Class: RSA::KeyPair

Inherits:

Object

• Object
• RSA::KeyPair

Defined in:

lib/rsa/openssl.rb,
lib/rsa/key_pair.rb

Overview

An RSA key pair.

Refer to PKCS #1 v2.1, section 3, pp. 6-8.

See Also:

• http://www.rsa.com/rsalabs/node.asp?id=2125
• http://en.wikipedia.org/wiki/Public-key_cryptography

Instance Attribute Summary

• #private_key ⇒ Key (also: #private) readonly

  The RSA private key.

• #public_key ⇒ Key (also: #public) readonly

  The RSA public key.

Class Method Summary

• .generate(bits, exponent = 65537) ⇒ KeyPair

  Generates a new RSA key pair of length ‘bits`.

Instance Method Summary

• #bitsize ⇒ Integer (also: #size)

  Returns the bit size of this key pair.

• #bytesize ⇒ Integer

  Returns the byte size of this key pair.

• #decrypt(ciphertext, options = {}) ⇒ Object

  Decrypts the given ‘ciphertext` using the private key from this key pair.

• #encrypt(plaintext, options = {}) ⇒ Object

  Encrypts the given ‘plaintext` using the public key from this key pair.

• #initialize(private_key, public_key, options = {}) ⇒ KeyPair constructor

  Initializes a new key pair.

• #modulus ⇒ Integer (also: #n)

  Returns the RSA modulus for this key pair.

• #private_key? ⇒ Boolean (also: #private?)

  Returns ‘true` if this key pair contains a private key.

• #public_key? ⇒ Boolean (also: #public?)

  Returns ‘true` if this key pair contains a public key.

• #sign(plaintext, options = {}) ⇒ Object

  Signs the given ‘plaintext` using the private key from this key pair.

• #to_hash ⇒ Hash

  Returns a hash table representation of this key pair.

• #to_openssl ⇒ OpenSSL::PKey::RSA

  Returns this key pair as an ‘OpenSSL::PKey::RSA` instance.

• #valid? ⇒ Boolean

  Returns ‘true` if this is a valid RSA key pair according to PKCS #1.

• #verify(signature, plaintext, options = {}) ⇒ Boolean

  Verifies the given ‘signature` using the public key from this key pair.

Constructor Details

#initialize(private_key, public_key, options = {}) ⇒ KeyPair

Initializes a new key pair.

Parameters:

• private_key (Key)
• public_key (Key)
• options (Hash{Symbol => Object}) (defaults to: {})

# File 'lib/rsa/key_pair.rb', line 30

def initialize(private_key, public_key, options = {})
  @private_key = private_key
  @public_key  = public_key
  @options     = options.dup
end

Instance Attribute Details

#private_key ⇒ Key (readonly) Also known as: private

The RSA private key.

Returns:

• (Key)

# File 'lib/rsa/key_pair.rb', line 14

def private_key
  @private_key
end

#public_key ⇒ Key (readonly) Also known as: public

The RSA public key.

Returns:

• (Key)

# File 'lib/rsa/key_pair.rb', line 21

def public_key
  @public_key
end

Class Method Details

.generate(bits, exponent = 65537) ⇒ KeyPair

Generates a new RSA key pair of length ‘bits`.

By default, the public exponent will be 65537 (0x10001) as recommended by PKCS #1.

Parameters:

• bits (Integer, #to_i)
• exponent (Integer, #to_i) (defaults to: 65537)

Returns:

• (KeyPair)

# File 'lib/rsa/openssl.rb', line 16

def self.generate(bits, exponent = 65537)
  pkey = ::OpenSSL::PKey::RSA.generate(bits.to_i, exponent.to_i)
  n, d, e = pkey.n.to_i, pkey.d.to_i, pkey.e.to_i
  self.new(Key.new(n, d), Key.new(n, e))
end

Instance Method Details

#bitsize ⇒ Integer Also known as: size

Returns the bit size of this key pair.

Returns:

• (Integer)

# File 'lib/rsa/key_pair.rb', line 76

def bitsize
  Math.log2(modulus).ceil
end

#bytesize ⇒ Integer

Returns the byte size of this key pair.

Returns:

• (Integer)

# File 'lib/rsa/key_pair.rb', line 68

def bytesize
  Math.log256(modulus).ceil
end

#decrypt(ciphertext, options = {}) ⇒ Integer #decrypt(ciphertext, options = {}) ⇒ String

Decrypts the given ‘ciphertext` using the private key from this key pair.

Overloads:

• #decrypt(ciphertext, options = {}) ⇒ Integer

  Parameters:

  • ciphertext (Integer)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (Integer)
• #decrypt(ciphertext, options = {}) ⇒ String

  Parameters:

  • ciphertext (String, IO, StringIO)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (String)

Parameters:

• ciphertext (Object)
• options (Hash{Symbol => Object}) (defaults to: {})

Options Hash (options):

• :padding (Symbol, #to_sym) — default: nil

# File 'lib/rsa/key_pair.rb', line 144

def decrypt(ciphertext, options = {})
  case ciphertext
    when Integer      then decrypt_integer(ciphertext, options)
    when String       then PKCS1.i2osp(decrypt_integer(PKCS1.os2ip(ciphertext), options))
    when StringIO, IO then PKCS1.i2osp(decrypt_integer(PKCS1.os2ip(ciphertext.read), options))
    else raise ArgumentError, ciphertext.inspect # FIXME
  end
end

#encrypt(plaintext, options = {}) ⇒ Integer #encrypt(plaintext, options = {}) ⇒ String

Encrypts the given ‘plaintext` using the public key from this key pair.

Overloads:

• #encrypt(plaintext, options = {}) ⇒ Integer

  Parameters:

  • plaintext (Integer)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (Integer)
• #encrypt(plaintext, options = {}) ⇒ String

  Parameters:

  • plaintext (String, IO, StringIO)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (String)

Parameters:

• plaintext (Object)
• options (Hash{Symbol => Object}) (defaults to: {})

Options Hash (options):

• :padding (Symbol, #to_sym) — default: nil

# File 'lib/rsa/key_pair.rb', line 118

def encrypt(plaintext, options = {})
  case plaintext
    when Integer      then encrypt_integer(plaintext, options)
    when String       then PKCS1.i2osp(encrypt_integer(PKCS1.os2ip(plaintext), options))
    when StringIO, IO then PKCS1.i2osp(encrypt_integer(PKCS1.os2ip(plaintext.read), options))
    else raise ArgumentError, plaintext.inspect # FIXME
  end
end

#modulus ⇒ Integer Also known as: n

Returns the RSA modulus for this key pair.

Returns:

• (Integer)

# File 'lib/rsa/key_pair.rb', line 85

def modulus
  private_key ? private_key.modulus : public_key.modulus
end

#private_key? ⇒ Boolean Also known as: private?

Returns ‘true` if this key pair contains a private key.

Returns:

• (Boolean)

# File 'lib/rsa/key_pair.rb', line 40

def private_key?
  !!private_key
end

#public_key? ⇒ Boolean Also known as: public?

Returns ‘true` if this key pair contains a public key.

Returns:

• (Boolean)

# File 'lib/rsa/key_pair.rb', line 49

def public_key?
  !!public_key
end

#sign(plaintext, options = {}) ⇒ Integer #sign(plaintext, options = {}) ⇒ String

Signs the given ‘plaintext` using the private key from this key pair.

Overloads:

• #sign(plaintext, options = {}) ⇒ Integer

  Parameters:

  • plaintext (Integer)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (Integer)
• #sign(plaintext, options = {}) ⇒ String

  Parameters:

  • plaintext (String, IO, StringIO)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (String)

Parameters:

• plaintext (Object)
• options (Hash{Symbol => Object}) (defaults to: {})

Options Hash (options):

• :padding (Symbol, #to_sym) — default: nil

# File 'lib/rsa/key_pair.rb', line 169

def sign(plaintext, options = {})
  case plaintext
    when Integer      then sign_integer(plaintext, options)
    when String       then PKCS1.i2osp(sign_integer(PKCS1.os2ip(plaintext), options))
    when StringIO, IO then PKCS1.i2osp(sign_integer(PKCS1.os2ip(plaintext.read), options))
    else raise ArgumentError, plaintext.inspect # FIXME
  end
end

#to_hash ⇒ Hash

Returns a hash table representation of this key pair.

Examples:

key_pair.to_hash  #=> {:n => ..., :d => ..., :e => ...}

Returns:

• (Hash)

# File 'lib/rsa/key_pair.rb', line 97

def to_hash
  {:n => modulus, :d => private_key ? private_key.exponent : nil, :e => public_key ? public_key.exponent : nil}
end

#to_openssl ⇒ OpenSSL::PKey::RSA

Returns this key pair as an ‘OpenSSL::PKey::RSA` instance.

Returns:

• (OpenSSL::PKey::RSA)

# File 'lib/rsa/openssl.rb', line 26

def to_openssl
  @openssl_pkey ||= begin
    pkey   = ::OpenSSL::PKey::RSA.new
    pkey.n = private_key.modulus  if private_key?
    pkey.e = private_key.exponent if private_key?
    pkey.n ||= public_key.modulus if public_key?
    pkey.d = public_key.exponent  if public_key?
    pkey
  end
end

#valid? ⇒ Boolean

Returns ‘true` if this is a valid RSA key pair according to PKCS #1.

Returns:

• (Boolean)

See Also:

• RSA::Key#valid?

# File 'lib/rsa/key_pair.rb', line 60

def valid?
  private_key.valid? && public_key.valid?
end

#verify(signature, plaintext, options = {}) ⇒ Boolean #verify(signature, plaintext, options = {}) ⇒ Boolean

Verifies the given ‘signature` using the public key from this key pair.

Overloads:

• #verify(signature, plaintext, options = {}) ⇒ Boolean

  Parameters:

  • signature (Integer)
  • plaintext (Integer)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (Boolean)
• #verify(signature, plaintext, options = {}) ⇒ Boolean

  Parameters:

  • signature (String, IO, StringIO)
  • plaintext (String, IO, StringIO)
  • options (Hash{Symbol => Object}) (defaults to: {})

  Returns:

  • (Boolean)

Parameters:

• signature (Object)
• plaintext (Object)
• options (Hash{Symbol => Object}) (defaults to: {})

Options Hash (options):

• :padding (Symbol, #to_sym) — default: nil

Returns:

• (Boolean)

# File 'lib/rsa/key_pair.rb', line 199

def verify(signature, plaintext, options = {})
  signature = case signature
    when Integer      then signature
    when String       then PKCS1.os2ip(signature)
    when StringIO, IO then PKCS1.os2ip(signature.read)
    else raise ArgumentError, signature.inspect # FIXME
  end
  plaintext = case plaintext
    when Integer      then plaintext
    when String       then PKCS1.os2ip(plaintext)
    when StringIO, IO then PKCS1.os2ip(plaintext.read)
    else raise ArgumentError, plaintext.inspect # FIXME
  end
  verify_integer(signature, plaintext, options)
end