openssl-signature_algorithm 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 76f8dacd6dc7e43d630421e43c7e2849bb99bf857bdedd10a732b04122cf2499
4
+ data.tar.gz: 8030c5dfcc2c70ae600778cebcc9bb02d7d70fb28b345b67608dc8fa14b65f81
5
+ SHA512:
6
+ metadata.gz: 0c04ce36ef91da99f985f22154842e5cdc3440bf7c74e2e94ec819e8774f0cfc7f216e241f61d4b4ed87da48aaad288db12e2b33a3590c5aa1a31f694db6af32
7
+ data.tar.gz: 7335e381e291719ef449ba8967b0a1417262ccc3f37fe139b36a757842cf8e5e5d346b605c72ef276c445c21e41415edb5ab3e02efa03dc8a6600f4c03b177e5
data/.gitignore ADDED
@@ -0,0 +1,11 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+
10
+ # rspec failure tracking
11
+ .rspec_status
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,186 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.5
3
+ DisabledByDefault: true
4
+
5
+ Bundler:
6
+ Enabled: true
7
+
8
+ Gemspec:
9
+ Enabled: true
10
+
11
+ Layout:
12
+ Enabled: true
13
+
14
+ Layout/LineLength:
15
+ Max: 120
16
+
17
+ Lint:
18
+ Enabled: true
19
+
20
+ Naming:
21
+ Enabled: true
22
+
23
+ Security:
24
+ Enabled: true
25
+
26
+ Style/BlockComments:
27
+ Enabled: true
28
+
29
+ Style/BracesAroundHashParameters:
30
+ Enabled: true
31
+
32
+ Style/CaseEquality:
33
+ Enabled: true
34
+
35
+ Style/ClassAndModuleChildren:
36
+ Enabled: true
37
+
38
+ Style/ClassMethods:
39
+ Enabled: true
40
+
41
+ Style/ClassVars:
42
+ Enabled: true
43
+
44
+ Style/CommentAnnotation:
45
+ Enabled: true
46
+
47
+ Style/ConditionalAssignment:
48
+ Enabled: true
49
+
50
+ Style/DefWithParentheses:
51
+ Enabled: true
52
+
53
+ Style/Dir:
54
+ Enabled: true
55
+
56
+ Style/EachForSimpleLoop:
57
+ Enabled: true
58
+
59
+ Style/EachWithObject:
60
+ Enabled: true
61
+
62
+ Style/EmptyBlockParameter:
63
+ Enabled: true
64
+
65
+ Style/EmptyCaseCondition:
66
+ Enabled: true
67
+
68
+ Style/EmptyElse:
69
+ Enabled: true
70
+
71
+ Style/EmptyLambdaParameter:
72
+ Enabled: true
73
+
74
+ Style/EmptyLiteral:
75
+ Enabled: true
76
+
77
+ Style/EvenOdd:
78
+ Enabled: true
79
+
80
+ Style/ExpandPathArguments:
81
+ Enabled: true
82
+
83
+ Style/For:
84
+ Enabled: true
85
+
86
+ Style/FrozenStringLiteralComment:
87
+ Enabled: true
88
+
89
+ Style/GlobalVars:
90
+ Enabled: true
91
+
92
+ Style/HashSyntax:
93
+ Enabled: true
94
+
95
+ Style/IdenticalConditionalBranches:
96
+ Enabled: true
97
+
98
+ Style/IfInsideElse:
99
+ Enabled: true
100
+
101
+ Style/InverseMethods:
102
+ Enabled: true
103
+
104
+ Style/MethodCallWithoutArgsParentheses:
105
+ Enabled: true
106
+
107
+ Style/MethodDefParentheses:
108
+ Enabled: true
109
+
110
+ Style/MultilineMemoization:
111
+ Enabled: true
112
+
113
+ Style/MutableConstant:
114
+ Enabled: true
115
+
116
+ Style/NestedParenthesizedCalls:
117
+ Enabled: true
118
+
119
+ Style/OptionalArguments:
120
+ Enabled: true
121
+
122
+ Style/ParenthesesAroundCondition:
123
+ Enabled: true
124
+
125
+ Style/RedundantBegin:
126
+ Enabled: true
127
+
128
+ Style/RedundantConditional:
129
+ Enabled: true
130
+
131
+ Style/RedundantException:
132
+ Enabled: true
133
+
134
+ Style/RedundantFreeze:
135
+ Enabled: true
136
+
137
+ Style/RedundantInterpolation:
138
+ Enabled: true
139
+
140
+ Style/RedundantParentheses:
141
+ Enabled: true
142
+
143
+ Style/RedundantPercentQ:
144
+ Enabled: true
145
+
146
+ Style/RedundantReturn:
147
+ Enabled: true
148
+
149
+ Style/RedundantSelf:
150
+ Enabled: true
151
+
152
+ Style/Semicolon:
153
+ Enabled: true
154
+
155
+ Style/SingleLineMethods:
156
+ Enabled: true
157
+
158
+ Style/SpecialGlobalVars:
159
+ Enabled: true
160
+
161
+ Style/SymbolLiteral:
162
+ Enabled: true
163
+
164
+ Style/TrailingBodyOnClass:
165
+ Enabled: true
166
+
167
+ Style/TrailingBodyOnMethodDefinition:
168
+ Enabled: true
169
+
170
+ Style/TrailingBodyOnModule:
171
+ Enabled: true
172
+
173
+ Style/TrailingMethodEndStatement:
174
+ Enabled: true
175
+
176
+ Style/TrivialAccessors:
177
+ Enabled: true
178
+
179
+ Style/UnpackFirst:
180
+ Enabled: true
181
+
182
+ Style/YodaCondition:
183
+ Enabled: true
184
+
185
+ Style/ZeroLengthPredicate:
186
+ Enabled: true
data/.travis.yml ADDED
@@ -0,0 +1,8 @@
1
+ ---
2
+ language: ruby
3
+ cache: bundler
4
+ rvm:
5
+ - 2.7.0
6
+ - 2.6.5
7
+ - 2.5.7
8
+ before_install: gem install bundler -v 2.1.4
data/Gemfile ADDED
@@ -0,0 +1,10 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ # Specify your gem's dependencies in openssl-signature_algorithm.gemspec
6
+ gemspec
7
+
8
+ gem "rake", "~> 12.0"
9
+ gem "rspec", "~> 3.0"
10
+ gem "rubocop", "~> 0.79.0"
data/Gemfile.lock ADDED
@@ -0,0 +1,50 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ openssl-signature_algorithm (0.1.0)
5
+
6
+ GEM
7
+ remote: https://rubygems.org/
8
+ specs:
9
+ ast (2.4.0)
10
+ diff-lcs (1.3)
11
+ jaro_winkler (1.5.4)
12
+ parallel (1.19.1)
13
+ parser (2.7.0.2)
14
+ ast (~> 2.4.0)
15
+ rainbow (3.0.0)
16
+ rake (12.3.3)
17
+ rspec (3.9.0)
18
+ rspec-core (~> 3.9.0)
19
+ rspec-expectations (~> 3.9.0)
20
+ rspec-mocks (~> 3.9.0)
21
+ rspec-core (3.9.1)
22
+ rspec-support (~> 3.9.1)
23
+ rspec-expectations (3.9.0)
24
+ diff-lcs (>= 1.2.0, < 2.0)
25
+ rspec-support (~> 3.9.0)
26
+ rspec-mocks (3.9.1)
27
+ diff-lcs (>= 1.2.0, < 2.0)
28
+ rspec-support (~> 3.9.0)
29
+ rspec-support (3.9.2)
30
+ rubocop (0.79.0)
31
+ jaro_winkler (~> 1.5.1)
32
+ parallel (~> 1.10)
33
+ parser (>= 2.7.0.1)
34
+ rainbow (>= 2.2.2, < 4.0)
35
+ ruby-progressbar (~> 1.7)
36
+ unicode-display_width (>= 1.4.0, < 1.7)
37
+ ruby-progressbar (1.10.1)
38
+ unicode-display_width (1.6.1)
39
+
40
+ PLATFORMS
41
+ ruby
42
+
43
+ DEPENDENCIES
44
+ openssl-signature_algorithm!
45
+ rake (~> 12.0)
46
+ rspec (~> 3.0)
47
+ rubocop (~> 0.79.0)
48
+
49
+ BUNDLED WITH
50
+ 2.1.4
data/LICENSE ADDED
@@ -0,0 +1,201 @@
1
+ Apache License
2
+ Version 2.0, January 2004
3
+ http://www.apache.org/licenses/
4
+
5
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6
+
7
+ 1. Definitions.
8
+
9
+ "License" shall mean the terms and conditions for use, reproduction,
10
+ and distribution as defined by Sections 1 through 9 of this document.
11
+
12
+ "Licensor" shall mean the copyright owner or entity authorized by
13
+ the copyright owner that is granting the License.
14
+
15
+ "Legal Entity" shall mean the union of the acting entity and all
16
+ other entities that control, are controlled by, or are under common
17
+ control with that entity. For the purposes of this definition,
18
+ "control" means (i) the power, direct or indirect, to cause the
19
+ direction or management of such entity, whether by contract or
20
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
21
+ outstanding shares, or (iii) beneficial ownership of such entity.
22
+
23
+ "You" (or "Your") shall mean an individual or Legal Entity
24
+ exercising permissions granted by this License.
25
+
26
+ "Source" form shall mean the preferred form for making modifications,
27
+ including but not limited to software source code, documentation
28
+ source, and configuration files.
29
+
30
+ "Object" form shall mean any form resulting from mechanical
31
+ transformation or translation of a Source form, including but
32
+ not limited to compiled object code, generated documentation,
33
+ and conversions to other media types.
34
+
35
+ "Work" shall mean the work of authorship, whether in Source or
36
+ Object form, made available under the License, as indicated by a
37
+ copyright notice that is included in or attached to the work
38
+ (an example is provided in the Appendix below).
39
+
40
+ "Derivative Works" shall mean any work, whether in Source or Object
41
+ form, that is based on (or derived from) the Work and for which the
42
+ editorial revisions, annotations, elaborations, or other modifications
43
+ represent, as a whole, an original work of authorship. For the purposes
44
+ of this License, Derivative Works shall not include works that remain
45
+ separable from, or merely link (or bind by name) to the interfaces of,
46
+ the Work and Derivative Works thereof.
47
+
48
+ "Contribution" shall mean any work of authorship, including
49
+ the original version of the Work and any modifications or additions
50
+ to that Work or Derivative Works thereof, that is intentionally
51
+ submitted to Licensor for inclusion in the Work by the copyright owner
52
+ or by an individual or Legal Entity authorized to submit on behalf of
53
+ the copyright owner. For the purposes of this definition, "submitted"
54
+ means any form of electronic, verbal, or written communication sent
55
+ to the Licensor or its representatives, including but not limited to
56
+ communication on electronic mailing lists, source code control systems,
57
+ and issue tracking systems that are managed by, or on behalf of, the
58
+ Licensor for the purpose of discussing and improving the Work, but
59
+ excluding communication that is conspicuously marked or otherwise
60
+ designated in writing by the copyright owner as "Not a Contribution."
61
+
62
+ "Contributor" shall mean Licensor and any individual or Legal Entity
63
+ on behalf of whom a Contribution has been received by Licensor and
64
+ subsequently incorporated within the Work.
65
+
66
+ 2. Grant of Copyright License. Subject to the terms and conditions of
67
+ this License, each Contributor hereby grants to You a perpetual,
68
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69
+ copyright license to reproduce, prepare Derivative Works of,
70
+ publicly display, publicly perform, sublicense, and distribute the
71
+ Work and such Derivative Works in Source or Object form.
72
+
73
+ 3. Grant of Patent License. Subject to the terms and conditions of
74
+ this License, each Contributor hereby grants to You a perpetual,
75
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76
+ (except as stated in this section) patent license to make, have made,
77
+ use, offer to sell, sell, import, and otherwise transfer the Work,
78
+ where such license applies only to those patent claims licensable
79
+ by such Contributor that are necessarily infringed by their
80
+ Contribution(s) alone or by combination of their Contribution(s)
81
+ with the Work to which such Contribution(s) was submitted. If You
82
+ institute patent litigation against any entity (including a
83
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
84
+ or a Contribution incorporated within the Work constitutes direct
85
+ or contributory patent infringement, then any patent licenses
86
+ granted to You under this License for that Work shall terminate
87
+ as of the date such litigation is filed.
88
+
89
+ 4. Redistribution. You may reproduce and distribute copies of the
90
+ Work or Derivative Works thereof in any medium, with or without
91
+ modifications, and in Source or Object form, provided that You
92
+ meet the following conditions:
93
+
94
+ (a) You must give any other recipients of the Work or
95
+ Derivative Works a copy of this License; and
96
+
97
+ (b) You must cause any modified files to carry prominent notices
98
+ stating that You changed the files; and
99
+
100
+ (c) You must retain, in the Source form of any Derivative Works
101
+ that You distribute, all copyright, patent, trademark, and
102
+ attribution notices from the Source form of the Work,
103
+ excluding those notices that do not pertain to any part of
104
+ the Derivative Works; and
105
+
106
+ (d) If the Work includes a "NOTICE" text file as part of its
107
+ distribution, then any Derivative Works that You distribute must
108
+ include a readable copy of the attribution notices contained
109
+ within such NOTICE file, excluding those notices that do not
110
+ pertain to any part of the Derivative Works, in at least one
111
+ of the following places: within a NOTICE text file distributed
112
+ as part of the Derivative Works; within the Source form or
113
+ documentation, if provided along with the Derivative Works; or,
114
+ within a display generated by the Derivative Works, if and
115
+ wherever such third-party notices normally appear. The contents
116
+ of the NOTICE file are for informational purposes only and
117
+ do not modify the License. You may add Your own attribution
118
+ notices within Derivative Works that You distribute, alongside
119
+ or as an addendum to the NOTICE text from the Work, provided
120
+ that such additional attribution notices cannot be construed
121
+ as modifying the License.
122
+
123
+ You may add Your own copyright statement to Your modifications and
124
+ may provide additional or different license terms and conditions
125
+ for use, reproduction, or distribution of Your modifications, or
126
+ for any such Derivative Works as a whole, provided Your use,
127
+ reproduction, and distribution of the Work otherwise complies with
128
+ the conditions stated in this License.
129
+
130
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
131
+ any Contribution intentionally submitted for inclusion in the Work
132
+ by You to the Licensor shall be under the terms and conditions of
133
+ this License, without any additional terms or conditions.
134
+ Notwithstanding the above, nothing herein shall supersede or modify
135
+ the terms of any separate license agreement you may have executed
136
+ with Licensor regarding such Contributions.
137
+
138
+ 6. Trademarks. This License does not grant permission to use the trade
139
+ names, trademarks, service marks, or product names of the Licensor,
140
+ except as required for reasonable and customary use in describing the
141
+ origin of the Work and reproducing the content of the NOTICE file.
142
+
143
+ 7. Disclaimer of Warranty. Unless required by applicable law or
144
+ agreed to in writing, Licensor provides the Work (and each
145
+ Contributor provides its Contributions) on an "AS IS" BASIS,
146
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147
+ implied, including, without limitation, any warranties or conditions
148
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149
+ PARTICULAR PURPOSE. You are solely responsible for determining the
150
+ appropriateness of using or redistributing the Work and assume any
151
+ risks associated with Your exercise of permissions under this License.
152
+
153
+ 8. Limitation of Liability. In no event and under no legal theory,
154
+ whether in tort (including negligence), contract, or otherwise,
155
+ unless required by applicable law (such as deliberate and grossly
156
+ negligent acts) or agreed to in writing, shall any Contributor be
157
+ liable to You for damages, including any direct, indirect, special,
158
+ incidental, or consequential damages of any character arising as a
159
+ result of this License or out of the use or inability to use the
160
+ Work (including but not limited to damages for loss of goodwill,
161
+ work stoppage, computer failure or malfunction, or any and all
162
+ other commercial damages or losses), even if such Contributor
163
+ has been advised of the possibility of such damages.
164
+
165
+ 9. Accepting Warranty or Additional Liability. While redistributing
166
+ the Work or Derivative Works thereof, You may choose to offer,
167
+ and charge a fee for, acceptance of support, warranty, indemnity,
168
+ or other liability obligations and/or rights consistent with this
169
+ License. However, in accepting such obligations, You may act only
170
+ on Your own behalf and on Your sole responsibility, not on behalf
171
+ of any other Contributor, and only if You agree to indemnify,
172
+ defend, and hold each Contributor harmless for any liability
173
+ incurred by, or claims asserted against, such Contributor by reason
174
+ of your accepting any such warranty or additional liability.
175
+
176
+ END OF TERMS AND CONDITIONS
177
+
178
+ APPENDIX: How to apply the Apache License to your work.
179
+
180
+ To apply the Apache License to your work, attach the following
181
+ boilerplate notice, with the fields enclosed by brackets "[]"
182
+ replaced with your own identifying information. (Don't include
183
+ the brackets!) The text should be enclosed in the appropriate
184
+ comment syntax for the file format. We also recommend that a
185
+ file or class name and description of purpose be included on the
186
+ same "printed page" as the copyright notice for easier
187
+ identification within third-party archives.
188
+
189
+ Copyright [yyyy] [name of copyright owner]
190
+
191
+ Licensed under the Apache License, Version 2.0 (the "License");
192
+ you may not use this file except in compliance with the License.
193
+ You may obtain a copy of the License at
194
+
195
+ http://www.apache.org/licenses/LICENSE-2.0
196
+
197
+ Unless required by applicable law or agreed to in writing, software
198
+ distributed under the License is distributed on an "AS IS" BASIS,
199
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200
+ See the License for the specific language governing permissions and
201
+ limitations under the License.
data/README.md ADDED
@@ -0,0 +1,90 @@
1
+ # OpenSSL::SignatureAlgorithm
2
+
3
+ This tiny library introduces `OpenSSL::SignatureAlgorithm::ECDSA`, `OpenSSL::SignatureAlgorithm::RSAPSS` and `OpenSSL::SignatureAlgorithm::RSAPKCS1`, so that you can reason in terms of signature algorithms when signing and/or verifying signatures―instead of keys.
4
+
5
+ This provides a higher level of abstraction, on top of `openssl`'s gem `OpenSSL::PKey::EC`, `OpenSSL::PKey::EC::Point` and `OpenSSL::PKey::RSA`.
6
+
7
+ ## Installation
8
+
9
+ Add this line to your application's Gemfile:
10
+
11
+ ```ruby
12
+ gem 'openssl-signature_algorithm'
13
+ ```
14
+
15
+ And then execute:
16
+
17
+ $ bundle install
18
+
19
+ Or install it yourself as:
20
+
21
+ $ gem install openssl-signature_algorithm
22
+
23
+ ## Usage
24
+
25
+ ### ECDSA
26
+
27
+ ```ruby
28
+ to_be_signed = "to-be-signed"
29
+
30
+ # Signer
31
+ algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("256")
32
+ signing_key = algorithm.generate_signing_key
33
+ signature = algorithm.sign(to_be_signed)
34
+
35
+ # Signer sends verify key to Verifier
36
+ verify_key = signing_key.verify_key
37
+
38
+ # Verifier
39
+ algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("256")
40
+ algorithm.verify_key = verify_key
41
+ algorithm.verify(signature, to_be_signed)
42
+ ```
43
+
44
+ ### RSA-PSS
45
+
46
+ ```ruby
47
+ to_be_signed = "to-be-signed"
48
+
49
+ # Signer
50
+ algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new("256")
51
+ signing_key = algorithm.generate_signing_key
52
+ signature = algorithm.sign(to_be_signed)
53
+
54
+ # Signer sends verify key to Verifier
55
+ verify_key = signing_key.verify_key
56
+
57
+ # Verifier
58
+ algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new("256")
59
+ algorithm.verify_key = verify_key
60
+ algorithm.verify(signature, to_be_signed)
61
+ ```
62
+
63
+ ### RSA-PKCS1_v1.5
64
+
65
+ ```ruby
66
+ to_be_signed = "to-be-signed"
67
+
68
+ # Signer
69
+ algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new("256")
70
+ signing_key = algorithm.generate_signing_key
71
+ signature = algorithm.sign(to_be_signed)
72
+
73
+ # Signer sends verify key to Verifier
74
+ verify_key = signing_key.verify_key
75
+
76
+ # Verifier
77
+ algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new("256")
78
+ algorithm.verify_key = verify_key
79
+ algorithm.verify(signature, to_be_signed)
80
+ ```
81
+
82
+ ## Development
83
+
84
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
85
+
86
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
87
+
88
+ ## Contributing
89
+
90
+ Bug reports and pull requests are welcome on GitHub at https://github.com/cedarcode/openssl-signature_algorithm.
data/Rakefile ADDED
@@ -0,0 +1,10 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+ require "rubocop/rake_task"
6
+
7
+ RSpec::Core::RakeTask.new(:spec)
8
+ RuboCop::RakeTask.new
9
+
10
+ task default: [:rubocop, :spec]
data/bin/console ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "openssl/signature_algorithm"
6
+
7
+ # You can add fixtures and/or initialization code here to make experimenting
8
+ # with your gem easier. You can also use a different console, if you like.
9
+
10
+ # (If you use this, don't forget to add pry to your Gemfile!)
11
+ # require "pry"
12
+ # Pry.start
13
+
14
+ require "irb"
15
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl/signature_algorithm/ecdsa"
4
+ require "openssl/signature_algorithm/error"
5
+ require "openssl/signature_algorithm/rsapss"
6
+ require "openssl/signature_algorithm/rsapkcs1"
7
+ require "openssl/signature_algorithm/version"
8
+
9
+ module OpenSSL
10
+ module SignatureAlgorithm
11
+ end
12
+ end
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl"
4
+ require "openssl/signature_algorithm/error"
5
+
6
+ module OpenSSL
7
+ module SignatureAlgorithm
8
+ class Base
9
+ attr_reader :digest_length, :signing_key
10
+ attr_accessor :verify_key
11
+
12
+ def initialize(digest_length)
13
+ @digest_length = digest_length
14
+ end
15
+
16
+ def sign(data)
17
+ signing_key.sign(hash_function, data)
18
+ end
19
+
20
+ def hash_function
21
+ OpenSSL::Digest.new("sha#{digest_length}")
22
+ end
23
+
24
+ def verify(signature, verification_data)
25
+ verify_key.verify(hash_function, signature, verification_data) ||
26
+ raise(OpenSSL::SignatureAlgorithm::Error, "Signature verification failed")
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,44 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl"
4
+ require "openssl/signature_algorithm/base"
5
+
6
+ module OpenSSL
7
+ module SignatureAlgorithm
8
+ class ECDSA < Base
9
+ class SigningKey < OpenSSL::PKey::EC
10
+ def initialize(*args)
11
+ super(*args).generate_key
12
+ end
13
+
14
+ def verify_key
15
+ VerifyKey.new(group, public_key.to_bn)
16
+ end
17
+ end
18
+
19
+ class VerifyKey < OpenSSL::PKey::EC::Point
20
+ def verify(*args)
21
+ ec_key = OpenSSL::PKey::EC.new(group)
22
+ ec_key.public_key = self
23
+
24
+ ec_key.verify(*args)
25
+ end
26
+ end
27
+
28
+ CURVE_BY_DIGEST_LENGTH = {
29
+ "256" => "prime256v1",
30
+ "384" => "secp384r1",
31
+ "512" => "secp521r1"
32
+ }.freeze
33
+
34
+ def generate_signing_key
35
+ @signing_key = SigningKey.new(curve_name)
36
+ end
37
+
38
+ def curve_name
39
+ CURVE_BY_DIGEST_LENGTH[digest_length] ||
40
+ raise(OpenSSL::SignatureAlgorithm::Error, "Unsupported digest length #{digest_length}")
41
+ end
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module OpenSSL
4
+ module SignatureAlgorithm
5
+ class Error < StandardError; end
6
+ end
7
+ end
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl"
4
+ require "openssl/signature_algorithm/base"
5
+
6
+ module OpenSSL
7
+ module SignatureAlgorithm
8
+ class RSAPKCS1 < Base
9
+ class SigningKey < OpenSSL::PKey::RSA
10
+ def verify_key
11
+ public_key
12
+ end
13
+ end
14
+
15
+ DEFAULT_KEY_SIZE = 2048
16
+
17
+ def generate_signing_key(size: DEFAULT_KEY_SIZE)
18
+ @signing_key = SigningKey.new(size)
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,44 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "openssl"
4
+ require "openssl/signature_algorithm/base"
5
+
6
+ module OpenSSL
7
+ module SignatureAlgorithm
8
+ class RSAPSS < Base
9
+ class SigningKey < OpenSSL::PKey::RSA
10
+ def verify_key
11
+ public_key
12
+ end
13
+ end
14
+
15
+ DEFAULT_KEY_SIZE = 2048
16
+
17
+ def generate_signing_key(size: DEFAULT_KEY_SIZE)
18
+ @signing_key = SigningKey.new(size)
19
+ end
20
+
21
+ def sign(data)
22
+ signing_key.sign_pss(hash_function, data, salt_length: salt_length, mgf1_hash: mgf1_hash_function)
23
+ end
24
+
25
+ def verify(signature, verification_data)
26
+ verify_key.verify_pss(
27
+ hash_function,
28
+ signature,
29
+ verification_data,
30
+ salt_length: salt_length,
31
+ mgf1_hash: mgf1_hash_function
32
+ ) || raise(OpenSSL::SignatureAlgorithm::Error, "Signature verification failed")
33
+ end
34
+
35
+ def salt_length
36
+ :auto
37
+ end
38
+
39
+ def mgf1_hash_function
40
+ hash_function
41
+ end
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module OpenSSL
4
+ module SignatureAlgorithm
5
+ VERSION = "0.1.0"
6
+ end
7
+ end
@@ -0,0 +1,35 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative 'lib/openssl/signature_algorithm/version'
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "openssl-signature_algorithm"
7
+ spec.version = OpenSSL::SignatureAlgorithm::VERSION
8
+ spec.authors = ["Gonzalo"]
9
+ spec.email = ["gonzalo@cedarcode.com"]
10
+ spec.license = "Apache-2.0"
11
+
12
+ spec.summary = "Signature Algorithm abstraction for openssl ruby gem"
13
+ spec.description = <<-DESC
14
+ This tiny library introduces `OpenSSL::SignatureAlgorithm::ECDSA`,
15
+ `OpenSSL::SignatureAlgorithm::RSAPSS` and `OpenSSL::SignatureAlgorithm::RSAPKCS1`,
16
+ so that you can reason in terms of signature algorithms when signing and/or
17
+ verifying signatures―instead of keys.
18
+ DESC
19
+
20
+ spec.homepage = "https://github.com/cedarcode/openssl-signature_algorithm"
21
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
22
+
23
+ spec.metadata["homepage_uri"] = spec.homepage
24
+ spec.metadata["source_code_uri"] = spec.homepage
25
+ spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/master/CHANGELOG.md"
26
+
27
+ # Specify which files should be added to the gem when it is released.
28
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
29
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
30
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
31
+ end
32
+ spec.bindir = "exe"
33
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
34
+ spec.require_paths = ["lib"]
35
+ end
metadata ADDED
@@ -0,0 +1,69 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: openssl-signature_algorithm
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Gonzalo
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2020-01-29 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: |2
14
+ This tiny library introduces `OpenSSL::SignatureAlgorithm::ECDSA`,
15
+ `OpenSSL::SignatureAlgorithm::RSAPSS` and `OpenSSL::SignatureAlgorithm::RSAPKCS1`,
16
+ so that you can reason in terms of signature algorithms when signing and/or
17
+ verifying signatures―instead of keys.
18
+ email:
19
+ - gonzalo@cedarcode.com
20
+ executables: []
21
+ extensions: []
22
+ extra_rdoc_files: []
23
+ files:
24
+ - ".gitignore"
25
+ - ".rspec"
26
+ - ".rubocop.yml"
27
+ - ".travis.yml"
28
+ - Gemfile
29
+ - Gemfile.lock
30
+ - LICENSE
31
+ - README.md
32
+ - Rakefile
33
+ - bin/console
34
+ - bin/setup
35
+ - lib/openssl/signature_algorithm.rb
36
+ - lib/openssl/signature_algorithm/base.rb
37
+ - lib/openssl/signature_algorithm/ecdsa.rb
38
+ - lib/openssl/signature_algorithm/error.rb
39
+ - lib/openssl/signature_algorithm/rsapkcs1.rb
40
+ - lib/openssl/signature_algorithm/rsapss.rb
41
+ - lib/openssl/signature_algorithm/version.rb
42
+ - openssl-signature_algorithm.gemspec
43
+ homepage: https://github.com/cedarcode/openssl-signature_algorithm
44
+ licenses:
45
+ - Apache-2.0
46
+ metadata:
47
+ homepage_uri: https://github.com/cedarcode/openssl-signature_algorithm
48
+ source_code_uri: https://github.com/cedarcode/openssl-signature_algorithm
49
+ changelog_uri: https://github.com/cedarcode/openssl-signature_algorithm/blob/master/CHANGELOG.md
50
+ post_install_message:
51
+ rdoc_options: []
52
+ require_paths:
53
+ - lib
54
+ required_ruby_version: !ruby/object:Gem::Requirement
55
+ requirements:
56
+ - - ">="
57
+ - !ruby/object:Gem::Version
58
+ version: 2.5.0
59
+ required_rubygems_version: !ruby/object:Gem::Requirement
60
+ requirements:
61
+ - - ">="
62
+ - !ruby/object:Gem::Version
63
+ version: '0'
64
+ requirements: []
65
+ rubygems_version: 3.1.2
66
+ signing_key:
67
+ specification_version: 4
68
+ summary: Signature Algorithm abstraction for openssl ruby gem
69
+ test_files: []