minisign 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/minisign.rb +24 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 43e641548c51311a548098b0102d122dfd770db04384fc905d8fb133e0d90feb
|
|
4
|
+
data.tar.gz: 157e8e96644b65392e1f4f20f06976ec093ab275c2c2b83a2e4ec85b57282884
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3fda3b616d567b60fbd35e9fdb825bf6ac659a0cd93c80379a8c61004d7d6e3a02dbb05cddc76db7eef046224bad82a10e335c979d574f971ea7d89c945a65be
|
|
7
|
+
data.tar.gz: 45605deb3b08e44a9f49ffd7f64aea6c511c7e24dc6fef9951bb816ce08480ab8a6ef4041b1634cd910933f2b4b84e272207249b0a0d238e9ce17d7bd82da020
|
data/lib/minisign.rb
CHANGED
|
@@ -4,11 +4,23 @@ require 'ed25519'
|
|
|
4
4
|
require 'base64'
|
|
5
5
|
require 'openssl'
|
|
6
6
|
|
|
7
|
+
# `minisign` is a rubygem for verifying {https://jedisct1.github.io/minisign minisign} signatures.
|
|
8
|
+
# @author Jesse Shawl
|
|
7
9
|
module Minisign
|
|
8
10
|
# Parse a .minisig file's contents
|
|
9
11
|
class Signature
|
|
10
12
|
attr_reader :signature, :comment, :comment_signature
|
|
11
13
|
|
|
14
|
+
# @!attribute [r] signature
|
|
15
|
+
# @return [String] the ed25519 verify key
|
|
16
|
+
# @!attribute [r] comment_signature
|
|
17
|
+
# @return [String] the signature for the trusted comment
|
|
18
|
+
# @!attribute [r] comment
|
|
19
|
+
# @return [String] the trusted comment
|
|
20
|
+
|
|
21
|
+
# @param str [String] The contents of the .minisig file
|
|
22
|
+
# @example
|
|
23
|
+
# Minisign::Signature.new(File.read('test/example.txt.minisig'))
|
|
12
24
|
def initialize(str)
|
|
13
25
|
lines = str.split("\n")
|
|
14
26
|
@signature = Base64.decode64(lines[1])[10..]
|
|
@@ -19,11 +31,23 @@ module Minisign
|
|
|
19
31
|
|
|
20
32
|
# Parse ed25519 verify key from minisign public key
|
|
21
33
|
class PublicKey
|
|
34
|
+
# Parse the ed25519 verify key from the minisign public key
|
|
35
|
+
#
|
|
36
|
+
# @param str [String] The minisign public key
|
|
37
|
+
# @example
|
|
38
|
+
# Minisign::PublicKey.new('RWTg6JXWzv6GDtDphRQ/x7eg0LaWBcTxPZ7i49xEeiqXVcR+r79OZRWM')
|
|
22
39
|
def initialize(str)
|
|
23
40
|
@public_key = Base64.strict_decode64(str)[10..]
|
|
24
41
|
@verify_key = Ed25519::VerifyKey.new(@public_key)
|
|
25
42
|
end
|
|
26
43
|
|
|
44
|
+
# Verify a message's signature
|
|
45
|
+
#
|
|
46
|
+
# @param sig [Minisign::Signature]
|
|
47
|
+
# @param message [String] the content that was signed
|
|
48
|
+
# @return [String] the trusted comment
|
|
49
|
+
# @raise Ed25519::VerifyError on invalid signatures
|
|
50
|
+
# @raise RuntimeError on tampered trusted comments
|
|
27
51
|
def verify(sig, message)
|
|
28
52
|
blake = OpenSSL::Digest.new('BLAKE2b512')
|
|
29
53
|
@verify_key.verify(sig.signature, blake.digest(message))
|