Ruby openssl?

Hi,

I've just begun a project where I'd like to do public
key encryption, and have been looking for docs and/or
examples using the ruby openssl library.

So far, I've found:
http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc/index.html
and:
http://www.nongnu.org/rubypki/README
which have been of limited help so far.

So I figured I'd download the source... The RAA page leads
me to: http://www.nongnu.org/rubypki/ , however the download
link there is broken.

The CVS browser seems to be working, but there are two
projects, "ossl", and "ossl2". I'm not sure which is
the most current / appropriate to checkout. Neither
seems to have any files recently modified, although the
README link above warns, "All code is under development -
API/method names can change."

If anyone can help with either a) finding the correct
source to download, and/or b) finding some documentation
and example code, I'd be grateful.. maybe even ebullient..

Thanks!

Regards,

Bill

Hi,

I've just begun a project where I'd like to do public
key encryption, and have been looking for docs and/or
examples using the ruby openssl library.

There should be a sample/openssl directory in the ruby tarball.

So I figured I'd download the source... The RAA page leads
me to: Ruby PKI , however the download
link there is broken.

ruby 1.8 includes OpenSSL, so you just need the ruby tarball. The source of openssl itself is probably not worth looking at (but sample/openssl might be).

There should be a sample/openssl directory in the ruby tarball.

> So I figured I'd download the source... The RAA page leads
> me to: Ruby PKI , however the download
> link there is broken.

ruby 1.8 includes OpenSSL, so you just need the ruby tarball. The
source of openssl itself is probably not worth looking at (but sample/
openssl might be).

Thanks! .... Hmm..

Anyone know what I'm doing wrong here? I generated a
public/private key pair, then tried to sign some data
and verify the signature:

irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> include OpenSSL
=> Object
irb(main):003:0> keypair = PKey::RSA.new(1024)
=> -----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
irb(main):004:0> sig = keypair.sign(Digest::MD5.new, "abcdefg")
=> "...binary-data..."
irb(main):005:0> keypair.verify(Digest::MD5.new, "abcdefg", sig)
=> false

...I was hoping the answer would be "true". But I'm
pretty much guessing as to how to call these methods...

Thanks!

Regards,

Bill

Hi Bill,
In your verify statement you need to swap the sig and the data

Pelle

Hi Pelle,

>
> irb(main):004:0> sig = keypair.sign(Digest::MD5.new, "abcdefg")
> => "...binary-data..."
> irb(main):005:0> keypair.verify(Digest::MD5.new, "abcdefg", sig)

In your verify statement you need to swap the sig and the data

D'oh !!!! Thanks. I was looking at http://www.nongnu.org/rubypki/README
for reference, which shows, for PKey::RSA,

  .sign(oDigest::ANY, sData) => sSig
  .verify(oDigest::ANY, sData, sSig) => bResult

...guess that document is out of date

Thanks,

Bill