diff options
Diffstat (limited to 'ext/openssl/lib')
| -rw-r--r-- | ext/openssl/lib/openssl/pkey.rb | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/ext/openssl/lib/openssl/pkey.rb b/ext/openssl/lib/openssl/pkey.rb index 569559e1ce..dd8c7c0b09 100644 --- a/ext/openssl/lib/openssl/pkey.rb +++ b/ext/openssl/lib/openssl/pkey.rb @@ -243,5 +243,111 @@ module OpenSSL::PKey end end end + + # :call-seq: + # rsa.private_encrypt(string) -> String + # rsa.private_encrypt(string, padding) -> String + # + # Encrypt +string+ with the private key. +padding+ defaults to + # PKCS1_PADDING. The encrypted string output can be decrypted using + # #public_decrypt. + # + # <b>Deprecated in version 3.0</b>. + # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and + # PKey::PKey#verify_recover instead. + def private_encrypt(string, padding = PKCS1_PADDING) + n or raise OpenSSL::PKey::RSAError, "incomplete RSA" + private? or raise OpenSSL::PKey::RSAError, "private key needed." + begin + sign_raw(nil, string, { + "rsa_padding_mode" => translate_padding_mode(padding), + }) + rescue OpenSSL::PKey::PKeyError + raise OpenSSL::PKey::RSAError, $!.message + end + end + + # :call-seq: + # rsa.public_decrypt(string) -> String + # rsa.public_decrypt(string, padding) -> String + # + # Decrypt +string+, which has been encrypted with the private key, with the + # public key. +padding+ defaults to PKCS1_PADDING. + # + # <b>Deprecated in version 3.0</b>. + # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and + # PKey::PKey#verify_recover instead. + def public_decrypt(string, padding = PKCS1_PADDING) + n or raise OpenSSL::PKey::RSAError, "incomplete RSA" + begin + verify_recover(nil, string, { + "rsa_padding_mode" => translate_padding_mode(padding), + }) + rescue OpenSSL::PKey::PKeyError + raise OpenSSL::PKey::RSAError, $!.message + end + end + + # :call-seq: + # rsa.public_encrypt(string) -> String + # rsa.public_encrypt(string, padding) -> String + # + # Encrypt +string+ with the public key. +padding+ defaults to + # PKCS1_PADDING. The encrypted string output can be decrypted using + # #private_decrypt. + # + # <b>Deprecated in version 3.0</b>. + # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead. + def public_encrypt(data, padding = PKCS1_PADDING) + n or raise OpenSSL::PKey::RSAError, "incomplete RSA" + begin + encrypt(data, { + "rsa_padding_mode" => translate_padding_mode(padding), + }) + rescue OpenSSL::PKey::PKeyError + raise OpenSSL::PKey::RSAError, $!.message + end + end + + # :call-seq: + # rsa.private_decrypt(string) -> String + # rsa.private_decrypt(string, padding) -> String + # + # Decrypt +string+, which has been encrypted with the public key, with the + # private key. +padding+ defaults to PKCS1_PADDING. + # + # <b>Deprecated in version 3.0</b>. + # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead. + def private_decrypt(data, padding = PKCS1_PADDING) + n or raise OpenSSL::PKey::RSAError, "incomplete RSA" + private? or raise OpenSSL::PKey::RSAError, "private key needed." + begin + decrypt(data, { + "rsa_padding_mode" => translate_padding_mode(padding), + }) + rescue OpenSSL::PKey::PKeyError + raise OpenSSL::PKey::RSAError, $!.message + end + end + + PKCS1_PADDING = 1 + SSLV23_PADDING = 2 + NO_PADDING = 3 + PKCS1_OAEP_PADDING = 4 + + private def translate_padding_mode(num) + case num + when PKCS1_PADDING + "pkcs1" + when SSLV23_PADDING + "sslv23" + when NO_PADDING + "none" + when PKCS1_OAEP_PADDING + "oaep" + else + raise OpenSSL::PKey::PKeyError, "unsupported padding mode" + end + end end end |