module SecurizeString::RSAMethods::InstanceMethods

Adds instance methods for OpenSSL::PKey::RSA support via inclusion of SecurizeString::RSAMethods to a class.

Public Instance Methods

extract_public_key(format = :pem) click to toggle source

Interpret the contents of hte string asn a RSA private key, and extract the public key from it. If the contents are not a private key, then it will raise an exception.

# File lib/securize_string/rsa_methods.rb, line 112
def extract_public_key(format = :pem)
  pvt, pub = self.class.separate_keys(self, format)
  return pub
end
from_rsa(key) click to toggle source

Given an RSA private key, it decrypts the data string back into the original text.

# File lib/securize_string/rsa_methods.rb, line 64
def from_rsa(key)
  key = OpenSSL::PKey::RSA.new(key)
  plain_text = key.private? ? key.private_decrypt(self.to_s) : key.public_decrypt(self.to_s)
  return self.class.new(plain_text)
end
private_rsa_key?() click to toggle source

Interpret the conents of the string as an RSA key, and determine if it is private.

# File lib/securize_string/rsa_methods.rb, line 104
def private_rsa_key?
  key = OpenSSL::PKey::RSA.new(self.to_s)
  return key.private?
end
public_rsa_key?() click to toggle source

Interpret the conetents of the string as an RSA key, and determine if it is public.

Even though private keys contain all the information necessary to reconstitute a public key, this method returns false. This is in contrast to the behavior of OpenSSL::PKey::RSA, which return true for both public and private checks with a private key (since it reconstituted the public key and it is available for use).

# File lib/securize_string/rsa_methods.rb, line 98
def public_rsa_key?
  # There is an interesting bug I came across, where +public?+ can be true on a private key!
  return !private_rsa_key?
end
sign(private_key, digest_method='SHA-256') click to toggle source

Signs the given message using hte given private key.

By default, verifies using SHA256, but another digest method can be given using the list of DigestFinder supported digests.

# File lib/securize_string/rsa_methods.rb, line 74
def sign(private_key, digest_method='SHA-256')
  digest_obj = DigestFinder.find(digest_method).new
  key = OpenSSL::PKey::RSA.new(private_key)
  return self.class.new( key.sign(digest_obj, self) )
end
to_rsa(key) click to toggle source

Given an RSA public key, it RSA encrypts the data string.

Note that the key must be 11 bytes longer than the data string or it doesn’t work.

# File lib/securize_string/rsa_methods.rb, line 57
def to_rsa(key)
  key = OpenSSL::PKey::RSA.new(key)        
  cipher_text = key.private? ? key.private_encrypt(self.to_s) : key.public_encrypt(self.to_s)
  return self.class.new(cipher_text)
end
verify?(public_key, signature, digest_method='SHA-256') click to toggle source

Verifies the given signature matches the messages digest, using the signer’s public key.

By default, verifies using SHA256, but another digest method can be given using the list of DigestFinder supported digests.

# File lib/securize_string/rsa_methods.rb, line 85
def verify?(public_key, signature, digest_method='SHA-256')
  digest_obj = DigestFinder.find(digest_method).new
  key = OpenSSL::PKey::RSA.new(public_key)
  return key.verify(digest_obj, signature.to_s, self)
end