Class: RbNaCl::Signatures::Ed25519::VerifyKey

Inherits:
Object
  • Object
show all
Extended by:
RbNaCl::Sodium
Includes:
KeyComparator, RbNaCl::Serializable
Defined in:
lib/rbnacl/signatures/ed25519/verify_key.rb

Overview

The public key counterpart to an Ed25519 SigningKey for producing digital signatures. Like the name says, VerifyKeys can be used to verify that a given digital signature is authentic.

For more information on the Ed25519 digital signature system, please see the SigningKey documentation.

Class Method Summary collapse

Instance Method Summary collapse

Methods included from RbNaCl::Sodium

sodium_constant, sodium_function, sodium_function_with_return_code, sodium_primitive, sodium_type

Methods included from RbNaCl::Serializable

#inspect, #to_s, #to_str

Methods included from KeyComparator

#<=>, #==

Constructor Details

#initialize(key) ⇒ RbNaCl::VerifyKey

Create a new VerifyKey object from a public key.

Parameters:

  • key (String)

    Ed25519 public key



35
36
37
38
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 35

def initialize(key)
  @key = key.to_str
  Util.check_length(@key, Ed25519::VERIFYKEYBYTES, "key")
end

Class Method Details

.signature_bytesInteger

The size of signatures verified by the VerifyKey class

Returns:

  • (Integer)

    The number of bytes in a signature



96
97
98
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 96

def self.signature_bytes
  Ed25519::SIGNATUREBYTES
end

Instance Method Details

#primitiveSymbol

The crypto primitive this VerifyKey class uses for signatures

Returns:

  • (Symbol)

    The primitive



89
90
91
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 89

def primitive
  self.class.primitive
end

#signature_bytesInteger

The size of signatures verified by the VerifyKey instance

Returns:

  • (Integer)

    The number of bytes in a signature



103
104
105
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 103

def signature_bytes
  Ed25519::SIGNATUREBYTES
end

#to_bytesString

Return the raw key in byte format

Returns:

  • (String)

    raw key as bytes



82
83
84
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 82

def to_bytes
  @key
end

#to_curve25519_public_keyRbNaCl::PublicKey

Return a new curve25519 (x25519) public key converted from this key

it's recommeneded to read https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519 as it encourages using distinct keys for signing and for encryption

Returns:



113
114
115
116
117
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 113

def to_curve25519_public_key
  buffer = Util.zeros(Boxes::Curve25519XSalsa20Poly1305::PublicKey::BYTES)
  self.class.crypto_sign_ed25519_pk_to_curve25519(buffer, @key)
  Boxes::Curve25519XSalsa20Poly1305::PublicKey.new(buffer)
end

#verify(signature, message) ⇒ Boolean

Verify a signature for a given message

Raises if the signature is invalid.

Parameters:

  • signature (String)

    Alleged signature to be checked

  • message (String)

    Message to be authenticated

Returns:

  • (Boolean)

    was the signature authentic?

Raises:



51
52
53
54
55
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 51

def verify(signature, message)
  signature = signature.to_str
  Util.check_length(signature, signature_bytes, "signature")
  verify_attached(signature + message)
end

#verify_attached(signed_message) ⇒ Boolean

Verify a signature for a given signed message

Raises if the signature is invalid.

Parameters:

  • signed_message (String)

    Message combined with signature to be authenticated

Returns:

  • (Boolean)

    was the signature authentic?

Raises:



66
67
68
69
70
71
72
73
74
75
76
77
# File 'lib/rbnacl/signatures/ed25519/verify_key.rb', line 66

def verify_attached(signed_message)
  raise LengthError, "Signed message can not be nil" if signed_message.nil?
  raise LengthError, "Signed message can not be shorter than a signature" if signed_message.bytesize <= signature_bytes

  buffer = Util.zeros(signed_message.bytesize)
  buffer_len = Util.zeros(FFI::Type::LONG_LONG.size)

  success = self.class.sign_ed25519_open(buffer, buffer_len, signed_message, signed_message.bytesize, @key)
  raise(BadSignatureError, "signature was forged/corrupt") unless success

  true
end