openssl-additions 0.6.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/openssl/pkey/rsa.rb +59 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c0523bd578bb44447a923fd4091dfcaa6d6bade8a5edc24e3207100bfee5022f
|
|
4
|
+
data.tar.gz: 9eff31167c2af32b1bd992c98a9e1f509d328b84b07c6365fb19509049792f7e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 945ef4ee75d39142e7976cca06087ac4e34add2243eeb6c5ec57f00f1287cf5514dbc88b0313c0e811a5c8d2b3113069f73cdf7bf06f58c093a9be4b746369b3
|
|
7
|
+
data.tar.gz: 82ae3be58dbf8d88aee6e5480f93d50d8e659bd330aec73fe4256ad0f100cb41f566be1d9569927e645c3a4b520e166909565dee97492c9e6e91f11c19a6dadc
|
data/lib/openssl/pkey/rsa.rb
CHANGED
|
@@ -15,6 +15,65 @@ class OpenSSL::PKey::RSA
|
|
|
15
15
|
OpenSSL::X509::SPKI.new(self.public_key.to_der)
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
+
# Give our best guess as to whether the given RSA private key is valid.
|
|
19
|
+
#
|
|
20
|
+
# Applies a set of heuristics to the (private) key, with a view to deciding
|
|
21
|
+
# whether it is correctly formed.
|
|
22
|
+
#
|
|
23
|
+
# Based on the RSA_check_key OpenSSL function.
|
|
24
|
+
#
|
|
25
|
+
# @param extended [Boolean] specify whether to only check problems which
|
|
26
|
+
# cannot be corrected by re-calculating from the fundamental parameters of
|
|
27
|
+
# the key (the private factors `p` and `q`, and the public exponent `e`).
|
|
28
|
+
# The default is to consider any deviation from a completely correct key
|
|
29
|
+
# to render the key invalid.
|
|
30
|
+
#
|
|
31
|
+
# @return [Boolean]
|
|
32
|
+
#
|
|
33
|
+
def valid?(extended = true)
|
|
34
|
+
# Must have factors and public exponent
|
|
35
|
+
return false if p.nil? || q.nil? || e.nil?
|
|
36
|
+
|
|
37
|
+
# Public exponent must be odd and greater than one
|
|
38
|
+
return false if e == 1
|
|
39
|
+
|
|
40
|
+
return false if e % 2 == 0
|
|
41
|
+
|
|
42
|
+
# Factors must be prime
|
|
43
|
+
return false unless p.prime?
|
|
44
|
+
return false unless q.prime?
|
|
45
|
+
|
|
46
|
+
# All the remaining checks are things that could be fixed with some
|
|
47
|
+
# arithmetic
|
|
48
|
+
return true if !extended
|
|
49
|
+
|
|
50
|
+
# Must have private exponent and a modulus
|
|
51
|
+
return false if d.nil? || n.nil?
|
|
52
|
+
|
|
53
|
+
# Public modulus must be the product of the two prime factors
|
|
54
|
+
return false unless n == p * q
|
|
55
|
+
|
|
56
|
+
# d * e must equal 1 mod (lcm(p-1,q-1))
|
|
57
|
+
return false unless e * d % (p.to_i-1).lcm(q.to_i-1) == 1
|
|
58
|
+
|
|
59
|
+
# CRT parameters are optional, but if present must be correct
|
|
60
|
+
unless dmp1.nil?
|
|
61
|
+
return false unless dmp1 == d % (p-1)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
unless dmq1.nil?
|
|
65
|
+
return false unless dmq1 == d % (q-1)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
unless iqmp.nil?
|
|
69
|
+
t, _ = self.class.egcd(q.to_i, p.to_i)
|
|
70
|
+
t %= p if t < 0
|
|
71
|
+
return false unless iqmp == t
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
return true
|
|
75
|
+
end
|
|
76
|
+
|
|
18
77
|
# Construct a fully-featured RSA private key from fundamental values.
|
|
19
78
|
#
|
|
20
79
|
# Many parts of an RSA key are, in fact, derived from the basic numbers that
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openssl-additions
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Palmer
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-05-
|
|
11
|
+
date: 2020-05-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|