OpenSSL::PKey::EC
class OpenSSL::PKey::EC
父类:OpenSSL::PKey::PKey
OpenSSL :: PKey :: EC提供对椭圆曲线数字签名算法(ECDSA)和椭圆曲线Diffie-Hellman(ECDH)的访问。
密钥交换
ec1 = OpenSSL::PKey::EC.generate("prime256v1")
ec2 = OpenSSL::PKey::EC.generate("prime256v1")
# ec1 and ec2 have own private key respectively
shared_key1 = ec1.dh_compute_key(ec2.public_key)
shared_key2 = ec2.dh_compute_key(ec1.public_key)
p shared_key1 == shared_key2 #=> true
常量
EXPLICIT_CURVE NAMED_CURVE
公共类方法
builtin_curves → [sn, comment], ...()
通过OpenSSL获取所有预定义曲线的列表。曲线名称以sn的形式返回。
请参阅EC_get_builtin_curves()的OpenSSL文档。
static VALUE ossl_s_builtin_curves(VALUE self)
{
EC_builtin_curve *curves = NULL;
int n;
int crv_len = rb_long2int(EC_get_builtin_curves(NULL, 0)
VALUE ary, ret;
curves = ALLOCA_N(EC_builtin_curve, crv_len
if (curves == NULL)
return Qnil;
if (!EC_get_builtin_curves(curves, crv_len))
ossl_raise(rb_eRuntimeError, "EC_get_builtin_curves"
ret = rb_ary_new2(crv_len
for (n = 0; n < crv_len; n++) {
const char *sname = OBJ_nid2sn(curves[n].nid
const char *comment = curves[n].comment;
ary = rb_ary_new2(2
rb_ary_push(ary, rb_str_new2(sname)
rb_ary_push(ary, comment ? rb_str_new2(comment) : Qnil
rb_ary_push(ret, ary
}
return ret;
}
generate(ec_group) → ec显示源
generate(string) → ec
用新的随机私钥和公钥创建一个新的EC实例。
static VALUE
ossl_ec_key_s_generate(VALUE klass, VALUE arg)
{
EC_KEY *ec;
VALUE obj;
ec = ec_key_new_from_group(arg
obj = ec_instance(klass, ec
if (obj == Qfalse) {
EC_KEY_free(ec
ossl_raise(eECError, NULL
}
if (!EC_KEY_generate_key(ec))
ossl_raise(eECError, "EC_KEY_generate_key"
return obj;
}
OpenSSL::PKey::EC.new 显示源
OpenSSL::PKey::EC.new(ec_key)
OpenSSL::PKey::EC.new(ec_group)
OpenSSL::PKey::EC.new("secp112r1")
OpenSSL::PKey::EC.new(pem_string , pwd)
OpenSSL::PKey::EC.new(der_string)
Creates a new EC object from given arguments.
static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self)
{
EVP_PKEY *pkey;
EC_KEY *ec;
VALUE arg, pass;
GetPKey(self, pkey
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE)
ossl_raise(eECError, "EC_KEY already initialized"
rb_scan_args(argc, argv, "02", &arg, &pass
if (NIL_P(arg)) {
if (!(ec = EC_KEY_new()))
ossl_raise(eECError, NULL
} else if (rb_obj_is_kind_of(arg, cEC)) {
EC_KEY *other_ec = NULL;
SafeGetEC(arg, other_ec
if (!(ec = EC_KEY_dup(other_ec)))
ossl_raise(eECError, NULL
} else if (rb_obj_is_kind_of(arg, cEC_GROUP)) {
ec = ec_key_new_from_group(arg
} else {
BIO *in;
pass = ossl_pem_passwd_value(pass
in = ossl_obj2bio(arg
ec = PEM_read_bio_ECPrivateKey(in, NULL, ossl_pem_passwd_cb, (void *)pass
if (!ec) {
OSSL_BIO_reset(in
ec = PEM_read_bio_EC_PUBKEY(in, NULL, ossl_pem_passwd_cb, (void *)pass
}
if (!ec) {
OSSL_BIO_reset(in
ec = d2i_ECPrivateKey_bio(in, NULL
}
if (!ec) {
OSSL_BIO_reset(in
ec = d2i_EC_PUBKEY_bio(in, NULL
}
BIO_free(in
if (!ec) {
ossl_clear_error(
ec = ec_key_new_from_group(arg
}
}
if (!EVP_PKEY_assign_EC_KEY(pkey, ec)) {
EC_KEY_free(ec
ossl_raise(eECError, "EVP_PKEY_assign_EC_KEY"
}
return self;
}
公共实例方法
check_key → true 显示源
如果密钥无效,则引发异常。
有关EC_KEY_check_key()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_check_key(VALUE self)
{
EC_KEY *ec;
GetEC(self, ec
if (EC_KEY_check_key(ec) != 1)
ossl_raise(eECError, "EC_KEY_check_key"
return Qtrue;
}
dh_compute_key(pubkey) → String 显示源
请参阅ECDH_compute_key()的OpenSSL文档
static VALUE ossl_ec_key_dh_compute_key(VALUE self, VALUE pubkey)
{
EC_KEY *ec;
EC_POINT *point;
int buf_len;
VALUE str;
GetEC(self, ec
SafeGetECPoint(pubkey, point
/* BUG: need a way to figure out the maximum string size */
buf_len = 1024;
str = rb_str_new(0, buf_len
/* BUG: take KDF as a block */
buf_len = ECDH_compute_key(RSTRING_PTR(str), buf_len, point, ec, NULL
if (buf_len < 0)
ossl_raise(eECError, "ECDH_compute_key"
rb_str_resize(str, buf_len
return str;
}
dsa_sign_asn1(data) → String 显示源
有关ECDSA_sign()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_dsa_sign_asn1(VALUE self, VALUE data)
{
EC_KEY *ec;
unsigned int buf_len;
VALUE str;
GetEC(self, ec
StringValue(data
if (EC_KEY_get0_private_key(ec) == NULL)
ossl_raise(eECError, "Private EC key needed!"
str = rb_str_new(0, ECDSA_size(ec)
if (ECDSA_sign(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(str), &buf_len, ec) != 1)
ossl_raise(eECError, "ECDSA_sign"
rb_str_set_len(str, buf_len
return str;
}
dsa_verify_asn1(data, sig) → true or false 显示源
有关ECDSA_verify()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_dsa_verify_asn1(VALUE self, VALUE data, VALUE sig)
{
EC_KEY *ec;
GetEC(self, ec
StringValue(data
StringValue(sig
switch (ECDSA_verify(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(sig), (int)RSTRING_LEN(sig), ec)) {
case 1: return Qtrue;
case 0: return Qfalse;
default: break;
}
ossl_raise(eECError, "ECDSA_verify"
UNREACHABLE;
}
export(cipher, pass_phrase) → String 显示源
to_pem(cipher, pass_phrase) → String
以PEM编码输出EC密钥。如果cipher和pass_phrase给出,它们将用于加密密钥。cipher必须是OpenSSL :: Cipher实例。请注意,加密只对私钥有效,公钥始终以纯文本编码。
static VALUE ossl_ec_key_export(int argc, VALUE *argv, VALUE self)
{
VALUE cipher, passwd;
rb_scan_args(argc, argv, "02", &cipher, &passwd
return ossl_ec_key_to_string(self, cipher, passwd, EXPORT_PEM
}
另外别名为:to_pem
generate_key()
别名为:generate_key!
generate_key!→自己显示源码
生成一个新的随机私钥和公钥。
另请参阅EC_KEY_generate_key()的OpenSSL文档
例
ec = OpenSSL::PKey::EC.new("prime256v1")
p ec.private_key # => nil
ec.generate_key!
p ec.private_key # => #<OpenSSL::BN XXXXXX>
static VALUE ossl_ec_key_generate_key(VALUE self)
{
EC_KEY *ec;
GetEC(self, ec
if (EC_KEY_generate_key(ec) != 1)
ossl_raise(eECError, "EC_KEY_generate_key"
return self;
}
另外别名为:generate_key
group → group 显示源
返回密钥关联的EC :: Group。修改返回的组不会影响key。
static VALUE
ossl_ec_key_get_group(VALUE self)
{
EC_KEY *ec;
const EC_GROUP *group;
GetEC(self, ec
group = EC_KEY_get0_group(ec
if (!group)
return Qnil;
return ec_group_new(group
}
group = group 显示源
设置密钥的EC ::组。组结构在内部复制,因此group在分配给密钥后修改为对密钥没有影响。
static VALUE
ossl_ec_key_set_group(VALUE self, VALUE group_v)
{
EC_KEY *ec;
EC_GROUP *group;
GetEC(self, ec
SafeGetECGroup(group_v, group
if (EC_KEY_set_group(ec, group) != 1)
ossl_raise(eECError, "EC_KEY_set_group"
return group_v;
}
private? → true or false 显示源
返回此EC实例是否有私钥。私钥(BN)可以用#private_key检索。
static VALUE ossl_ec_key_is_private(VALUE self)
{
EC_KEY *ec;
GetEC(self, ec
return EC_KEY_get0_private_key(ec) ? Qtrue : Qfalse;
}
另外别名为:private_key?
private_key → OpenSSL::BN 显示源
有关EC_KEY_get0_private_key()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_get_private_key(VALUE self)
{
EC_KEY *ec;
const BIGNUM *bn;
GetEC(self, ec
if ((bn = EC_KEY_get0_private_key(ec)) == NULL)
return Qnil;
return ossl_bn_new(bn
}
private_key = openssl_bn 显示源
有关EC_KEY_set_private_key()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_set_private_key(VALUE self, VALUE private_key)
{
EC_KEY *ec;
BIGNUM *bn = NULL;
GetEC(self, ec
if (!NIL_P(private_key))
bn = GetBNPtr(private_key
switch (EC_KEY_set_private_key(ec, bn)) {
case 1:
break;
case 0:
if (bn == NULL)
break;
default:
ossl_raise(eECError, "EC_KEY_set_private_key"
}
return private_key;
}
private_key?()
别名为:私人?
上市?→true或false显示来源
返回此EC实例是否有公钥。公钥(EC :: Point)可以用#public_key检索。
static VALUE ossl_ec_key_is_public(VALUE self)
{
EC_KEY *ec;
GetEC(self, ec
return EC_KEY_get0_public_key(ec) ? Qtrue : Qfalse;
}
另外别名为:public_key?
public_key→OpenSSL :: PKey :: EC :: Point显示源文件
有关EC_KEY_get0_public_key()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_get_public_key(VALUE self)
{
EC_KEY *ec;
const EC_POINT *point;
GetEC(self, ec
if ((point = EC_KEY_get0_public_key(ec)) == NULL)
return Qnil;
return ec_point_new(point, EC_KEY_get0_group(ec)
}
public_key = ec_point 显示源
有关EC_KEY_set_public_key()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_set_public_key(VALUE self, VALUE public_key)
{
EC_KEY *ec;
EC_POINT *point = NULL;
GetEC(self, ec
if (!NIL_P(public_key))
SafeGetECPoint(public_key, point
switch (EC_KEY_set_public_key(ec, point)) {
case 1:
break;
case 0:
if (point == NULL)
break;
default:
ossl_raise(eECError, "EC_KEY_set_public_key"
}
return public_key;
}
public_key?()
别名为:public?
to_der→字符串显示源
请参阅i2d_ECPrivateKey_bio()的OpenSSL文档
static VALUE ossl_ec_key_to_der(VALUE self)
{
return ossl_ec_key_to_string(self, Qnil, Qnil, EXPORT_DER
}
to_pem(p1 = v1, p2 = v2)
别名为:导出
to_text → String 显示源
有关EC_KEY_print()的信息,请参阅OpenSSL文档
static VALUE ossl_ec_key_to_text(VALUE self)
{
EC_KEY *ec;
BIO *out;
VALUE str;
GetEC(self, ec
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eECError, "BIO_new(BIO_s_mem())"
}
if (!EC_KEY_print(out, ec, 0)) {
BIO_free(out
ossl_raise(eECError, "EC_KEY_print"
}
str = ossl_membio2str(out
return str;
}
