minisign 0.0.4 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/minisign.rb +24 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 43e641548c51311a548098b0102d122dfd770db04384fc905d8fb133e0d90feb
|
|
4
|
+
data.tar.gz: 157e8e96644b65392e1f4f20f06976ec093ab275c2c2b83a2e4ec85b57282884
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3fda3b616d567b60fbd35e9fdb825bf6ac659a0cd93c80379a8c61004d7d6e3a02dbb05cddc76db7eef046224bad82a10e335c979d574f971ea7d89c945a65be
|
|
7
|
+
data.tar.gz: 45605deb3b08e44a9f49ffd7f64aea6c511c7e24dc6fef9951bb816ce08480ab8a6ef4041b1634cd910933f2b4b84e272207249b0a0d238e9ce17d7bd82da020
|
data/lib/minisign.rb
CHANGED
|
@@ -4,11 +4,23 @@ require 'ed25519'
|
|
|
4
4
|
require 'base64'
|
|
5
5
|
require 'openssl'
|
|
6
6
|
|
|
7
|
+
# `minisign` is a rubygem for verifying {https://jedisct1.github.io/minisign minisign} signatures.
|
|
8
|
+
# @author Jesse Shawl
|
|
7
9
|
module Minisign
|
|
8
10
|
# Parse a .minisig file's contents
|
|
9
11
|
class Signature
|
|
10
12
|
attr_reader :signature, :comment, :comment_signature
|
|
11
13
|
|
|
14
|
+
# @!attribute [r] signature
|
|
15
|
+
# @return [String] the ed25519 verify key
|
|
16
|
+
# @!attribute [r] comment_signature
|
|
17
|
+
# @return [String] the signature for the trusted comment
|
|
18
|
+
# @!attribute [r] comment
|
|
19
|
+
# @return [String] the trusted comment
|
|
20
|
+
|
|
21
|
+
# @param str [String] The contents of the .minisig file
|
|
22
|
+
# @example
|
|
23
|
+
# Minisign::Signature.new(File.read('test/example.txt.minisig'))
|
|
12
24
|
def initialize(str)
|
|
13
25
|
lines = str.split("\n")
|
|
14
26
|
@signature = Base64.decode64(lines[1])[10..]
|
|
@@ -19,11 +31,23 @@ module Minisign
|
|
|
19
31
|
|
|
20
32
|
# Parse ed25519 verify key from minisign public key
|
|
21
33
|
class PublicKey
|
|
34
|
+
# Parse the ed25519 verify key from the minisign public key
|
|
35
|
+
#
|
|
36
|
+
# @param str [String] The minisign public key
|
|
37
|
+
# @example
|
|
38
|
+
# Minisign::PublicKey.new('RWTg6JXWzv6GDtDphRQ/x7eg0LaWBcTxPZ7i49xEeiqXVcR+r79OZRWM')
|
|
22
39
|
def initialize(str)
|
|
23
40
|
@public_key = Base64.strict_decode64(str)[10..]
|
|
24
41
|
@verify_key = Ed25519::VerifyKey.new(@public_key)
|
|
25
42
|
end
|
|
26
43
|
|
|
44
|
+
# Verify a message's signature
|
|
45
|
+
#
|
|
46
|
+
# @param sig [Minisign::Signature]
|
|
47
|
+
# @param message [String] the content that was signed
|
|
48
|
+
# @return [String] the trusted comment
|
|
49
|
+
# @raise Ed25519::VerifyError on invalid signatures
|
|
50
|
+
# @raise RuntimeError on tampered trusted comments
|
|
27
51
|
def verify(sig, message)
|
|
28
52
|
blake = OpenSSL::Digest.new('BLAKE2b512')
|
|
29
53
|
@verify_key.verify(sig.signature, blake.digest(message))
|