feat: make it easy for signer/verifier to transmit keys over the network

Author: grzuy

README.md

@@ -37,9 +37,10 @@ signing_key = algorithm.generate_signing_key
 signature = algorithm.sign(to_be_signed)
 
 # Signer sends verify key to Verifier
-verify_key = signing_key.verify_key
+verify_key_string = signing_key.verify_key.serialize
 
 # Verifier
+verify_key = OpenSSL::SignatureAlgorithm::ECDSA::VerifyKey.deserialize(verify_key_string)
 algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("256")
 algorithm.verify_key = verify_key
 algorithm.verify(signature, to_be_signed)
@@ -56,9 +57,10 @@ signing_key = algorithm.generate_signing_key
 signature = algorithm.sign(to_be_signed)
 
 # Signer sends verify key to Verifier
-verify_key = signing_key.verify_key
+verify_key_string = signing_key.verify_key.serialize
 
 # Verifier
+verify_key = OpenSSL::SignatureAlgorithm::RSAPSS::VerifyKey.deserialize(verify_key_string)
 algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new("256")
 algorithm.verify_key = verify_key
 algorithm.verify(signature, to_be_signed)
@@ -75,9 +77,10 @@ signing_key = algorithm.generate_signing_key
 signature = algorithm.sign(to_be_signed)
 
 # Signer sends verify key to Verifier
-verify_key = signing_key.verify_key
+verify_key_string = signing_key.verify_key.serialize
 
 # Verifier
+verify_key = OpenSSL::SignatureAlgorithm::RSAPKCS1::VerifyKey.deserialize(verify_key_string)
 algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new("256")
 algorithm.verify_key = verify_key
 algorithm.verify(signature, to_be_signed)

lib/openssl/signature_algorithm/ecdsa.rb

@@ -19,10 +19,25 @@ def verify_key
       end
 
       class VerifyKey < OpenSSL::PKey::EC::Point
-        def verify(*args)
-          ec_key = OpenSSL::PKey::EC.new(group)
-          ec_key.public_key = self
+        def self.deserialize(pem_string)
+          new(OpenSSL::PKey::EC.new(pem_string).public_key)
+        end
+
+        def serialize
+          ec_key.to_pem
+        end
 
+        def ec_key
+          @ec_key ||=
+            begin
+              ec_key = OpenSSL::PKey::EC.new(group)
+              ec_key.public_key = self
+
+              ec_key
+            end
+        end
+
+        def verify(*args)
           ec_key.verify(*args)
         end
       end

lib/openssl/signature_algorithm/rsapkcs1.rb

@@ -8,7 +8,17 @@ module SignatureAlgorithm
     class RSAPKCS1 < Base
       class SigningKey < OpenSSL::PKey::RSA
         def verify_key
-          public_key
+          VerifyKey.new(public_key.to_pem)
+        end
+      end
+
+      class VerifyKey < OpenSSL::PKey::RSA
+        class << self
+          alias_method :deserialize, :new
+        end
+
+        def serialize
+          to_pem
         end
       end
 

lib/openssl/signature_algorithm/rsapss.rb

@@ -8,7 +8,17 @@ module SignatureAlgorithm
     class RSAPSS < Base
       class SigningKey < OpenSSL::PKey::RSA
         def verify_key
-          public_key
+          VerifyKey.new(public_key.to_pem)
+        end
+      end
+
+      class VerifyKey < OpenSSL::PKey::RSA
+        class << self
+          alias_method :deserialize, :new
+        end
+
+        def serialize
+          to_pem
         end
       end
 

spec/openssl/signature_algorithm/ecdsa_spec.rb

@@ -12,9 +12,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::ECDSA::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("256")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
@@ -29,9 +30,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::ECDSA::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("384")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
@@ -46,9 +48,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::ECDSA::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("512")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)

spec/openssl/signature_algorithm/rsapkcs1_spec.rb

@@ -12,9 +12,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::RSAPKCS1::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new("256")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
@@ -29,9 +30,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::RSAPKCS1::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new("384")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
@@ -46,9 +48,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::RSAPKCS1::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::RSAPKCS1.new("512")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)

spec/openssl/signature_algorithm/rsapss_spec.rb

@@ -18,9 +18,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::RSAPSS::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new("256")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
@@ -35,9 +36,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::RSAPSS::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new("384")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
@@ -52,9 +54,10 @@
     signature = algorithm.sign(to_be_signed)
 
     # Signer sends verify key to Verifier
-    verify_key = signing_key.verify_key
+    verify_key_string = signing_key.verify_key.serialize
 
     # Verifier
+    verify_key = OpenSSL::SignatureAlgorithm::RSAPSS::VerifyKey.deserialize(verify_key_string)
     algorithm = OpenSSL::SignatureAlgorithm::RSAPSS.new("512")
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)