module Origami::Signature
Constants
- PKCS1_RSA_SHA1
- PKCS7_DETACHED
- PKCS7_SHA1
Public Class Methods
compute(method, data, certificate, key, ca)
click to toggle source
Computes the signature using the specified subfilter method.
# File lib/origami/signature.rb, line 356 def self.compute(method, data, certificate, key, ca) case method when PKCS7_DETACHED OpenSSL::PKCS7.sign(certificate, key, data, ca, OpenSSL::PKCS7::DETACHED | OpenSSL::PKCS7::BINARY).to_der when PKCS7_SHA1 OpenSSL::PKCS7.sign(certificate, key, Digest::SHA1.digest(data), ca, OpenSSL::PKCS7::BINARY).to_der when PKCS1_RSA_SHA1 key.sign(OpenSSL::Digest::SHA1.new, data) else raise NotImplementedError, "Unsupported signature method #{method.inspect}" end end
required_size(method, certificate, key, ca)
click to toggle source
Computes the required size in bytes for storing the signature.
# File lib/origami/signature.rb, line 349 def self.required_size(method, certificate, key, ca) self.compute(method, "", certificate, key, ca).size end
verify(method, data, signature, store, flags)
click to toggle source
# File lib/origami/signature.rb, line 329 def self.verify(method, data, signature, store, flags) case method when PKCS7_DETACHED pkcs7 = OpenSSL::PKCS7.new(signature) raise SignatureError, "Not a PKCS7 detached signature" unless pkcs7.detached? flags |= OpenSSL::PKCS7::DETACHED pkcs7.verify([], store, data, flags) when PKCS7_SHA1 pkcs7 = OpenSSL::PKCS7.new(signature) pkcs7.verify([], store, nil, flags) and pkcs7.data == Digest::SHA1.digest(data) else raise NotImplementedError, "Unsupported signature method #{method.inspect}" end end