openssl-signature_algorithm 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/build.yml +37 -0
- data/.rubocop.yml +1 -0
- data/Appraisals +0 -7
- data/CHANGELOG.md +9 -0
- data/Gemfile +1 -0
- data/Gemfile.lock +5 -1
- data/README.md +26 -2
- data/gemfiles/openssl_2_0.gemfile +1 -0
- data/gemfiles/openssl_2_1.gemfile +1 -0
- data/gemfiles/openssl_2_2.gemfile +1 -0
- data/lib/openssl/signature_algorithm.rb +1 -0
- data/lib/openssl/signature_algorithm/eddsa.rb +48 -0
- data/lib/openssl/signature_algorithm/version.rb +1 -1
- data/openssl-signature_algorithm.gemspec +3 -1
- metadata +22 -9
- data/.travis.yml +0 -24
- data/gemfiles/openssl_default.gemfile +0 -11
- data/gemfiles/openssl_head.gemfile +0 -12
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b8ab663827b9c60f9719579871f55a1b12001374d444e9b9194d2708395ba8af
|
|
4
|
+
data.tar.gz: 8af2c52eea842562e1122bd8824bb8eb79ed8923648d24414b11d7a7d0b9adea
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 364884d8b267251a5f354d09cfbca71f64f33c7cc6eebac031b42074ab59eff1ed588b202e60f1bb06d392c175bb20c3b69563fda04a6210fe89b1facbb09333
|
|
7
|
+
data.tar.gz: 1a02dbd91e0d8e2dcc5d1e81bf8fe328d989f367f86224abaf77719b3fd3326785f7c5ac94b6adb3c0b3bdc3ab0add2d64ab2dba9479454c0f482c77ac7bc82a
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# This workflow uses actions that are not certified by GitHub.
|
|
2
|
+
# They are provided by a third-party and are governed by
|
|
3
|
+
# separate terms of service, privacy policy, and support
|
|
4
|
+
# documentation.
|
|
5
|
+
# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
|
|
6
|
+
# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
|
|
7
|
+
|
|
8
|
+
name: build
|
|
9
|
+
|
|
10
|
+
on: push
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
test:
|
|
14
|
+
runs-on: ubuntu-20.04
|
|
15
|
+
strategy:
|
|
16
|
+
fail-fast: false
|
|
17
|
+
matrix:
|
|
18
|
+
ruby-version:
|
|
19
|
+
- 3.0.0
|
|
20
|
+
- 2.7.2
|
|
21
|
+
- 2.6.6
|
|
22
|
+
- 2.5.8
|
|
23
|
+
- 2.4.10
|
|
24
|
+
gemfile:
|
|
25
|
+
- openssl_2_2
|
|
26
|
+
- openssl_2_1
|
|
27
|
+
- openssl_2_0
|
|
28
|
+
env:
|
|
29
|
+
BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
|
|
30
|
+
steps:
|
|
31
|
+
- uses: actions/checkout@v2
|
|
32
|
+
- run: rm Gemfile.lock
|
|
33
|
+
- uses: ruby/setup-ruby@v1
|
|
34
|
+
with:
|
|
35
|
+
ruby-version: ${{ matrix.ruby-version }}
|
|
36
|
+
bundler-cache: true
|
|
37
|
+
- run: bundle exec rake
|
data/.rubocop.yml
CHANGED
data/Appraisals
CHANGED
|
@@ -1,9 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
appraise "openssl_head" do
|
|
4
|
-
gem "openssl", git: "https://github.com/ruby/openssl"
|
|
5
|
-
end
|
|
6
|
-
|
|
7
3
|
appraise "openssl_2_2" do
|
|
8
4
|
gem "openssl", "~> 2.2.0"
|
|
9
5
|
end
|
|
@@ -15,6 +11,3 @@ end
|
|
|
15
11
|
appraise "openssl_2_0" do
|
|
16
12
|
gem "openssl", "~> 2.0.0"
|
|
17
13
|
end
|
|
18
|
-
|
|
19
|
-
appraise "openssl_default" do
|
|
20
|
-
end
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [v1.1.0] - 2021-02-11
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- EdDSA support added (requires adding the `ed25519` gem to your `Gemfile`) ([@santiagorodriguez96])
|
|
8
|
+
|
|
3
9
|
## [v1.0.0] - 2020-07-08
|
|
4
10
|
|
|
5
11
|
### Added
|
|
@@ -72,9 +78,12 @@
|
|
|
72
78
|
- `OpenSSL::SignatureAlgorithm::RSAPSS`
|
|
73
79
|
- `OpenSSL::SignatureAlgorithm::RSAPKCS1`
|
|
74
80
|
|
|
81
|
+
[v1.1.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v1.0.0...v1.1.0/
|
|
75
82
|
[v1.0.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.4.0...v1.0.0/
|
|
76
83
|
[v0.4.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.3.0...v0.4.0/
|
|
77
84
|
[v0.3.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.2.0...v0.3.0/
|
|
78
85
|
[v0.2.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.1.1...v0.2.0/
|
|
79
86
|
[v0.1.1]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.1.0...v0.1.1/
|
|
80
87
|
[v0.1.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/41887c277dc7fa0c884ccf8924cf990ff76784d9...v0.1.0/
|
|
88
|
+
|
|
89
|
+
[@santiagorodriguez96]: https://github.com/santiagorodriguez96
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -2,6 +2,7 @@ PATH
|
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
4
|
openssl-signature_algorithm (1.0.0)
|
|
5
|
+
openssl (~> 2.0)
|
|
5
6
|
|
|
6
7
|
GEM
|
|
7
8
|
remote: https://rubygems.org/
|
|
@@ -13,7 +14,9 @@ GEM
|
|
|
13
14
|
ast (2.4.0)
|
|
14
15
|
byebug (11.1.1)
|
|
15
16
|
diff-lcs (1.3)
|
|
17
|
+
ed25519 (1.2.4)
|
|
16
18
|
jaro_winkler (1.5.4)
|
|
19
|
+
openssl (2.2.0)
|
|
17
20
|
parallel (1.19.1)
|
|
18
21
|
parser (2.7.0.5)
|
|
19
22
|
ast (~> 2.4.0)
|
|
@@ -51,10 +54,11 @@ PLATFORMS
|
|
|
51
54
|
DEPENDENCIES
|
|
52
55
|
appraisal (~> 2.2)
|
|
53
56
|
byebug (~> 11.0)
|
|
57
|
+
ed25519 (~> 1.2)
|
|
54
58
|
openssl-signature_algorithm!
|
|
55
59
|
rake (~> 13.0)
|
|
56
60
|
rspec (~> 3.0)
|
|
57
61
|
rubocop (~> 0.80.1)
|
|
58
62
|
|
|
59
63
|
BUNDLED WITH
|
|
60
|
-
2.
|
|
64
|
+
2.2.8
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# OpenSSL::SignatureAlgorithm
|
|
2
2
|
|
|
3
|
-
> ECDSA, RSA-PSS and RSA-PKCS#1 signature algorithms for ruby
|
|
3
|
+
> ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 signature algorithms for ruby
|
|
4
4
|
|
|
5
5
|
Sign and verify using signature algorithm wrappers, instead of key objects.
|
|
6
6
|
|
|
@@ -9,8 +9,10 @@ and `OpenSSL::SignatureAlgorithm::RSAPKCS1` ruby object wrappers on top of `Open
|
|
|
9
9
|
and `OpenSSL::PKey::RSA`, so that you can reason in terms of the algorithms and do less when
|
|
10
10
|
signing or verifying signatures.
|
|
11
11
|
|
|
12
|
+
Loosely inspired by [rbnacl](https://github.com/RubyCrypto/rbnacl)'s [Digital Signatures](https://github.com/RubyCrypto/rbnacl/wiki/Digital-Signatures) interface.
|
|
13
|
+
|
|
12
14
|
[](https://rubygems.org/gems/openssl-signature_algorithm)
|
|
13
|
-
[](https://github.com/cedarcode/openssl-signature_algorithm/actions)
|
|
14
16
|
|
|
15
17
|
## Installation
|
|
16
18
|
|
|
@@ -50,6 +52,28 @@ algorithm.verify_key = verify_key
|
|
|
50
52
|
algorithm.verify(signature, to_be_signed)
|
|
51
53
|
```
|
|
52
54
|
|
|
55
|
+
### EdDSA
|
|
56
|
+
|
|
57
|
+
Requires adding the `ed25519` gem to your `Gemfile`
|
|
58
|
+
|
|
59
|
+
```ruby
|
|
60
|
+
to_be_signed = "to-be-signed"
|
|
61
|
+
|
|
62
|
+
# Signer
|
|
63
|
+
algorithm = OpenSSL::SignatureAlgorithm::EdDSA.new
|
|
64
|
+
signing_key = algorithm.generate_signing_key
|
|
65
|
+
signature = algorithm.sign(to_be_signed)
|
|
66
|
+
|
|
67
|
+
# Signer sends verify key to Verifier
|
|
68
|
+
verify_key_string = signing_key.verify_key.serialize
|
|
69
|
+
|
|
70
|
+
# Verifier
|
|
71
|
+
verify_key = OpenSSL::SignatureAlgorithm::EdDSA::VerifyKey.deserialize(verify_key_string)
|
|
72
|
+
algorithm = OpenSSL::SignatureAlgorithm::EdDSA.new
|
|
73
|
+
algorithm.verify_key = verify_key
|
|
74
|
+
algorithm.verify(signature, to_be_signed)
|
|
75
|
+
```
|
|
76
|
+
|
|
53
77
|
### RSA-PSS
|
|
54
78
|
|
|
55
79
|
```ruby
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
begin
|
|
4
|
+
gem "ed25519", ">= 1.0.0"
|
|
5
|
+
require "ed25519"
|
|
6
|
+
rescue LoadError
|
|
7
|
+
warn "OpenSSL::SignatureAlgorithm::EdDSA requires the ed25519 gem, version 1.0 or higher. "\
|
|
8
|
+
"Please add it to your Gemfile: `gem \"ed25519\", \"~> 1.0\"`"
|
|
9
|
+
raise
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
require "openssl/signature_algorithm/base"
|
|
13
|
+
|
|
14
|
+
module OpenSSL
|
|
15
|
+
module SignatureAlgorithm
|
|
16
|
+
class EdDSA < Base
|
|
17
|
+
class SigningKey < ::Ed25519::SigningKey
|
|
18
|
+
def verify_key
|
|
19
|
+
VerifyKey.new(keypair[32, 32])
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
class VerifyKey < ::Ed25519::VerifyKey
|
|
24
|
+
def self.deserialize(key_bytes)
|
|
25
|
+
new(key_bytes)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def serialize
|
|
29
|
+
to_bytes
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def generate_signing_key
|
|
34
|
+
@signing_key = SigningKey.generate
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def sign(data)
|
|
38
|
+
signing_key.sign(data)
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def verify(signature, verification_data)
|
|
42
|
+
verify_key.verify(signature, verification_data)
|
|
43
|
+
rescue ::Ed25519::VerifyError
|
|
44
|
+
raise(OpenSSL::SignatureAlgorithm::SignatureVerificationError, "Signature verification failed")
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
end
|
|
@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
|
|
|
9
9
|
spec.email = ["gonzalo@cedarcode.com"]
|
|
10
10
|
spec.license = "Apache-2.0"
|
|
11
11
|
|
|
12
|
-
spec.summary = "ECDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby"
|
|
12
|
+
spec.summary = "ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby"
|
|
13
13
|
spec.description = spec.summary
|
|
14
14
|
|
|
15
15
|
spec.homepage = "https://github.com/cedarcode/openssl-signature_algorithm"
|
|
@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
|
|
|
27
27
|
spec.bindir = "exe"
|
|
28
28
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
29
29
|
spec.require_paths = ["lib"]
|
|
30
|
+
|
|
31
|
+
spec.add_runtime_dependency "openssl", "~> 2.0"
|
|
30
32
|
end
|
metadata
CHANGED
|
@@ -1,26 +1,40 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openssl-signature_algorithm
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gonzalo Rodriguez
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
12
|
-
dependencies:
|
|
13
|
-
|
|
11
|
+
date: 2021-02-11 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: openssl
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - "~>"
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '2.0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - "~>"
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '2.0'
|
|
27
|
+
description: ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby
|
|
14
28
|
email:
|
|
15
29
|
- gonzalo@cedarcode.com
|
|
16
30
|
executables: []
|
|
17
31
|
extensions: []
|
|
18
32
|
extra_rdoc_files: []
|
|
19
33
|
files:
|
|
34
|
+
- ".github/workflows/build.yml"
|
|
20
35
|
- ".gitignore"
|
|
21
36
|
- ".rspec"
|
|
22
37
|
- ".rubocop.yml"
|
|
23
|
-
- ".travis.yml"
|
|
24
38
|
- Appraisals
|
|
25
39
|
- CHANGELOG.md
|
|
26
40
|
- Gemfile
|
|
@@ -34,11 +48,10 @@ files:
|
|
|
34
48
|
- gemfiles/openssl_2_0.gemfile
|
|
35
49
|
- gemfiles/openssl_2_1.gemfile
|
|
36
50
|
- gemfiles/openssl_2_2.gemfile
|
|
37
|
-
- gemfiles/openssl_default.gemfile
|
|
38
|
-
- gemfiles/openssl_head.gemfile
|
|
39
51
|
- lib/openssl/signature_algorithm.rb
|
|
40
52
|
- lib/openssl/signature_algorithm/base.rb
|
|
41
53
|
- lib/openssl/signature_algorithm/ecdsa.rb
|
|
54
|
+
- lib/openssl/signature_algorithm/eddsa.rb
|
|
42
55
|
- lib/openssl/signature_algorithm/error.rb
|
|
43
56
|
- lib/openssl/signature_algorithm/rsa.rb
|
|
44
57
|
- lib/openssl/signature_algorithm/rsapkcs1.rb
|
|
@@ -67,8 +80,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
67
80
|
- !ruby/object:Gem::Version
|
|
68
81
|
version: '0'
|
|
69
82
|
requirements: []
|
|
70
|
-
rubygems_version: 3.
|
|
83
|
+
rubygems_version: 3.2.8
|
|
71
84
|
signing_key:
|
|
72
85
|
specification_version: 4
|
|
73
|
-
summary: ECDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby
|
|
86
|
+
summary: ECDSA, EdDSA, RSA-PSS and RSA-PKCS#1 algorithms for ruby
|
|
74
87
|
test_files: []
|
data/.travis.yml
DELETED
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
dist: bionic
|
|
3
|
-
language: ruby
|
|
4
|
-
cache: bundler
|
|
5
|
-
rvm:
|
|
6
|
-
- ruby-head
|
|
7
|
-
- 2.7.1
|
|
8
|
-
- 2.6.6
|
|
9
|
-
- 2.5.8
|
|
10
|
-
- 2.4.10
|
|
11
|
-
gemfile:
|
|
12
|
-
- gemfiles/openssl_head.gemfile
|
|
13
|
-
- gemfiles/openssl_2_2.gemfile
|
|
14
|
-
- gemfiles/openssl_2_1.gemfile
|
|
15
|
-
- gemfiles/openssl_2_0.gemfile
|
|
16
|
-
- gemfiles/openssl_default.gemfile
|
|
17
|
-
matrix:
|
|
18
|
-
fast_finish: true
|
|
19
|
-
allow_failures:
|
|
20
|
-
- rvm: ruby-head
|
|
21
|
-
- gemfile: gemfiles/openssl_head.gemfile
|
|
22
|
-
before_install:
|
|
23
|
-
- gem install bundler -v 2.1.4
|
|
24
|
-
- rm Gemfile.lock
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
# This file was generated by Appraisal
|
|
2
|
-
|
|
3
|
-
source "https://rubygems.org"
|
|
4
|
-
|
|
5
|
-
gem "appraisal", "~> 2.2"
|
|
6
|
-
gem "byebug", "~> 11.0"
|
|
7
|
-
gem "rake", "~> 13.0"
|
|
8
|
-
gem "rspec", "~> 3.0"
|
|
9
|
-
gem "rubocop", "~> 0.80.1"
|
|
10
|
-
gem "openssl", git: "https://github.com/ruby/openssl"
|
|
11
|
-
|
|
12
|
-
gemspec path: "../"
|