Class: Minisign::PublicKey

Inherits:

Object

• Object
• Minisign::PublicKey

Defined in:

lib/minisign.rb

Overview

Parse ed25519 verify key from minisign public key

Instance Method Summary

• #initialize(str) ⇒ PublicKey constructor

  Parse the ed25519 verify key from the minisign public key.

• #key_id ⇒ String

  The key id.

• #verify(sig, message) ⇒ String

  Verify a message’s signature.

Constructor Details

#initialize(str) ⇒ PublicKey

Parse the ed25519 verify key from the minisign public key

Examples:

Minisign::PublicKey.new('RWTg6JXWzv6GDtDphRQ/x7eg0LaWBcTxPZ7i49xEeiqXVcR+r79OZRWM')

Parameters:

• str (String) —

  The minisign public key

# File 'lib/minisign.rb', line 58

def initialize(str)
  @decoded = Base64.strict_decode64(str)
  @public_key = @decoded[10..]
  @verify_key = Ed25519::VerifyKey.new(@public_key)
end

Instance Method Details

#key_id ⇒ String

Returns the key id.

Examples:

Minisign::PublicKey.new('RWTg6JXWzv6GDtDphRQ/x7eg0LaWBcTxPZ7i49xEeiqXVcR+r79OZRWM').key_id
#=> "E86FECED695E8E0"

Returns:

• (String) —

  the key id

# File 'lib/minisign.rb', line 68

def key_id
  @decoded[2..9].bytes.map { |c| c.to_s(16) }.reverse.join.upcase
end

#verify(sig, message) ⇒ String

Verify a message’s signature

Parameters:

• sig (Minisign::Signature)
• message (String) —

  the content that was signed

Returns:

• (String) —

  the trusted comment

Raises:

• Ed25519::VerifyError on invalid signatures

• RuntimeError on tampered trusted comments

# File 'lib/minisign.rb', line 79

def verify(sig, message)
  blake = OpenSSL::Digest.new('BLAKE2b512')
  ensure_matching_key_ids(sig.key_id, key_id)
  @verify_key.verify(sig.signature, blake.digest(message))
  begin
    @verify_key.verify(sig.trusted_comment_signature, sig.signature + sig.trusted_comment)
  rescue Ed25519::VerifyError
    raise 'Comment signature verification failed'
  end
  "Signature and comment signature verified\nTrusted comment: #{sig.trusted_comment}"
end