add change_password! method

jshawl · Feb 10, 2024 · c91ef02 · c91ef02
1 parent 8858994
commit c91ef02
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -6,6 +6,7 @@ A rubygem for creating and verifying [Minisign](http://jedisct1.github.io/minisi
   - [Read a public key](#read-a-public-key)
   - [Verify a signature](#verify-a-signature)
   - [Read a private key](#read-a-private-key)
+  - [Change the private key's password](#change-the-private-keys-password)
   - [Create a signature](#create-a-signature)
   - [Generate a key pair](#generate-a-key-pair)
 - [Local Development](#local-development)
@@ -41,6 +42,13 @@ password = "password" # optional, if the key is not encrypted
 private_key = Minisign::PrivateKey.new(File.read("minisign.key"), password)
 ```
 
+### Change the private key's password
+
+```rb
+password = "new password"
+private_key.change_password! password
+```
+
 ### Create a signature
 
 ```rb

diff --git a/lib/minisign/private_key.rb b/lib/minisign/private_key.rb
@@ -61,6 +61,10 @@ def to_s
       "untrusted comment: #{@untrusted_comment}\n#{Base64.strict_encode64(data)}\n"
     end
 
+    def change_password!(new_password)
+      @password = new_password
+    end
+
     private
 
     def signature_algorithm

diff --git a/spec/minisign/private_key_spec.rb b/spec/minisign/private_key_spec.rb
@@ -107,4 +107,22 @@
              )).to be(true)
     end
   end
+
+  describe '#change_password!' do
+    it 'changes the password' do
+      random_trusted_comment = SecureRandom.uuid
+      new_password = SecureRandom.uuid
+      original_public_key = @private_key.public_key
+      original_signature = @private_key.sign('example.txt', 'example', random_trusted_comment)
+      original_private_key = @private_key.to_s
+      @private_key.change_password! new_password
+      new_signature = @private_key.sign('example.txt', 'example', random_trusted_comment)
+      expect(original_signature.to_s).to eq(new_signature.to_s)
+      expect(original_public_key.to_s).to eq(@private_key.public_key.to_s)
+      expect(original_private_key.to_s).not_to eq(@private_key.to_s)
+      expect do
+        Minisign::PrivateKey.new(@private_key.to_s, new_password)
+      end.not_to raise_error
+    end
+  end
 end