Type:
Class

A Simple Public Key Infrastructure implementation (pronounced “spookey”). The structure is defined as

PublicKeyAndChallenge ::= SEQUENCE {
  spki SubjectPublicKeyInfo,
  challenge IA5STRING
}

SignedPublicKeyAndChallenge ::= SEQUENCE {
  publicKeyAndChallenge PublicKeyAndChallenge,
  signatureAlgorithm AlgorithmIdentifier,
  signature BIT STRING
}

where the definitions of SubjectPublicKeyInfo and AlgorithmIdentifier can be found in RFC5280. SPKI is typically used in browsers for generating a public/private key pair and a subsequent certificate request, using the HTML <keygen> element.

Examples

Creating an SPKI 

key = OpenSSL::PKey::RSA.new 2048
spki = OpenSSL::Netscape::SPKI.new
spki.challenge = "RandomChallenge"
spki.public_key = key.public_key
spki.sign(key, OpenSSL::Digest::SHA256.new)
#send a request containing this to a server generating a certificate

Verifiying an SPKI request

request = #...
spki = OpenSSL::Netscape::SPKI.new request
unless spki.verify(spki.public_key)
  # signature is invalid
end
#proceed
to_pem

spki.to_pem => PEM-encoded string Instance Public methods Returns the PEM

2015-04-25 05:18:09
to_s

to_s() Instance Public methods Alias for:

2015-04-25 05:19:04
sign

spki.sign(key, digest) => spki Instance Public methods Parameters

2015-04-25 05:07:28
challenge=

spki.challenge = str => string Instance Public methods Parameters

2015-04-25 04:54:25
public_key

spki.public_key => pkey Instance Public methods Returns the public key associated

2015-04-25 05:00:51
new

SPKI.new([request]) => spki Class Public methods Parameters

2015-04-25 04:42:57
to_text

spki.to_text => string Instance Public methods Returns a textual representation

2015-04-25 05:23:53
to_der

spki.to_der => DER-encoded string Instance Public methods Returns the DER

2015-04-25 05:12:51
challenge

spki.challenge => string Instance Public methods Returns the challenge string

2015-04-25 04:49:25
verify

spki.verify(key) => boolean Instance Public methods Parameters

2015-04-25 05:24:53