openssl-signature_algorithm 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/build.yml +37 -0
- data/.rubocop.yml +1 -0
- data/Appraisals +0 -7
- data/CHANGELOG.md +9 -0
- data/Gemfile +1 -0
- data/Gemfile.lock +5 -1
- data/README.md +26 -2
- data/gemfiles/openssl_2_0.gemfile +1 -0
- data/gemfiles/openssl_2_1.gemfile +1 -0
- data/gemfiles/openssl_2_2.gemfile +1 -0
- data/lib/openssl/signature_algorithm.rb +1 -0
- data/lib/openssl/signature_algorithm/eddsa.rb +48 -0
- data/lib/openssl/signature_algorithm/version.rb +1 -1
- data/openssl-signature_algorithm.gemspec +3 -1
- metadata +22 -9
- data/.travis.yml +0 -24
- data/gemfiles/openssl_default.gemfile +0 -11
- data/gemfiles/openssl_head.gemfile +0 -12
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b8ab663827b9c60f9719579871f55a1b12001374d444e9b9194d2708395ba8af
|
|
4
|
+
data.tar.gz: 8af2c52eea842562e1122bd8824bb8eb79ed8923648d24414b11d7a7d0b9adea
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 364884d8b267251a5f354d09cfbca71f64f33c7cc6eebac031b42074ab59eff1ed588b202e60f1bb06d392c175bb20c3b69563fda04a6210fe89b1facbb09333
|
|
7
|
+
data.tar.gz: 1a02dbd91e0d8e2dcc5d1e81bf8fe328d989f367f86224abaf77719b3fd3326785f7c5ac94b6adb3c0b3bdc3ab0add2d64ab2dba9479454c0f482c77ac7bc82a
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# This workflow uses actions that are not certified by GitHub.
|
|
2
|
+
# They are provided by a third-party and are governed by
|
|
3
|
+
# separate terms of service, privacy policy, and support
|
|
4
|
+
# documentation.
|
|
5
|
+
# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
|
|
6
|
+
# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
|
|
7
|
+
|
|
8
|
+
name: build
|
|
9
|
+
|
|
10
|
+
on: push
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
test:
|
|
14
|
+
runs-on: ubuntu-20.04
|
|
15
|
+
strategy:
|
|
16
|
+
fail-fast: false
|
|
17
|
+
matrix:
|
|
18
|
+
ruby-version:
|
|
19
|
+
- 3.0.0
|
|
20
|
+
- 2.7.2
|
|
21
|
+
- 2.6.6
|
|
22
|
+
- 2.5.8
|
|
23
|
+
- 2.4.10
|
|
24
|
+
gemfile:
|
|
25
|
+
- openssl_2_2
|
|
26
|
+
- openssl_2_1
|
|
27
|
+
- openssl_2_0
|
|
28
|
+
env:
|
|
29
|
+
BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
|
|
30
|
+
steps:
|
|
31
|
+
- uses: actions/checkout@v2
|
|
32
|
+
- run: rm Gemfile.lock
|
|
33
|
+
- uses: ruby/setup-ruby@v1
|
|
34
|
+
with:
|
|
35
|
+
ruby-version: ${{ matrix.ruby-version }}
|
|
36
|
+
bundler-cache: true
|
|
37
|
+
- run: bundle exec rake
|
data/.rubocop.yml
CHANGED
data/Appraisals
CHANGED
|
@@ -1,9 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
appraise "openssl_head" do
|
|
4
|
-
gem "openssl", git: "https://github.com/ruby/openssl"
|
|
5
|
-
end
|
|
6
|
-
|
|
7
3
|
appraise "openssl_2_2" do
|
|
8
4
|
gem "openssl", "~> 2.2.0"
|
|
9
5
|
end
|
|
@@ -15,6 +11,3 @@ end
|
|
|
15
11
|
appraise "openssl_2_0" do
|
|
16
12
|
gem "openssl", "~> 2.0.0"
|
|
17
13
|
end
|
|
18
|
-
|
|
19
|
-
appraise "openssl_default" do
|
|
20
|
-
end
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [v1.1.0] - 2021-02-11
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- EdDSA support added (requires adding the `ed25519` gem to your `Gemfile`) ([@santiagorodriguez96])
|
|
8
|
+
|
|
3
9
|
## [v1.0.0] - 2020-07-08
|
|
4
10
|
|
|
5
11
|
### Added
|
|
@@ -72,9 +78,12 @@
|
|
|
72
78
|
- `OpenSSL::SignatureAlgorithm::RSAPSS`
|
|
73
79
|
- `OpenSSL::SignatureAlgorithm::RSAPKCS1`
|
|
74
80
|
|
|
81
|
+
[v1.1.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v1.0.0...v1.1.0/
|
|
75
82
|
[v1.0.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.4.0...v1.0.0/
|
|
76
83
|
[v0.4.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.3.0...v0.4.0/
|
|
77
84
|
[v0.3.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.2.0...v0.3.0/
|
|
78
85
|
[v0.2.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.1.1...v0.2.0/
|
|
79
86
|
[v0.1.1]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.1.0...v0.1.1/
|
|
80
87
|
[v0.1.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/41887c277dc7fa0c884ccf8924cf990ff76784d9...v0.1.0/
|
|
88
|
+
|
|
89
|
+
[@santiagorodriguez96]: https://github.com/santiagorodriguez96
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -2,6 +2,7 @@ PATH
|
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
4
|
openssl-signature_algorithm (1.0.0)
|
|
5
|
+
openssl (~> 2.0)
|
|
5
6
|
|
|
6
7
|
GEM
|
|
7
8
|
remote: https://rubygems.org/
|
|
@@ -13,7 +14,9 @@ GEM
|
|
|
13
14
|
ast (2.4.0)
|
|
14
15
|
byebug (11.1.1)
|
|
15
16
|
diff-lcs (1.3)
|
|
17
|
+
ed25519 (1.2.4)
|
|
16
18
|
jaro_winkler (1.5.4)
|
|
19
|
+
openssl (2.2.0)
|
|
17
20
|
parallel (1.19.1)
|
|
18
21
|
parser (2.7.0.5)
|
|
19
22
|
ast (~> 2.4.0)
|
|
@@ -51,10 +54,11 @@ PLATFORMS
|
|
|
51
54
|
DEPENDENCIES
|
|
52
55
|
appraisal (~> 2.2)
|
|
53
56
|
byebug (~> 11.0)
|
|
57
|
+
ed25519 (~> 1.2)
|
|
54
58
|
openssl-signature_algorithm!
|
|
55
59
|
rake (~> 13.0)
|
|
56
60
|
rspec (~> 3.0)
|
|
57
61
|
rubocop (~> 0.80.1)
|
|
58
62
|
|
|
59
63
|
BUNDLED WITH
|
|
60
|
-
2.
|
|
64
|
+
2.2.8
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# OpenSSL::SignatureAlgorithm
|
|
2
2
|
|
|
3
|
-
> ECDSA, RSA-PSS and RSA-PKCS#1 signature algorithms for ruby
|
|
3
|
+
> ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 signature algorithms for ruby
|
|
4
4
|
|
|
5
5
|
Sign and verify using signature algorithm wrappers, instead of key objects.
|
|
6
6
|
|
|
@@ -9,8 +9,10 @@ and `OpenSSL::SignatureAlgorithm::RSAPKCS1` ruby object wrappers on top of `Open
|
|
|
9
9
|
and `OpenSSL::PKey::RSA`, so that you can reason in terms of the algorithms and do less when
|
|
10
10
|
signing or verifying signatures.
|
|
11
11
|
|
|
12
|
+
Loosely inspired by [rbnacl](https://github.com/RubyCrypto/rbnacl)'s [Digital Signatures](https://github.com/RubyCrypto/rbnacl/wiki/Digital-Signatures) interface.
|
|
13
|
+
|
|
12
14
|
[](https://rubygems.org/gems/openssl-signature_algorithm)
|
|
13
|
-
[](https://github.com/cedarcode/openssl-signature_algorithm/actions)
|
|
14
16
|
|
|
15
17
|
## Installation
|
|
16
18
|
|
|
@@ -50,6 +52,28 @@ algorithm.verify_key = verify_key
|
|
|
50
52
|
algorithm.verify(signature, to_be_signed)
|
|
51
53
|
```
|
|
52
54
|
|
|
55
|
+
### EdDSA
|
|
56
|
+
|
|
57
|
+
Requires adding the `ed25519` gem to your `Gemfile`
|
|
58
|
+
|
|
59
|
+
```ruby
|
|
60
|
+
to_be_signed = "to-be-signed"
|
|
61
|
+
|
|
62
|
+
# Signer
|
|
63
|
+
algorithm = OpenSSL::SignatureAlgorithm::EdDSA.new
|
|
64
|
+
signing_key = algorithm.generate_signing_key
|
|
65
|
+
signature = algorithm.sign(to_be_signed)
|
|
66
|
+
|
|
67
|
+
# Signer sends verify key to Verifier
|
|
68
|
+
verify_key_string = signing_key.verify_key.serialize
|
|
69
|
+
|
|
70
|
+
# Verifier
|
|
71
|
+
verify_key = OpenSSL::SignatureAlgorithm::EdDSA::VerifyKey.deserialize(verify_key_string)
|
|
72
|
+
algorithm = OpenSSL::SignatureAlgorithm::EdDSA.new
|
|
73
|
+
algorithm.verify_key = verify_key
|
|
74
|
+
algorithm.verify(signature, to_be_signed)
|
|
75
|
+
```
|
|
76
|
+
|
|
53
77
|
### RSA-PSS
|
|
54
78
|
|
|
55
79
|
```ruby
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
begin
|
|
4
|
+
gem "ed25519", ">= 1.0.0"
|
|
5
|
+
require "ed25519"
|
|
6
|
+
rescue LoadError
|
|
7
|
+
warn "OpenSSL::SignatureAlgorithm::EdDSA requires the ed25519 gem, version 1.0 or higher. "\
|
|
8
|
+
"Please add it to your Gemfile: `gem \"ed25519\", \"~> 1.0\"`"
|
|
9
|
+
raise
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
require "openssl/signature_algorithm/base"
|
|
13
|
+
|
|
14
|
+
module OpenSSL
|
|
15
|
+
module SignatureAlgorithm
|
|
16
|
+
class EdDSA < Base
|
|
17
|
+
class SigningKey < ::Ed25519::SigningKey
|
|
18
|
+
def verify_key
|
|
19
|
+
VerifyKey.new(keypair[32, 32])
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
class VerifyKey < ::Ed25519::VerifyKey
|
|
24
|
+
def self.deserialize(key_bytes)
|
|
25
|
+
new(key_bytes)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def serialize
|
|
29
|
+
to_bytes
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def generate_signing_key
|
|
34
|
+
@signing_key = SigningKey.generate
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def sign(data)
|
|
38
|
+
signing_key.sign(data)
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def verify(signature, verification_data)
|
|
42
|
+
verify_key.verify(signature, verification_data)
|
|
43
|
+
rescue ::Ed25519::VerifyError
|
|
44
|
+
raise(OpenSSL::SignatureAlgorithm::SignatureVerificationError, "Signature verification failed")
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
end
|
|
@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
|
|
|
9
9
|
spec.email = ["gonzalo@cedarcode.com"]
|
|
10
10
|
spec.license = "Apache-2.0"
|
|
11
11
|
|
|
12
|
-
spec.summary = "ECDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby"
|
|
12
|
+
spec.summary = "ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby"
|
|
13
13
|
spec.description = spec.summary
|
|
14
14
|
|
|
15
15
|
spec.homepage = "https://github.com/cedarcode/openssl-signature_algorithm"
|
|
@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
|
|
|
27
27
|
spec.bindir = "exe"
|
|
28
28
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
29
29
|
spec.require_paths = ["lib"]
|
|
30
|
+
|
|
31
|
+
spec.add_runtime_dependency "openssl", "~> 2.0"
|
|
30
32
|
end
|
metadata
CHANGED
|
@@ -1,26 +1,40 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openssl-signature_algorithm
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gonzalo Rodriguez
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
12
|
-
dependencies:
|
|
13
|
-
|
|
11
|
+
date: 2021-02-11 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: openssl
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - "~>"
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '2.0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - "~>"
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '2.0'
|
|
27
|
+
description: ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby
|
|
14
28
|
email:
|
|
15
29
|
- gonzalo@cedarcode.com
|
|
16
30
|
executables: []
|
|
17
31
|
extensions: []
|
|
18
32
|
extra_rdoc_files: []
|
|
19
33
|
files:
|
|
34
|
+
- ".github/workflows/build.yml"
|
|
20
35
|
- ".gitignore"
|
|
21
36
|
- ".rspec"
|
|
22
37
|
- ".rubocop.yml"
|
|
23
|
-
- ".travis.yml"
|
|
24
38
|
- Appraisals
|
|
25
39
|
- CHANGELOG.md
|
|
26
40
|
- Gemfile
|
|
@@ -34,11 +48,10 @@ files:
|
|
|
34
48
|
- gemfiles/openssl_2_0.gemfile
|
|
35
49
|
- gemfiles/openssl_2_1.gemfile
|
|
36
50
|
- gemfiles/openssl_2_2.gemfile
|
|
37
|
-
- gemfiles/openssl_default.gemfile
|
|
38
|
-
- gemfiles/openssl_head.gemfile
|
|
39
51
|
- lib/openssl/signature_algorithm.rb
|
|
40
52
|
- lib/openssl/signature_algorithm/base.rb
|
|
41
53
|
- lib/openssl/signature_algorithm/ecdsa.rb
|
|
54
|
+
- lib/openssl/signature_algorithm/eddsa.rb
|
|
42
55
|
- lib/openssl/signature_algorithm/error.rb
|
|
43
56
|
- lib/openssl/signature_algorithm/rsa.rb
|
|
44
57
|
- lib/openssl/signature_algorithm/rsapkcs1.rb
|
|
@@ -67,8 +80,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
67
80
|
- !ruby/object:Gem::Version
|
|
68
81
|
version: '0'
|
|
69
82
|
requirements: []
|
|
70
|
-
rubygems_version: 3.
|
|
83
|
+
rubygems_version: 3.2.8
|
|
71
84
|
signing_key:
|
|
72
85
|
specification_version: 4
|
|
73
|
-
summary: ECDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby
|
|
86
|
+
summary: ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby
|
|
74
87
|
test_files: []
|
data/.travis.yml
DELETED
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
dist: bionic
|
|
3
|
-
language: ruby
|
|
4
|
-
cache: bundler
|
|
5
|
-
rvm:
|
|
6
|
-
- ruby-head
|
|
7
|
-
- 2.7.1
|
|
8
|
-
- 2.6.6
|
|
9
|
-
- 2.5.8
|
|
10
|
-
- 2.4.10
|
|
11
|
-
gemfile:
|
|
12
|
-
- gemfiles/openssl_head.gemfile
|
|
13
|
-
- gemfiles/openssl_2_2.gemfile
|
|
14
|
-
- gemfiles/openssl_2_1.gemfile
|
|
15
|
-
- gemfiles/openssl_2_0.gemfile
|
|
16
|
-
- gemfiles/openssl_default.gemfile
|
|
17
|
-
matrix:
|
|
18
|
-
fast_finish: true
|
|
19
|
-
allow_failures:
|
|
20
|
-
- rvm: ruby-head
|
|
21
|
-
- gemfile: gemfiles/openssl_head.gemfile
|
|
22
|
-
before_install:
|
|
23
|
-
- gem install bundler -v 2.1.4
|
|
24
|
-
- rm Gemfile.lock
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
# This file was generated by Appraisal
|
|
2
|
-
|
|
3
|
-
source "https://rubygems.org"
|
|
4
|
-
|
|
5
|
-
gem "appraisal", "~> 2.2"
|
|
6
|
-
gem "byebug", "~> 11.0"
|
|
7
|
-
gem "rake", "~> 13.0"
|
|
8
|
-
gem "rspec", "~> 3.0"
|
|
9
|
-
gem "rubocop", "~> 0.80.1"
|
|
10
|
-
gem "openssl", git: "https://github.com/ruby/openssl"
|
|
11
|
-
|
|
12
|
-
gemspec path: "../"
|