README_DIGITAL_SIGNATURES

Path: README_DIGITAL_SIGNATURES
Last Update: Tue Sep 12 13:19:37 CEST 2006

EzSig - Easy to use Digital Signatures for Ruby

EzSig is based on OpenSSL and allows you to do create and verify digital signatures in Ruby without learning too much crypto goobledegook.

Features

  • Simple Signer class
  • Simple Verifier class
  • Certificate sub class of Verifier which lets you read the certificate data in clear ruby.

Installation

Download it from here:

rubyforge.org/frs/?group_id=755

or install it via Ruby Gems:

        gem install ezruby

Simple examples

Load Private key and sign

        signer=EzCrypto::Signer.from_file "testsigner.pem"
        sig=signer.sign "hello"

Load Certificate and verify

        cert=EzCrypto::Verifier.from_file "testsigner.cert"
        cert.verify( sig,"hello")

Query Certificate for information

        assert_equal cert.email,"pelleb@gmail.com"
        assert_equal cert.country,"DK"
        assert_equal cert.state,"Denmark"
        assert_equal cert.locality,"Copenhagen"

PKYP integration

pkyp.org allows you register your public keys and certificates on a public server. If you have web applications with certificates or public keys you can point your users at pkyp.org/{key.digest} for more info about a certificate.

Register a public key or certificate at PKYP with the new method register_with_pkyp like this:

        signer=EzCrypto::Signer.generate
        signer.verifier.register_with_pkyp

If you have the public key or certificate digest you can fetch the full public key or certificate like this:

        verifier=EzCrypto::Verifier.from_pkyp "e93e18114cbefaaa89fda908b09df63d3662879a"
        verifier.verify sig, request_text

This allows a simpler way of transfering certificates. The idea of including certificates with every request is not really necessary in an online world. For example you could pass the digest in a HTTP header for a REST web services request.

[Validate]