Module: Linzer

Extended by:

Key::Helper

Defined in:

lib/linzer/message/adapter/http_gem/response.rb,
lib/linzer.rb,
lib/linzer/key.rb,
lib/linzer/rsa.rb,
lib/linzer/hmac.rb,
lib/linzer/http.rb,
lib/linzer/ecdsa.rb,
lib/linzer/common.rb,
lib/linzer/signer.rb,
lib/linzer/ed25519.rb,
lib/linzer/message.rb,
lib/linzer/options.rb,
lib/linzer/rsa_pss.rb,
lib/linzer/version.rb,
lib/linzer/verifier.rb,
lib/linzer/signature.rb,
lib/linzer/key/helper.rb,
lib/linzer/http/bootstrap.rb,
lib/linzer/message/wrapper.rb,
lib/linzer/http/signature_feature.rb,
lib/linzer/message/adapter/abstract.rb,
lib/linzer/message/adapter/rack/common.rb,
lib/linzer/message/adapter/rack/request.rb,
lib/linzer/message/adapter/rack/response.rb,
lib/linzer/message/adapter/http_gem/request.rb,
lib/linzer/message/adapter/net_http/request.rb,
lib/linzer/message/adapter/net_http/response.rb

Overview

Example HTTP message adapter for HTTP::Response class from http ruby gem. github.com/httprb/http It’s not required automatically to avoid making http gem a dependency.

Defined Under Namespace

Modules: Common, ECDSA, Ed25519, HMAC, HTTP, Options, RSA, RSAPSS, Signer, Verifier Classes: Error, Key, Message, Signature, SigningError, VerifyError

Constant Summary

VERSION =

"0.7.1"

Class Method Summary

• .sign(key, message, components, options = {}) ⇒ Object
• .sign!(request_or_response, **args) ⇒ Object
• .verify(pubkey, message, signature, no_older_than: nil) ⇒ Object
• .verify!(request_or_response, key: nil, no_older_than: 900) ⇒ Object

Methods included from Key::Helper

generate_ecdsa_p256_sha256_key, generate_ecdsa_p384_sha384_key, generate_ed25519_key, generate_hmac_sha256_key, generate_rsa_pss_sha512_key, generate_rsa_v1_5_sha256_key, new_ecdsa_p256_sha256_key, new_ecdsa_p384_sha384_key, new_ed25519_key, new_ed25519_public_key, new_hmac_sha256_key, new_rsa_pss_sha512_key, new_rsa_pss_sha512_public_key, new_rsa_v1_5_sha256_key, new_rsa_v1_5_sha256_public_key

Class Method Details

.sign(key, message, components, options = {}) ⇒ Object

# File 'lib/linzer.rb', line 43

def sign(key, message, components, options = {})
  Linzer::Signer.sign(key, message, components, options)
end

.sign!(request_or_response, **args) ⇒ Object

# File 'lib/linzer.rb', line 47

def sign!(request_or_response, **args)
  message = Message.new(request_or_response)
  options = {}

  label = args[:label]
  options[:label] = label if label
  options.merge!(args.fetch(:params, {}))

  key = args.fetch(:key)
  signature = Linzer::Signer.sign(key, message, args.fetch(:components), options)
  message.attach!(signature)
end

.verify(pubkey, message, signature, no_older_than: nil) ⇒ Object

# File 'lib/linzer.rb', line 39

def verify(pubkey, message, signature, no_older_than: nil)
  Linzer::Verifier.verify(pubkey, message, signature, no_older_than: no_older_than)
end

.verify!(request_or_response, key: nil, no_older_than: 900) ⇒ Object

Raises:

• (Linzer::Error)

# File 'lib/linzer.rb', line 60

def verify!(request_or_response, key: nil, no_older_than: 900)
  message = Message.new(request_or_response)
  signature = Signature.build(message.headers.slice("signature", "signature-input"))
  keyid = signature.parameters["keyid"]
  raise Linzer::Error, "key not found" if !key && !keyid
  verify_key = block_given? ? (yield keyid) : key
  Linzer.verify(verify_key, message, signature, no_older_than: no_older_than)
end