Class: JOSE::JWK::KTY_oct

Inherits:

Struct

• Object
• Struct
• JOSE::JWK::KTY_oct

Defined in:

lib/jose/jwk/kty_oct.rb

Instance Attribute Summary

• #oct ⇒ Object

  Returns the value of attribute oct.

Class Method Summary

• .from_map(fields) ⇒ Object

  JOSE::JWK callbacks.

• .from_oct(binary) ⇒ Object

  API functions.

• .generate_key(size) ⇒ Object

Instance Method Summary

• #block_encryptor(fields) ⇒ Object

  JOSE::JWK::KTY callbacks.

• #derive_key ⇒ Object
• #generate_key(fields) ⇒ Object
• #key_encryptor(fields, key) ⇒ Object
• #sign(message, digest_type) ⇒ Object
• #signer(fields = nil) ⇒ Object
• #to_key ⇒ Object
• #to_map(fields) ⇒ Object
• #to_oct ⇒ Object
• #to_public_map(fields) ⇒ Object
• #to_thumbprint_map(fields) ⇒ Object
• #verifier(fields) ⇒ Object
• #verify(message, digest_type, signature) ⇒ Object

Instance Attribute Details

#oct ⇒ Object

Returns the value of attribute oct

Returns:

• (Object) —

  the current value of oct

# File 'lib/jose/jwk/kty_oct.rb', line 1

def oct
  @oct
end

Class Method Details

.from_map(fields) ⇒ Object

JOSE::JWK callbacks

# File 'lib/jose/jwk/kty_oct.rb', line 5

def self.from_map(fields)
  if fields['kty'] == 'oct' and fields['k'].is_a?(String)
    return JOSE::JWK::KTY_oct.new(JOSE.urlsafe_decode64(fields['k'])), fields.except('kty', 'k')
  else
    raise ArgumentError, "invalid 'oct' JWK"
  end
end

.from_oct(binary) ⇒ Object

API functions

# File 'lib/jose/jwk/kty_oct.rb', line 133

def self.from_oct(binary)
  case binary
  when String
    return JOSE::JWK::KTY_oct.new(binary), JOSE::Map[]
  else
    raise ArgumentError, "'binary' must be a String"
  end
end

.generate_key(size) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 70

def self.generate_key(size)
  if size.is_a?(Array) and size.length == 2 and size[0] == :oct
    size = size[1]
  end
  case size
  when Integer
    return from_oct(SecureRandom.random_bytes(size))
  else
    raise ArgumentError, "'size' must be an Integer"
  end
end

Instance Method Details

#block_encryptor(fields) ⇒ Object

JOSE::JWK::KTY callbacks

# File 'lib/jose/jwk/kty_oct.rb', line 31

def block_encryptor(fields)
  if fields and fields['use'] == 'enc' and not fields['alg'].nil? and not fields['enc'].nil?
    jwe = JOSE::Map[
      'alg' => fields['alg'],
      'enc' => fields['enc']
    ]
    if not fields['p2c'].nil?
      jwe = jwe.put('p2c', fields['p2c'])
    end
    if not fields['p2s'].nil?
      jwe = jwe.put('p2s', fields['p2s'])
    end
    return jwe
  else
    enc = case (oct.bytesize * 8)
    when 128
      'A128GCM'
    when 192
      'A192GCM'
    when 256
      'A256GCM'
    when 384
      'A192CBC-HS384'
    when 512
      'A256CBC-HS512'
    else
      raise ArgumentError, "oct of size #{oct.bytesize * 8} has no default block encryptor"
    end
    return JOSE::Map[
      'alg' => 'dir',
      'enc' => enc
    ]
  end
end

#derive_key ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 66

def derive_key
  return oct
end

#generate_key(fields) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 82

def generate_key(fields)
  kty, other_fields = JOSE::JWK::KTY_oct.generate_key(oct.bytesize)
  return kty, fields.delete('kid').merge(other_fields)
end

#key_encryptor(fields, key) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 87

def key_encryptor(fields, key)
  return JOSE::JWK::KTY.key_encryptor(self, fields, key)
end

#sign(message, digest_type) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 91

def sign(message, digest_type)
  return OpenSSL::HMAC.digest(digest_type.new, oct, message)
end

#signer(fields = nil) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 95

def signer(fields = nil)
  if fields and fields['use'] == 'sig' and not fields['alg'].nil?
    return JOSE::Map['alg' => fields['alg']]
  else
    bitsize = (oct.bytesize * 8)
    alg = if bitsize < 384
      'HS256'
    elsif bitsize < 512
      'HS384'
    else
      'HS512'
    end
    return JOSE::Map['alg' => alg]
  end
end

#to_key ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 13

def to_key
  return oct
end

#to_map(fields) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 17

def to_map(fields)
  return fields.put('k', JOSE.urlsafe_encode64(oct)).put('kty', 'oct')
end

#to_oct ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 142

def to_oct
  return oct
end

#to_public_map(fields) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 21

def to_public_map(fields)
  return to_map(fields)
end

#to_thumbprint_map(fields) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 25

def to_thumbprint_map(fields)
  return to_public_map(fields).slice('k', 'kty')
end

#verifier(fields) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 111

def verifier(fields)
  if fields and fields['use'] == 'sig' and not fields['alg'].nil?
    return [fields['alg']]
  else
    bitsize = (oct.bytesize * 8)
    algs = if bitsize < 384
      ['HS256']
    elsif bitsize < 512
      ['HS256', 'HS384']
    else
      ['HS256', 'HS384', 'HS512']
    end
    return algs
  end
end

#verify(message, digest_type, signature) ⇒ Object

# File 'lib/jose/jwk/kty_oct.rb', line 127

def verify(message, digest_type, signature)
  return JOSE::JWA.constant_time_compare(signature, sign(message, digest_type))
end