Class: EzCrypto::Verifier

Inherits:

Object

• Object
• EzCrypto::Verifier

Defined in:

lib/extensions/ezcrypto/ezcrypto/ezsig.rb

Overview

The Verifier is used for verifying signatures. If you use the decode or

from_file methods you can use either raw PEM encoded public keys or certificate.

Direct Known Subclasses

Certificate

Class Method Summary

• .decode(encoded) ⇒ Object

  Decodes a PEM encoded Certificate or Public Key and returns a Verifier object.

• .from_file(filename) ⇒ Object

  Decodes a PEM encoded Certificate or Public Key from a file and returns a Verifier object.

• .from_pkyp(digest) ⇒ Object

  Load a certificate or public key from PKYP based on it’s hex digest.

• .load_all_from_file(filename) ⇒ Object

  Decodes all certificates or public keys in a file and returns an array.

Instance Method Summary

• #cert? ⇒ Boolean

  Is the Verifier a Certificate or not.

• #digest ⇒ Object

  Returns the SHA1 hexdigest of the DER encoded public key.

• #dsa? ⇒ Boolean

  Is this a DSA key?.

• #initialize(pub) ⇒ Verifier constructor

  Initializes a Verifier using a OpenSSL public key object.

• #public_key ⇒ Object

  Returns the OpenSSL public key object.

• #register_with_pkyp ⇒ Object

  Register the public key or certificate at PKYP.

• #rsa? ⇒ Boolean

  Is this a RSA key?.

• #verify(sig, data) ⇒ Object

  Returns true if the public key signed the given data.

Constructor Details

#initialize(pub) ⇒ Verifier

Initializes a Verifier using a OpenSSL public key object.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 130

def initialize(pub)
  @pub=pub
end

Class Method Details

.decode(encoded) ⇒ Object

Decodes a PEM encoded Certificate or Public Key and returns a Verifier object.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 137

def self.decode(encoded)
  case encoded
  when /-----BEGIN CERTIFICATE-----/
    EzCrypto::Certificate.new(OpenSSL::X509::Certificate.new( encoded))
  else
    begin
      EzCrypto::Verifier.new(OpenSSL::PKey::RSA.new( encoded))
    rescue
      EzCrypto::Verifier.new(OpenSSL::PKey::DSA.new( encoded))
    end
  end
end

.from_file(filename) ⇒ Object

Decodes a PEM encoded Certificate or Public Key from a file and returns a Verifier object.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 153

def self.from_file(filename)
  file = File.read( filename )
  decode(file)
end

.from_pkyp(digest) ⇒ Object

Load a certificate or public key from PKYP based on it’s hex digest

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 161

def self.from_pkyp(digest)
  digest=digest.strip.downcase
  if digest=~/[0123456789abcdef]{40}/
#        Net::HTTP.start("localhost", 9000) do |query|
    Net::HTTP.start("pkyp.org", 80) do |query|
      response=query.get "/#{digest}.pem"
      if response.code=="200"
        decode(response.body)
      else
        raise "Error occured (#{response.code}): #{response.body}"      
      end
    end
  else
    raise "Invalid digest"
  end
end

.load_all_from_file(filename) ⇒ Object

Decodes all certificates or public keys in a file and returns an array.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 181

def self.load_all_from_file(filename)
  file = File.read( filename )
  certs=[]
  count=0
  file.split( %q{-----BEGIN}).each do |pem|
    if pem and pem!=""
        pem="-----BEGIN#{pem}\n"
          cert=decode(pem)
          if cert.is_a? EzCrypto::Verifier
            certs<<cert
          end
    end
  end
  certs
end

Instance Method Details

#cert? ⇒ Boolean

Is the Verifier a Certificate or not.

Returns:

• (Boolean)

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 200

def cert?
  false
end

#digest ⇒ Object

Returns the SHA1 hexdigest of the DER encoded public key. This can be used as a unique key identifier.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 214

def digest
  Digest::SHA1.hexdigest(@pub.to_der)
end

#dsa? ⇒ Boolean

Is this a DSA key?

Returns:

• (Boolean)

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 226

def dsa?
  @pub.is_a? OpenSSL::PKey::DSA
end

#public_key ⇒ Object

Returns the OpenSSL public key object. You would normally not need to use this.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 207

def public_key
  @pub
end

#register_with_pkyp ⇒ Object

Register the public key or certificate at PKYP

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 247

def register_with_pkyp
  send_to_pkyp(@pub.to_s)
end

#rsa? ⇒ Boolean

Is this a RSA key?

Returns:

• (Boolean)

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 220

def rsa?
  @pub.is_a? OpenSSL::PKey::RSA
end

#verify(sig, data) ⇒ Object

Returns true if the public key signed the given data.

# File 'lib/extensions/ezcrypto/ezcrypto/ezsig.rb', line 234

def verify(sig,data)
  if rsa?
    @pub.verify( OpenSSL::Digest::SHA1.new, sig, data )
  elsif dsa?
    @pub.verify( OpenSSL::Digest::DSS1.new, sig, data )
  else
    false
  end
end