Class: Botan::PK::PrivateKey

Inherits:

Object

• Object
• Botan::PK::PrivateKey

Extended by:

Forwardable

Defined in:

lib/botan/pk/privatekey.rb

Overview

Private Key

Instance Attribute Summary

• #ptr ⇒ Object readonly private

Class Method Summary

• .destroy(ptr) ⇒ Object private
• .from_data(data, password: nil, rng: Botan::RNG.new) ⇒ Botan::PK::PrivateKey

  Creates a PrivateKey from BER/PEM data.

• .generate(algo, params: nil, rng: Botan::RNG.new) ⇒ Botan::PK::PrivateKey

  Generates a new key pair.

Instance Method Summary

• #algo ⇒ Object
• #decrypt(data, padding: nil) ⇒ String

  Decrypts data using the key.

• #encrypt ⇒ Object
• #estimated_strength ⇒ Object
• #export_der(password:, cipher: nil, pbkdf: nil, iterations: Botan::DEFAULT_KDF_ITERATIONS, rng: Botan::RNG.new) ⇒ String

  Exports the encrypted key with DER encoding.

• #export_der! ⇒ String

  Exports the unencrypted key with DER encoding.

• #export_der_timed(password:, milliseconds:, cipher: nil, pbkdf: nil, rng: Botan::RNG.new) ⇒ Hash<Symbol>

  Exports the encrypted key with DER encoding, using a timed PBKDF.

• #export_pem(password:, cipher: nil, pbkdf: nil, iterations: Botan::DEFAULT_KDF_ITERATIONS, rng: Botan::RNG.new) ⇒ String

  Exports the encrypted key with PEM encoding.

• #export_pem! ⇒ String

  Exports the unencrypted key with PEM encoding.

• #export_pem_timed(password:, milliseconds:, cipher: nil, pbkdf: nil, rng: Botan::RNG.new) ⇒ Hash<Symbol>

  Exports the encrypted key with PEM encoding, using a timed PBKDF.

• #get_field(field) ⇒ Integer

  Retrieves a field of key material.

• #initialize(ptr) ⇒ PrivateKey constructor private

  See PrivateKey.generate and PrivateKey.from_data instead.

• #inspect ⇒ Object
• #public_key ⇒ Botan::PK::PublicKey

  Returns the PublicKey portion of the key pair.

• #sign(data, padding: nil, rng: Botan::RNG.new) ⇒ String

  Creates a signature using the key.

• #valid?(rng = nil, thorough = false) ⇒ Boolean

  Checks whether the key appears to be valid.

• #verify ⇒ Object

Constructor Details

#initialize(ptr) ⇒ PrivateKey

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

See generate and from_data instead.

Raises:

• (Botan::Error)

# File 'lib/botan/pk/privatekey.rb', line 36

def initialize(ptr)
  raise Botan::Error, 'PrivateKey received a NULL pointer' if ptr.null?
  @ptr = FFI::AutoPointer.new(ptr, self.class.method(:destroy))
end

Instance Attribute Details

#ptr ⇒ Object (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/botan/pk/privatekey.rb', line 32

def ptr
  @ptr
end

Class Method Details

.destroy(ptr) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/botan/pk/privatekey.rb', line 42

def self.destroy(ptr)
  LibBotan.botan_privkey_destroy(ptr)
end

.from_data(data, password: nil, rng: Botan::RNG.new) ⇒ Botan::PK::PrivateKey

Creates a Botan::PK::PrivateKey from BER/PEM data.

Parameters:

• data (String) —

  the private key data in a supported format

Returns:

• (Botan::PK::PrivateKey)

# File 'lib/botan/pk/privatekey.rb', line 64

def self.from_data(data, password: nil, rng: Botan::RNG.new)
  ptr = FFI::MemoryPointer.new(:pointer)
  buf = FFI::MemoryPointer.from_data(data)
  Botan.call_ffi(:botan_privkey_load, ptr, rng.ptr,
                 buf, buf.size, password)
  PrivateKey.new(ptr.read_pointer)
end

.generate(algo, params: nil, rng: Botan::RNG.new) ⇒ Botan::PK::PrivateKey

Generates a new key pair.

Parameters:

• algo (String) —

  the public-key algorithm name

• params (String) (defaults to: nil) —

  algorithm-specific parameters

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (Botan::PK::PrivateKey)

Raises:

• (Botan::Error)

# File 'lib/botan/pk/privatekey.rb', line 52

def self.generate(algo, params: nil, rng: Botan::RNG.new)
  ptr = FFI::MemoryPointer.new(:pointer)
  Botan.call_ffi(:botan_privkey_create, ptr, algo, params, rng.ptr)
  ptr = ptr.read_pointer
  raise Botan::Error, 'botan_privkey_create failed' if ptr.null?
  PrivateKey.new(ptr)
end

Instance Method Details

#algo ⇒ Object

See Also:

• Botan::PK::PublicKey#algo

# File 'lib/botan/pk/privatekey.rb', line 22

#decrypt(data, padding: nil) ⇒ String

Decrypts data using the key.

Parameters:

• data (String) —

  the data to decrypt

• padding (String) (defaults to: nil) —

  the padding method to use

Returns:

• (String) —

  the decrypted data

# File 'lib/botan/pk/privatekey.rb', line 224

def decrypt(data, padding: nil)
  dec = Botan::PK::Decrypt.new(key: self, padding: padding)
  dec.decrypt(data)
end

#encrypt ⇒ Object

See Also:

• Botan::PK::PublicKey#encrypt

# File 'lib/botan/pk/privatekey.rb', line 22

#estimated_strength ⇒ Object

See Also:

• Botan::PK::PublicKey#estimated_strength

# File 'lib/botan/pk/privatekey.rb', line 22

#export_der(password:, cipher: nil, pbkdf: nil, iterations: Botan::DEFAULT_KDF_ITERATIONS, rng: Botan::RNG.new) ⇒ String

Exports the encrypted key with DER encoding.

Parameters:

• password (String) —

  the password for encrypting/decrypting

• cipher (String) (defaults to: nil) —

  the name of the cipher to use

• pbkdf (String) (defaults to: nil) —

  the name of the PBKDF algorithm to use

• iterations (Integer) (defaults to: Botan::DEFAULT_KDF_ITERATIONS) —

  the number of iterations for PBKDF

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (String)

# File 'lib/botan/pk/privatekey.rb', line 124

def export_der(password:,
               cipher: nil,
               pbkdf: nil,
               iterations: Botan::DEFAULT_KDF_ITERATIONS,
               rng: Botan::RNG.new)
  export_encrypted(password: password,
                   pem: true,
                   cipher: cipher,
                   pbkdf: pbkdf,
                   iterations: iterations,
                   rng: rng)
end

#export_der! ⇒ String

Exports the unencrypted key with DER encoding.

Returns:

• (String)

# File 'lib/botan/pk/privatekey.rb', line 91

def export_der!
  export(pem: false)
end

#export_der_timed(password:, milliseconds:, cipher: nil, pbkdf: nil, rng: Botan::RNG.new) ⇒ Hash<Symbol>

Exports the encrypted key with DER encoding, using a timed PBKDF.

Parameters:

• password (String) —

  the password for encrypting/decrypting

• milliseconds (Integer) —

  the minimum number of milliseconds to run the PBKDF.

• cipher (String) (defaults to: nil) —

  the name of the cipher to use

• pbkdf (String) (defaults to: nil) —

  the name of the PBKDF algorithm to use

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (Hash<Symbol>) —

  • :iterations [Integer] the iteration count used

  • :data [String] the DER-encoded key

# File 'lib/botan/pk/privatekey.rb', line 172

def export_der_timed(password:,
                     milliseconds:,
                     cipher: nil,
                     pbkdf: nil,
                     rng: Botan::RNG.new)
  export_encrypted_timed(password: password,
                         pem: false,
                         milliseconds: milliseconds,
                         cipher: cipher,
                         pbkdf: pbkdf,
                         rng: rng)
end

#export_pem(password:, cipher: nil, pbkdf: nil, iterations: Botan::DEFAULT_KDF_ITERATIONS, rng: Botan::RNG.new) ⇒ String

Exports the encrypted key with PEM encoding.

Parameters:

• password (String) —

  the password for encrypting/decrypting

• cipher (String) (defaults to: nil) —

  the name of the cipher to use

• pbkdf (String) (defaults to: nil) —

  the name of the PBKDF algorithm to use

• iterations (Integer) (defaults to: Botan::DEFAULT_KDF_ITERATIONS) —

  the number of iterations for PBKDF

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (String)

# File 'lib/botan/pk/privatekey.rb', line 103

def export_pem(password:,
               cipher: nil,
               pbkdf: nil,
               iterations: Botan::DEFAULT_KDF_ITERATIONS,
               rng: Botan::RNG.new)
  export_encrypted(password: password,
                   pem: true,
                   cipher: cipher,
                   pbkdf: pbkdf,
                   iterations: iterations,
                   rng: rng)
end

#export_pem! ⇒ String

Exports the unencrypted key with PEM encoding.

Returns:

• (String)

# File 'lib/botan/pk/privatekey.rb', line 84

def export_pem!
  export(pem: true)
end

#export_pem_timed(password:, milliseconds:, cipher: nil, pbkdf: nil, rng: Botan::RNG.new) ⇒ Hash<Symbol>

Exports the encrypted key with PEM encoding, using a timed PBKDF.

Parameters:

• password (String) —

  the password for encrypting/decrypting

• milliseconds (Integer) —

  the minimum number of milliseconds to run the PBKDF.

• cipher (String) (defaults to: nil) —

  the name of the cipher to use

• pbkdf (String) (defaults to: nil) —

  the name of the PBKDF algorithm to use

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (Hash<Symbol>) —

  • :iterations [Integer] the iteration count used

  • :data [String] the PEM-encoded key

# File 'lib/botan/pk/privatekey.rb', line 148

def export_pem_timed(password:,
                     milliseconds:,
                     cipher: nil,
                     pbkdf: nil,
                     rng: Botan::RNG.new)
  export_encrypted_timed(password: password,
                         pem: true,
                         milliseconds: milliseconds,
                         cipher: cipher,
                         pbkdf: pbkdf,
                         rng: rng)
end

#get_field(field) ⇒ Integer

Retrieves a field of key material.

For example, the ‘e’ field of an RSA key might return the value 0x1001.

Parameters:

• field (String) —

  the name of the field to retrieve

Returns:

• (Integer)

# File 'lib/botan/pk/privatekey.rb', line 205

def get_field(field)
  mp = nil
  mp_ptr = FFI::MemoryPointer.new(:pointer)
  Botan.call_ffi(:botan_mp_init, mp_ptr)
  mp = mp_ptr.read_pointer
  Botan.call_ffi(:botan_privkey_get_field, mp, @ptr, field)
  hex_str = Botan.call_ffi_with_buffer(lambda { |b, bl|
    LibBotan.botan_mp_to_str(mp, 16, b, bl)
  }, string: true)
  hex_str.hex
ensure
  LibBotan.botan_mp_destroy(mp) if mp && !mp.null?
end

#inspect ⇒ Object

# File 'lib/botan/pk/privatekey.rb', line 241

def inspect
  Botan.inspect_ptr(self)
end

#public_key ⇒ Botan::PK::PublicKey

Returns the Botan::PK::PublicKey portion of the key pair.

Returns:

• (Botan::PK::PublicKey)

# File 'lib/botan/pk/privatekey.rb', line 75

def public_key
  pubkey_ptr = FFI::MemoryPointer.new(:pointer)
  Botan.call_ffi(:botan_privkey_export_pubkey, pubkey_ptr, @ptr)
  PublicKey.new(pubkey_ptr.read_pointer)
end

#sign(data, padding: nil, rng: Botan::RNG.new) ⇒ String

Creates a signature using the key.

Parameters:

• data (String) —

  the data to sign

• padding (String) (defaults to: nil) —

  the padding method

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (String) —

  the generated signature

# File 'lib/botan/pk/privatekey.rb', line 235

def sign(data, padding: nil, rng: Botan::RNG.new)
  sign = Botan::PK::Sign.new(key: self, padding: padding)
  sign << data
  sign.finish(rng)
end

#valid?(rng = nil, thorough = false) ⇒ Boolean

Checks whether the key appears to be valid.

Parameters:

• rng (Botan::RNG) (defaults to: nil) —

  the RNG to use

• thorough (Boolean) (defaults to: false) —

  whether to perform more thorough checks that may be slower

Returns:

• (Boolean) —

  true if the key appears to be valid

# File 'lib/botan/pk/privatekey.rb', line 191

def valid?(rng = nil, thorough = false)
  rng ||= Botan::RNG.new
  flags = thorough ? 1 : 0
  rc = LibBotan.botan_privkey_check_key(@ptr, rng.ptr, flags)
  rc.zero?
end

#verify ⇒ Object

See Also:

• Botan::PK::PublicKey#verify

# File 'lib/botan/pk/privatekey.rb', line 22