{"id":16344960,"url":"https://github.com/davidegrayson/ruby_ecdsa","last_synced_at":"2025-04-05T00:10:13.703Z","repository":{"id":15061862,"uuid":"17788071","full_name":"DavidEGrayson/ruby_ecdsa","owner":"DavidEGrayson","description":"This gem implements the Elliptic Curve Digital Signature Algorithm (ECDSA) almost entirely in pure Ruby.","archived":false,"fork":false,"pushed_at":"2024-07-08T02:04:56.000Z","size":136,"stargazers_count":110,"open_issues_count":4,"forks_count":19,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-04-03T19:14:34.724Z","etag":null,"topics":["cryptography","ecdsa","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DavidEGrayson.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":"Contributing.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-03-15T23:38:49.000Z","updated_at":"2025-03-12T01:04:24.000Z","dependencies_parsed_at":"2025-01-18T19:52:29.951Z","dependency_job_id":"78950db1-e372-43af-8939-62f09748116d","html_url":"https://github.com/DavidEGrayson/ruby_ecdsa","commit_stats":{"total_commits":145,"total_committers":3,"mean_commits":"48.333333333333336","dds":"0.020689655172413834","last_synced_commit":"00c5c3831a7d1db3ef300e2e31daced6c28f0323"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidEGrayson%2Fruby_ecdsa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidEGrayson%2Fruby_ecdsa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidEGrayson%2Fruby_ecdsa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidEGrayson%2Fruby_ecdsa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DavidEGrayson","download_url":"https://codeload.github.com/DavidEGrayson/ruby_ecdsa/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247266565,"owners_count":20910836,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","ecdsa","ruby"],"created_at":"2024-10-11T00:29:33.389Z","updated_at":"2025-04-05T00:10:13.687Z","avatar_url":"https://github.com/DavidEGrayson.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ECDSA gem for Ruby\n\n[![Build Status](https://travis-ci.org/DavidEGrayson/ruby_ecdsa.svg?branch=master)](https://travis-ci.org/DavidEGrayson/ruby_ecdsa)\n\nThis gem implements the Elliptic Curve Digital Signature Algorithm (ECDSA)\nalmost entirely in pure Ruby.  It aims to be easier to use and easier to\nunderstand than Ruby's\n[OpenSSL EC support](http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc/OpenSSL/PKey/EC.html).\nThis gem does use OpenSSL but it only uses it to decode and encode ASN1 strings\nfor ECDSA signatures.  All cryptographic calculations are done in pure Ruby.\n\nThe main classes of this gem are `ECDSA::Group`, `ECDSA::Point`, and\n`ECDSA::Signature`.  These classes operate on Ruby integers and do not deal at\nall with binary formatting.  Encoding and decoding of binary formats is solely\nhandled by classes under the `ECDSA::Format` module.\n\nYou can enter your own curve parameters by instantiating a new `ECDSA::Group`\nobject or you can use a pre-existing group object such as\n`ECDSA::Group::Secp256k1`.  The pre-existing groups can be seen in the\n`lib/ecdsa/group` folder, and include all the curves defined in\n[SEC2](http://www.secg.org/collateral/sec2_final.pdf) and\n[NIST's Recommended Elliptic Curves for Federal Government Use](http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf).\n\nThis gem does not use any randomness; all the algorithms are deterministic.\nIn order to sign a message, you must generate a secure random number _k_\nbetween 0 and the order of the group and pass it as an argument to `ECDSA.sign`.\nYou should take measures to ensure that you never use the same random number to\nsign two different messages, or else it would be easy for someone to compute\nyour private key from those two signatures.\n\nThis gem is hosted at the [DavidEGrayson/ruby_ecdsa github repository](https://github.com/DavidEGrayson/ruby_ecdsa).\n\n## Current limitations\n\n- This gem only supports fields of integers modulo a prime number\n  (_F\u003csub\u003ep\u003c/sub\u003e_).  ECDSA's characteristic 2 fields are not supported.\n- The algorithms have not been optimized for speed, and will probably never be,\n  because that would hinder the goal of helping people understand ECDSA.\n\nThis gem was not written by a cryptography expert and has not been carefully\nchecked.  It is provided \"as is\" and it is the user's responsibility to make\nsure it will be suitable for the desired purpose.\n\n## Installation\n\nThis library is distributed as a gem named [ecdsa](https://rubygems.org/gems/ecdsa)\nat RubyGems.org.  To install it, run:\n\n    gem install ecdsa\n\n## Generating a private key\n\nAn ECDSA private key is a random number between 1 and the order of the group.\nIf you trust the `SecureRandom` class provided by your Ruby implementation, you\ncould generate a private key using this code:\n\n```ruby\nrequire 'ecdsa'\nrequire 'securerandom'\ngroup = ECDSA::Group::Secp256k1\nprivate_key = 1 + SecureRandom.random_number(group.order - 1)\nputs 'private key: %#x' % private_key\n```\n\n## Computing the public key for a private key\n\nThe public key consists of the coordinates of the point that is computed by\nmultiplying the generator point of the curve with the private key.\nThis is equivalent to adding the generator to itself `private_key` times.\n\n```ruby\npublic_key = group.generator.multiply_by_scalar(private_key)\nputs 'public key: '\nputs '  x: %#x' % public_key.x\nputs '  y: %#x' % public_key.y\n```\n\nThe `public_key` object produced by the code above is an `ECDSA::Point` object.\n    \n## Encoding a public key as a binary string\n\nAssuming that you have an `ECDSA::Point` object representing the public key,\nyou can convert it to the standard binary format defined in SEC1 with this code:\n\n```ruby\npublic_key_string = ECDSA::Format::PointOctetString.encode(public_key, compression: true)\n```\n\nSetting the `compression` option to `true` decreases the size of the string by\nalmost 50% by only including one bit of the Y coordinate.  The other bits of the\nY coordinate are deduced from the X coordinate when the string is decoded.\n    \nThis code returns a binary string.\n\n## Decoding a public key from a binary string\n\nTo decode a SEC1 octet string, you can use the code below.  The `group` object\nis assumed to be an `ECDSA::Group`.\n\n```ruby\npublic_key = ECDSA::Format::PointOctetString.decode(public_key_string, group)\n```\n\n## Signing a message\n\nThis example shows how to generate a signature for a message.  In this example,\nwe will use SHA2 as our digest algorithm, but other algorithms can be used.\n\nThis example assumes that you trust the `SecureRandom` class in your Ruby\nimplementation to generate the temporary key (also known as `k`).  Beware that\nif you accidentally sign two different messages with the same temporary key, it\nis easy for someone to compute your private key from those two signatures and\nthen forge your signature.  Also, if someone can correctly guess the value of\nthe temporary key used for a signature, they can compute your private key from\nthat signature.\n\nThis example assumes that you have required the `ecdsa` gem, that you have an\n`ECDSA::Group` object named `group`, and that you have the private key stored as\nan integer in a variable named `private_key`.\n\n```ruby\nrequire 'digest/sha2'\nmessage = 'ECDSA is cool.'\ndigest = Digest::SHA2.digest(message)\nsignature = nil\nwhile signature.nil?\n  temp_key = 1 + SecureRandom.random_number(group.order - 1)\n  signature = ECDSA.sign(group, private_key, digest, temp_key)\nend\nputs 'signature: '\nputs '  r: %#x' % signature.r\nputs '  s: %#x' % signature.s\n```\n    \n## Encoding a signature as a DER string\n\nSignatures can be stored and transmitted as a [DER](http://en.wikipedia.org/wiki/X.690) string.\nThe code below encodes an `ECDSA::Signature` object as a binary DER string.\n\n```ruby\nsignature_der_string = ECDSA::Format::SignatureDerString.encode(signature)\n```\n\n## Decoding a signature from a DER string\n\nThe code below decodes a binary DER string to produce an `ECDSA::Signature` object.\n\n```ruby\nsignature = ECDSA::Format::SignatureDerString.decode(signature_der_string)\n```\n    \n## Verifying a signature\n\nThe code below shows how to verify an ECDSA signature.  It assumes that you have\nan `ECDSA::Point` object representing a public key, a string or integer\nrepresenting the digest of the signed messaged, and an `ECDSA::Signature` object\nrepresenting the signature.  The `valid_signature?` method returns `true` if the\nsignature is valid and `false` if it is not.\n\n```ruby\nvalid = ECDSA.valid_signature?(public_key, digest, signature)\nputs \"valid: #{valid}\"\n```\n\n## Supported platforms\n\nThis library should run on any Ruby interpreter that is compatible with Ruby 1.9.3.\nIt has been tested on JRuby 1.7.11 and MRI.\n\n## Documentation\n\nFor complete documentation, see the [ECDSA page on RubyDoc.info](http://rubydoc.info/gems/ecdsa).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavidegrayson%2Fruby_ecdsa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdavidegrayson%2Fruby_ecdsa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavidegrayson%2Fruby_ecdsa/lists"}