openssl-additions 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/openssl/pkey/rsa.rb +70 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3af2a1bdc82b061267777ed93961fa411eaea3ddeeb4912a0be3772cadfacd48
|
4
|
+
data.tar.gz: '0860f6fa16eb240a6d3408f91a3637f48900dc06d4f2fbe550684df60bccd3f8'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d27ca892b2505c0fb88095936dd44e880f340d112b2df50e48deb2fc66c96aa8bf36a0ea3d4c599c621e36efa020045709783fb4c239e26a143bd3a08d8fc265
|
7
|
+
data.tar.gz: 7bb76838e1bc1eee2af1b813e3406827dc0fe08ce32defe633be1da3f7037f7f9485a0e534e2fef0d16d99f10a8f4e317711639ab6363fd8796a8e0b6d1eb130
|
data/lib/openssl/pkey/rsa.rb
CHANGED
@@ -14,4 +14,74 @@ class OpenSSL::PKey::RSA
|
|
14
14
|
def to_spki(_format = nil)
|
15
15
|
OpenSSL::X509::SPKI.new(self.public_key.to_der)
|
16
16
|
end
|
17
|
+
|
18
|
+
# Construct a fully-featured RSA private key from fundamental values.
|
19
|
+
#
|
20
|
+
# Many parts of an RSA key are, in fact, derived from the basic numbers that
|
21
|
+
# are (mostly) generated randomly. Whilst it is always better to let OpenSSL
|
22
|
+
# generate a whole key for you, in *extremely* limited circumstances, it can
|
23
|
+
# be useful to get a key which has been populated using factors derived from
|
24
|
+
# another source.
|
25
|
+
#
|
26
|
+
# @note This method does not attempt to validate that the values for `p` & `q`
|
27
|
+
# are, in fact, primes, nor does it make any value judgments about your
|
28
|
+
# choice of `e`.
|
29
|
+
#
|
30
|
+
# @param p [Integer] the larger of the two prime numbers that comprise the
|
31
|
+
# fundamental RSA private key.
|
32
|
+
#
|
33
|
+
# @param q [Integer] the smaller of the two prime numbers.
|
34
|
+
#
|
35
|
+
# @param e [Integer] the public exponent used by the key.
|
36
|
+
#
|
37
|
+
# @return [OpenSSL::PKey::RSA]
|
38
|
+
#
|
39
|
+
# @raise [OpenSSL::PKey::PKeyError]
|
40
|
+
#
|
41
|
+
def self.from_factors(p, q, e)
|
42
|
+
p, q = q, p if p < q
|
43
|
+
|
44
|
+
n = p * q
|
45
|
+
# While `lcm = (p - 1).lcm(q - 1)` produces smaller keys, this version
|
46
|
+
# produces key that are identical to OpenSSL, which is generally our
|
47
|
+
# compatibility target.
|
48
|
+
lcm = (p - 1) * (q - 1)
|
49
|
+
|
50
|
+
if e < 1 || e >= lcm
|
51
|
+
raise OpenSSL::PKey::PKeyError,
|
52
|
+
"e must be 1 < e < lambda(n)"
|
53
|
+
end
|
54
|
+
|
55
|
+
if e.gcd(lcm) != 1
|
56
|
+
raise OpenSSL::PKey::PKeyError,
|
57
|
+
"e must coprime to lambda(n)"
|
58
|
+
end
|
59
|
+
|
60
|
+
d, _ = egcd(e, lcm)
|
61
|
+
# Ensure that d > 0
|
62
|
+
d %= lcm if d < 0
|
63
|
+
|
64
|
+
dmp1 = d % (p - 1)
|
65
|
+
dmq1 = d % (q - 1)
|
66
|
+
iqmp, _ = egcd(q, p)
|
67
|
+
|
68
|
+
iqmp += p / p.gcd(q) if iqmp < 0
|
69
|
+
|
70
|
+
OpenSSL::PKey::RSA.new.tap do |k|
|
71
|
+
k.set_key(n, e, d)
|
72
|
+
k.set_factors(p, q)
|
73
|
+
k.set_crt_params(dmp1, dmq1, iqmp)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
private
|
78
|
+
|
79
|
+
def self.egcd(a, b)
|
80
|
+
return 1, 0 if b == 0
|
81
|
+
|
82
|
+
q, r = a.divmod b
|
83
|
+
s, t = egcd(b, r)
|
84
|
+
|
85
|
+
[t, s - q * t]
|
86
|
+
end
|
17
87
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: openssl-additions
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Palmer
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-05-
|
11
|
+
date: 2020-05-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|