module JWT::Algos::Ecdsa

Constants

NAMED_CURVES
SUPPORTED

Public Instance Methods

curve_by_name(name) click to toggle source
# File lib/jwt/algos/ecdsa.rb, line 57
def curve_by_name(name)
  NAMED_CURVES.fetch(name) do
    raise UnsupportedEcdsaCurve, "The ECDSA curve '#{name}' is not supported"
  end
end
sign(to_sign) click to toggle source
# File lib/jwt/algos/ecdsa.rb, line 33
def sign(to_sign)
  algorithm, msg, key = to_sign.values
  curve_definition = curve_by_name(key.group.curve_name)
  key_algorithm = curve_definition[:algorithm]
  if algorithm != key_algorithm
    raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} signing key was provided"
  end

  digest = OpenSSL::Digest.new(curve_definition[:digest])
  SecurityUtils.asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
end
verify(to_verify) click to toggle source
# File lib/jwt/algos/ecdsa.rb, line 45
def verify(to_verify)
  algorithm, public_key, signing_input, signature = to_verify.values
  curve_definition = curve_by_name(public_key.group.curve_name)
  key_algorithm = curve_definition[:algorithm]
  if algorithm != key_algorithm
    raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} verification key was provided"
  end

  digest = OpenSSL::Digest.new(curve_definition[:digest])
  public_key.dsa_verify_asn1(digest.digest(signing_input), SecurityUtils.raw_to_asn1(signature, public_key))
end