Module: SecurizeString::RSAMethods::InstanceMethods

Defined in:
lib/securize_string/rsa_methods.rb

Overview

Adds instance methods for OpenSSL::PKey::RSA support via inclusion of SecurizeString::RSAMethods to a class.

Instance Method Summary collapse

Instance Method Details

#extract_public_key(format = :pem) ⇒ Object

Interpret the contents of hte string asn a RSA private key, and extract the public key from it. If the contents are not a private key, then it will raise an exception.



112
113
114
115
 
# File 'lib/securize_string/rsa_methods.rb', line 112

def extract_public_key(format = :pem)
  pvt, pub = self.class.separate_keys(self, format)
  return pub
end

#from_rsa(key) ⇒ Object

Given an RSA private key, it decrypts the data string back into the original text.



64
65
66
67
68
 
# File 'lib/securize_string/rsa_methods.rb', line 64

def from_rsa(key)
  key = OpenSSL::PKey::RSA.new(key)
  plain_text = key.private? ? key.private_decrypt(self.to_s) : key.public_decrypt(self.to_s)
  return self.class.new(plain_text)
end

#private_rsa_key?Boolean

Interpret the conents of the string as an RSA key, and determine if it is private.

Returns:

  • (Boolean) 


104
105
106
107
 
# File 'lib/securize_string/rsa_methods.rb', line 104

def private_rsa_key?
  key = OpenSSL::PKey::RSA.new(self.to_s)
  return key.private?
end

#public_rsa_key?Boolean

Interpret the conetents of the string as an RSA key, and determine if it is public.

Even though private keys contain all the information necessary to reconstitute a public key, this method returns false. This is in contrast to the behavior of OpenSSL::PKey::RSA, which return true for both public and private checks with a private key (since it reconstituted the public key and it is available for use).

Returns:

  • (Boolean) 


98
99
100
101
 
# File 'lib/securize_string/rsa_methods.rb', line 98

def public_rsa_key?
  # There is an interesting bug I came across, where +public?+ can be true on a private key!
  return !private_rsa_key?
end

#sign(private_key, digest_method = 'SHA-256') ⇒ Object

Signs the given message using hte given private key.

By default, verifies using SHA256, but another digest method can be given using the list of DigestFinder supported digests.



74
75
76
77
78
 
# File 'lib/securize_string/rsa_methods.rb', line 74

def sign(private_key, digest_method='SHA-256')
  digest_obj = DigestFinder.find(digest_method).new
  key = OpenSSL::PKey::RSA.new(private_key)
  return self.class.new( key.sign(digest_obj, self) )
end

#to_rsa(key) ⇒ Object

Given an RSA public key, it RSA encrypts the data string.

Note that the key must be 11 bytes longer than the data string or it doesn’t work.



57
58
59
60
61
 
# File 'lib/securize_string/rsa_methods.rb', line 57

def to_rsa(key)
  key = OpenSSL::PKey::RSA.new(key)        
  cipher_text = key.private? ? key.private_encrypt(self.to_s) : key.public_encrypt(self.to_s)
  return self.class.new(cipher_text)
end

#verify?(public_key, signature, digest_method = 'SHA-256') ⇒ Boolean

Verifies the given signature matches the messages digest, using the signer’s public key.

By default, verifies using SHA256, but another digest method can be given using the list of DigestFinder supported digests.

Returns:

  • (Boolean) 


85
86
87
88
89
 
# File 'lib/securize_string/rsa_methods.rb', line 85

def verify?(public_key, signature, digest_method='SHA-256')
  digest_obj = DigestFinder.find(digest_method).new
  key = OpenSSL::PKey::RSA.new(public_key)
  return key.verify(digest_obj, signature.to_s, self)
end