

Returns:

• (Symbol) —

  The primitive

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 89

def primitive
  self.class.primitive
end

#signature_bytes ⇒ Integer

The size of signatures verified by the VerifyKey instance

Returns:

• (Integer) —

  The number of bytes in a signature

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 103

def signature_bytes
  Ed25519::SIGNATUREBYTES
end

#to_bytes ⇒ String

Return the raw key in byte format

Returns:

• (String) —

  raw key as bytes

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 82

def to_bytes
  @key
end

#to_curve25519_public_key ⇒ RbNaCl::PublicKey

Return a new curve25519 (x25519) public key converted from this key

it's recommeneded to read https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519 as it encourages using distinct keys for signing and for encryption

Returns:

• (RbNaCl::PublicKey)

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 113

def to_curve25519_public_key
  buffer = Util.zeros(Boxes::Curve25519XSalsa20Poly1305::PublicKey::BYTES)
  self.class.crypto_sign_ed25519_pk_to_curve25519(buffer, @key)
  Boxes::Curve25519XSalsa20Poly1305::PublicKey.new(buffer)
end

#verify(signature, message) ⇒ Boolean

Verify a signature for a given message

Raises if the signature is invalid.

Parameters:

• signature (String) —

  Alleged signature to be checked

• message (String) —

  Message to be authenticated

Returns:

• (Boolean) —

  was the signature authentic?

Raises:

• (BadSignatureError) —

  if the signature check fails

• (LengthError) —

  if the signature is of the wrong length

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 51

def verify(signature, message)
  signature = signature.to_str
  Util.check_length(signature, signature_bytes, "signature")
  verify_attached(signature + message)
end

#verify_attached(signed_message) ⇒ Boolean

Verify a signature for a given signed message

Raises if the signature is invalid.

Parameters:

• signed_message (String) —

  Message combined with signature to be authenticated

Returns:

• (Boolean) —

  was the signature authentic?

Raises:

• (BadSignatureError) —

  if the signature check fails

# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 66

def verify_attached(signed_message)
  raise LengthError, "Signed message can not be nil" if signed_message.nil?
  raise LengthError, "Signed message can not be shorter than a signature" if signed_message.bytesize <= signature_bytes

  buffer = Util.zeros(signed_message.bytesize)
  buffer_len = Util.zeros(FFI::Type::LONG_LONG.size)

  success = self.class.sign_ed25519_open(buffer, buffer_len, signed_message, signed_message.bytesize, @key)
  raise(BadSignatureError, "signature was forged/corrupt") unless success

  true
end