module JWT::Algos::Ecdsa

Constants

NAMED_CURVES
SUPPORTED

Public Instance Methods

curve_by_name(name) click to toggle source
# File lib/jwt/algos/ecdsa.rb, line 55
def curve_by_name(name)
  NAMED_CURVES.fetch(name) do
    raise UnsupportedEcdsaCurve, "The ECDSA curve '#{name}' is not supported"
  end
end
sign(algorithm, msg, key) click to toggle source
# File lib/jwt/algos/ecdsa.rb, line 33
def sign(algorithm, msg, key)
  curve_definition = curve_by_name(key.group.curve_name)
  key_algorithm = curve_definition[:algorithm]
  if algorithm != key_algorithm
    raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} signing key was provided"
  end

  digest = OpenSSL::Digest.new(curve_definition[:digest])
  SecurityUtils.asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
end
verify(algorithm, public_key, signing_input, signature) click to toggle source
# File lib/jwt/algos/ecdsa.rb, line 44
def verify(algorithm, public_key, signing_input, signature)
  curve_definition = curve_by_name(public_key.group.curve_name)
  key_algorithm = curve_definition[:algorithm]
  if algorithm != key_algorithm
    raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} verification key was provided"
  end

  digest = OpenSSL::Digest.new(curve_definition[:digest])
  public_key.dsa_verify_asn1(digest.digest(signing_input), SecurityUtils.raw_to_asn1(signature, public_key))
end