Module: JWT::Algos::Ps
- Defined in:
- lib/jwt/algos/ps.rb
Constant Summary collapse
- SUPPORTED =
%w[PS256 PS384 PS512].freeze
Class Method Summary collapse
- .require_openssl! ⇒ Object
- .sign(algorithm, msg, key) ⇒ Object
- .verify(algorithm, public_key, signing_input, signature) ⇒ Object
Class Method Details
.require_openssl! ⇒ Object
30 31 32 33 34 35 36 37 38 |
# File 'lib/jwt/algos/ps.rb', line 30 def require_openssl! if Object.const_defined?('OpenSSL') if ::Gem::Version.new(OpenSSL::VERSION) < ::Gem::Version.new('2.1') raise JWT::RequiredDependencyError, "You currently have OpenSSL #{OpenSSL::VERSION}. PS support requires >= 2.1" end else raise JWT::RequiredDependencyError, 'PS signing requires OpenSSL +2.1' end end |
.sign(algorithm, msg, key) ⇒ Object
12 13 14 15 16 17 18 19 20 |
# File 'lib/jwt/algos/ps.rb', line 12 def sign(algorithm, msg, key) require_openssl! raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key.is_a?(String) translated_algorithm = algorithm.sub('PS', 'sha') key.sign_pss(translated_algorithm, msg, salt_length: :digest, mgf1_hash: translated_algorithm) end |
.verify(algorithm, public_key, signing_input, signature) ⇒ Object
22 23 24 25 26 27 28 |
# File 'lib/jwt/algos/ps.rb', line 22 def verify(algorithm, public_key, signing_input, signature) require_openssl! translated_algorithm = algorithm.sub('PS', 'sha') public_key.verify_pss(translated_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: translated_algorithm) rescue OpenSSL::PKey::PKeyError raise JWT::VerificationError, 'Signature verification raised' end |