Class: Sigstore::Internal::Keyring

Inherits:

Object

Object
Sigstore::Internal::Keyring

show all

Defined in:: lib/sigstore/internal/keyring.rb

Instance Method Summary collapse

#initialize(keys:) ⇒ Keyring constructor

A new instance of Keyring.
#verify(key_id:, signature:, data:) ⇒ Object

Constructor Details

#initialize(keys:) ⇒ `Keyring`

Returns a new instance of Keyring.

# File 'lib/sigstore/internal/keyring.rb', line 20

def initialize(keys:)
  @keyring = {}
  keys.each do |key|
    raise Error, "Duplicate key id #{key.key_id} in keyring" if @keyring.key?(key.key_id)

    @keyring[key.key_id] = key
  end
end

Instance Method Details

#verify(key_id:, signature:, data:) ⇒ `Object`

# File 'lib/sigstore/internal/keyring.rb', line 29

def verify(key_id:, signature:, data:)
  key = @keyring.fetch(key_id) { raise KeyError, "key not found: #{key_id.inspect}, known: #{@keyring.keys}" }

  return true if key.verify("SHA256", signature, data)

  raise(Error::InvalidSignature,
        "invalid signature: #{signature.inspect} over #{data.inspect} with key #{key_id.inspect}")
rescue OpenSSL::PKey::PKeyError => e
  raise(Error::InvalidSignature,
        "#{e}: invalid signature: #{signature.inspect} over #{data.inspect} with key #{key_id.inspect}")
end

Class: Sigstore::Internal::Keyring

Instance Method Summary collapse

Constructor Details

#initialize(keys:) ⇒ Keyring

Instance Method Details

#verify(key_id:, signature:, data:) ⇒ Object

#initialize(keys:) ⇒ `Keyring`

#verify(key_id:, signature:, data:) ⇒ `Object`