Module: JWT::Algos::Ecdsa

Defined in:: lib/jwt/algos/ecdsa.rb

Constant Summary collapse

SUPPORTED =

%(ES256 ES384 ES512).freeze

NAMED_CURVES =

{
  'prime256v1' => 'ES256',
  'secp384r1' => 'ES384',
  'secp521r1' => 'ES512'
}.freeze

Class Method Summary collapse

Class Method Details

.sign(to_sign) ⇒ `Object`

# File 'lib/jwt/algos/ecdsa.rb', line 13

def sign(to_sign)
  algorithm, msg, key = to_sign.values
  key_algorithm = NAMED_CURVES[key.group.curve_name]
  if algorithm != key_algorithm
    raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} signing key was provided"
  end

  digest = OpenSSL::Digest.new(algorithm.sub('ES', 'sha'))
  SecurityUtils.asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
end

.verify(to_verify) ⇒ `Object`

# File 'lib/jwt/algos/ecdsa.rb', line 24

def verify(to_verify)
  algorithm, public_key, signing_input, signature = to_verify.values
  key_algorithm = NAMED_CURVES[public_key.group.curve_name]
  if algorithm != key_algorithm
    raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} verification key was provided"
  end
  digest = OpenSSL::Digest.new(algorithm.sub('ES', 'sha'))
  public_key.dsa_verify_asn1(digest.digest(signing_input), SecurityUtils.raw_to_asn1(signature, public_key))
end

Module: JWT::Algos::Ecdsa

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.sign(to_sign) ⇒ Object

.verify(to_verify) ⇒ Object

.sign(to_sign) ⇒ `Object`

.verify(to_verify) ⇒ `Object`