require 'openssl'
OpenSSL::Engine.load
engine = OpenSSL::Engine.by_id('gem')
#=> #<OpenSSL::Engine id="gem" name="Gem engine support">
# ECDSA 有効化
ENGINE_METHOD_ECDSA = 0x0020 # see: openssl/engine.h
engine.set_default(ENGINE_METHOD_ECDSA)
#engine.set_default(OpenSSL::Engine::METHOD_ALL) # こっちでも動作する
# HSM 上の EC秘密鍵をロード
# "ecdsa-private-key" はオブジェクトラベル名
ec = engine.load_private_key('ecdsa-private-key')
# 署名して検証
digest = OpenSSL::Digest::SHA256.digest('hoge')
sig = ec.dsa_sign_asn1(digest)
ec.dsa_verify_asn1(digest, sig)
#=> true
More than 5 years have passed since last update.
Register as a new user and use Qiita more conveniently
- You get articles that match your needs
- You can efficiently read back useful information
- You can use dark theme
List of users who liked
00