Class: Linzer::Verifier
- Inherits:
-
Object
- Object
- Linzer::Verifier
- Defined in:
- lib/linzer/verifier.rb
Instance Attribute Summary collapse
-
#pubkeys ⇒ Object
readonly
Returns the value of attribute pubkeys.
Instance Method Summary collapse
-
#initialize(pubkeys = nil) ⇒ Verifier
constructor
A new instance of Verifier.
-
#verify(message) ⇒ Object
XXX: probably all this validation can be moved to the Message class.
Constructor Details
#initialize(pubkeys = nil) ⇒ Verifier
Returns a new instance of Verifier.
5 6 7 |
# File 'lib/linzer/verifier.rb', line 5 def initialize(pubkeys = nil) @pubkeys = Hash(pubkeys) end |
Instance Attribute Details
#pubkeys ⇒ Object (readonly)
Returns the value of attribute pubkeys.
9 10 11 |
# File 'lib/linzer/verifier.rb', line 9 def pubkeys @pubkeys end |
Instance Method Details
#verify(message) ⇒ Object
XXX: probably all this validation can be moved to the Message class
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/linzer/verifier.rb', line 12 def verify() validate signature_input = parse_field(, "signature-input") signature = parse_field(, "signature") # XXX: this is a self-imposed limitation, fix later reject_multiple(signature) choosen_signature = signature.keys[0] if !signature_input.key?(choosen_signature) raise Error.new "Signature \"#{choosen_signature}\" is not found." end covered_components = signature_input[choosen_signature].to_a signature_parameters = signature_input[choosen_signature].parameters signature_value = signature[choosen_signature].value # XXX to-do: have a mechanism to inspect components and parameters check_key_presence signature_parameters check_components , covered_components signature_base = build_signature_base(, signature_input) # XXX to-do: get rid of this hard-coded SHA512 values, support more algs key = pubkeys[signature_parameters["keyid"]] if !key.verify_pss("SHA512", signature_value, signature_base, salt_length: :auto, mgf1_hash: "SHA512") raise Error.new "Failed to verify message: Invalid signature." end true end |