Class: JOSE::JWK
- Inherits:
-
Struct
- Object
- Struct
- JOSE::JWK
- Defined in:
- lib/jose/jwk.rb
Defined Under Namespace
Modules: KTY, PEM Classes: KTY_EC, KTY_RSA, KTY_oct, Set
Instance Attribute Summary collapse
-
#fields ⇒ Object
Returns the value of attribute fields.
-
#keys ⇒ Object
Returns the value of attribute keys.
-
#kty ⇒ Object
Returns the value of attribute kty.
Class Method Summary collapse
-
.block_decrypt(jwk, encrypted) ⇒ Object
API.
- .block_encrypt(jwk, plain_text, jwe = nil) ⇒ Object
- .box_decrypt(jwk, encrypted) ⇒ Object
-
.from(object, modules = nil, key = nil) ⇒ Object
Decode API.
- .from_binary(object, modules = nil, key = nil) ⇒ Object
- .from_file(file, modules = nil, key = nil) ⇒ Object
- .from_key(object, modules = {}) ⇒ Object
- .from_map(object, modules = nil, key = nil) ⇒ Object
- .from_oct(object, modules = {}) ⇒ Object
- .from_oct_file(file, modules = {}) ⇒ Object
- .from_pem(object, modules = nil, password = nil) ⇒ Object
- .from_pem_file(file, modules = nil, password = nil) ⇒ Object
- .generate_key(params) ⇒ Object
- .sign(jwk, plain_text, jws = nil, header = nil) ⇒ Object
- .thumbprint(digest_type, jwk = nil) ⇒ Object
-
.to_binary(jwk, key = nil, jwe = nil) ⇒ Object
Encode API.
- .to_file(jwk, file, key = nil, jwe = nil) ⇒ Object
- .to_key(jwk) ⇒ Object
- .to_map(jwk, key = nil, jwe = nil) ⇒ Object
- .to_oct(jwk) ⇒ Object
- .to_pem(jwk, password = nil) ⇒ Object
- .to_public(jwk) ⇒ Object
- .to_public_key(jwk) ⇒ Object
- .to_public_map(jwk) ⇒ Object
- .to_thumbprint_map(jwk) ⇒ Object
- .verify(signed, jwk) ⇒ Object
- .verify_strict(signed, allow, jwk) ⇒ Object
Instance Method Summary collapse
- #block_decrypt(encrypted) ⇒ Object
- #block_encrypt(plain_text, jwe = nil) ⇒ Object
- #box_decrypt(encrypted) ⇒ Object
-
#box_encrypt(plain_text, my_private_jwk = nil, jwe = nil) ⇒ Object
Generates an ephemeral private key based on other public key curve.
- #derive_key(*args) ⇒ Object
- #generate_key ⇒ Object
- #sign(plain_text, jws = nil, header = nil) ⇒ Object
- #thumbprint(digest_type = nil) ⇒ Object
- #to_binary(key = nil, jwe = nil) ⇒ Object
- #to_file(file, key = nil, jwe = nil) ⇒ Object
- #to_key ⇒ Object
- #to_map(key = nil, jwe = nil) ⇒ Object
- #to_oct ⇒ Object
- #to_pem(password = nil) ⇒ Object
- #to_public ⇒ Object
- #to_public_key ⇒ Object
- #to_public_map ⇒ Object
- #to_thumbprint_map ⇒ Object
- #verify(signed) ⇒ Object
- #verify_strict(signed, allow) ⇒ Object
Instance Attribute Details
#fields ⇒ Object
Returns the value of attribute fields
2 3 4 |
# File 'lib/jose/jwk.rb', line 2 def fields @fields end |
#keys ⇒ Object
Returns the value of attribute keys
2 3 4 |
# File 'lib/jose/jwk.rb', line 2 def keys @keys end |
#kty ⇒ Object
Returns the value of attribute kty
2 3 4 |
# File 'lib/jose/jwk.rb', line 2 def kty @kty end |
Class Method Details
.block_decrypt(jwk, encrypted) ⇒ Object
API
187 188 189 |
# File 'lib/jose/jwk.rb', line 187 def self.block_decrypt(jwk, encrypted) return from(jwk).block_decrypt(encrypted) end |
.block_encrypt(jwk, plain_text, jwe = nil) ⇒ Object
195 196 197 |
# File 'lib/jose/jwk.rb', line 195 def self.block_encrypt(jwk, plain_text, jwe = nil) return from(jwk).block_encrypt(plain_text, jwe) end |
.box_decrypt(jwk, encrypted) ⇒ Object
204 205 206 |
# File 'lib/jose/jwk.rb', line 204 def self.box_decrypt(jwk, encrypted) return from(jwk).box_decrypt(encrypted) end |
.from(object, modules = nil, key = nil) ⇒ Object
Decode API
6 7 8 9 10 11 12 13 14 15 16 17 |
# File 'lib/jose/jwk.rb', line 6 def self.from(object, modules = nil, key = nil) case object when JOSE::Map, Hash return from_map(object, modules, key) when String return from_binary(object, modules, key) when JOSE::JWK return object else raise ArgumentError, "'object' must be a Hash, String, or JOSE::JWK" end end |
.from_binary(object, modules = nil, key = nil) ⇒ Object
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/jose/jwk.rb', line 19 def self.from_binary(object, modules = nil, key = nil) if (modules.is_a?(String) or modules.is_a?(JOSE::JWK)) and key.nil? key = modules modules = {} end modules ||= {} case object when String if key plain_text, jwe = JOSE::JWE.block_decrypt(key, object) return from_binary(plain_text, modules), jwe else return from_map(JOSE.decode(object), modules) end else raise ArgumentError, "'object' must be a String" end end |
.from_file(file, modules = nil, key = nil) ⇒ Object
38 39 40 |
# File 'lib/jose/jwk.rb', line 38 def self.from_file(file, modules = nil, key = nil) return from_binary(File.binread(file), modules, key) end |
.from_key(object, modules = {}) ⇒ Object
42 43 44 45 |
# File 'lib/jose/jwk.rb', line 42 def self.from_key(object, modules = {}) kty = modules[:kty] || JOSE::JWK::KTY return JOSE::JWK.new(nil, *kty.from_key(object)) end |
.from_map(object, modules = nil, key = nil) ⇒ Object
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/jose/jwk.rb', line 47 def self.from_map(object, modules = nil, key = nil) if (modules.is_a?(String) or modules.is_a?(JOSE::JWK)) and key.nil? key = modules modules = {} end modules ||= {} case object when JOSE::Map, Hash if key plain_text, jwe = JOSE::JWE.block_decrypt(key, object) return from_binary(plain_text, modules), jwe else return from_fields(JOSE::JWK.new(nil, nil, JOSE::Map.new(object)), modules) end else raise ArgumentError, "'object' must be a String" end end |
.from_oct(object, modules = {}) ⇒ Object
80 81 82 83 |
# File 'lib/jose/jwk.rb', line 80 def self.from_oct(object, modules = {}) kty = modules[:kty] || JOSE::JWK::KTY_oct return JOSE::JWK.new(nil, *kty.from_oct(object)) end |
.from_oct_file(file, modules = {}) ⇒ Object
85 86 87 |
# File 'lib/jose/jwk.rb', line 85 def self.from_oct_file(file, modules = {}) return from_oct(File.binread(file), modules) end |
.from_pem(object, modules = nil, password = nil) ⇒ Object
66 67 68 69 70 71 72 73 74 |
# File 'lib/jose/jwk.rb', line 66 def self.from_pem(object, modules = nil, password = nil) if modules.is_a?(String) and password.nil? password = modules modules = {} end modules ||= {} kty = modules[:kty] || JOSE::JWK::PEM return JOSE::JWK.new(nil, *kty.from_binary(object, password)) end |
.from_pem_file(file, modules = nil, password = nil) ⇒ Object
76 77 78 |
# File 'lib/jose/jwk.rb', line 76 def self.from_pem_file(file, modules = nil, password = nil) return from_pem(File.binread(file), modules, password) end |
.generate_key(params) ⇒ Object
250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 |
# File 'lib/jose/jwk.rb', line 250 def self.generate_key(params) if params.is_a?(Array) and (params.length == 2 or params.length == 3) case params[0] when :ec return JOSE::JWK.new(nil, *JOSE::JWK::KTY_EC.generate_key(params)) when :oct return JOSE::JWK.new(nil, *JOSE::JWK::KTY_oct.generate_key(params)) when :rsa return JOSE::JWK.new(nil, *JOSE::JWK::KTY_RSA.generate_key(params)) else raise ArgumentError, "invalid key generation params" end elsif params.is_a?(JOSE::JWK) return params.generate_key elsif params.respond_to?(:generate_key) return JOSE::JWK.new(nil, *params.generate_key(JOSE::Map[])) else raise ArgumentError, "invalid key generation params" end end |
.sign(jwk, plain_text, jws = nil, header = nil) ⇒ Object
275 276 277 |
# File 'lib/jose/jwk.rb', line 275 def self.sign(jwk, plain_text, jws = nil, header = nil) return from(jwk).sign(plain_text, jws, header) end |
.thumbprint(digest_type, jwk = nil) ⇒ Object
301 302 303 304 305 306 307 |
# File 'lib/jose/jwk.rb', line 301 def self.thumbprint(digest_type, jwk = nil) if jwk.nil? jwk = digest_type digest_type = nil end return from(jwk).thumbprint(digest_type) end |
.to_binary(jwk, key = nil, jwe = nil) ⇒ Object
Encode API
91 92 93 |
# File 'lib/jose/jwk.rb', line 91 def self.to_binary(jwk, key = nil, jwe = nil) return from(jwk).to_binary(key, jwe) end |
.to_file(jwk, file, key = nil, jwe = nil) ⇒ Object
106 107 108 |
# File 'lib/jose/jwk.rb', line 106 def self.to_file(jwk, file, key = nil, jwe = nil) return from(jwk).to_file(file, key, jwe) end |
.to_key(jwk) ⇒ Object
114 115 116 |
# File 'lib/jose/jwk.rb', line 114 def self.to_key(jwk) return from(jwk).to_key end |
.to_map(jwk, key = nil, jwe = nil) ⇒ Object
122 123 124 |
# File 'lib/jose/jwk.rb', line 122 def self.to_map(jwk, key = nil, jwe = nil) return from(jwk).to_map(key, jwe) end |
.to_oct(jwk) ⇒ Object
137 138 139 |
# File 'lib/jose/jwk.rb', line 137 def self.to_oct(jwk) return from(jwk).to_oct end |
.to_pem(jwk, password = nil) ⇒ Object
145 146 147 |
# File 'lib/jose/jwk.rb', line 145 def self.to_pem(jwk, password = nil) return from(jwk).to_pem(password) end |
.to_public(jwk) ⇒ Object
153 154 155 |
# File 'lib/jose/jwk.rb', line 153 def self.to_public(jwk) return from(jwk).to_public end |
.to_public_key(jwk) ⇒ Object
161 162 163 |
# File 'lib/jose/jwk.rb', line 161 def self.to_public_key(jwk) return from(jwk).to_public_key end |
.to_public_map(jwk) ⇒ Object
169 170 171 |
# File 'lib/jose/jwk.rb', line 169 def self.to_public_map(jwk) return from(jwk).to_public_map end |
.to_thumbprint_map(jwk) ⇒ Object
177 178 179 |
# File 'lib/jose/jwk.rb', line 177 def self.to_thumbprint_map(jwk) return from(jwk).to_thumbprint_map end |
.verify(signed, jwk) ⇒ Object
284 285 286 |
# File 'lib/jose/jwk.rb', line 284 def self.verify(signed, jwk) return from(jwk).verify(signed) end |
.verify_strict(signed, allow, jwk) ⇒ Object
292 293 294 |
# File 'lib/jose/jwk.rb', line 292 def self.verify_strict(signed, allow, jwk) return from(jwk).verify_strict(signed, allow) end |
Instance Method Details
#block_decrypt(encrypted) ⇒ Object
191 192 193 |
# File 'lib/jose/jwk.rb', line 191 def block_decrypt(encrypted) return JOSE::JWE.block_decrypt(self, encrypted) end |
#block_encrypt(plain_text, jwe = nil) ⇒ Object
199 200 201 202 |
# File 'lib/jose/jwk.rb', line 199 def block_encrypt(plain_text, jwe = nil) jwe ||= kty.block_encryptor(fields, plain_text) return JOSE::JWE.block_encrypt(self, plain_text, jwe) end |
#box_decrypt(encrypted) ⇒ Object
208 209 210 |
# File 'lib/jose/jwk.rb', line 208 def box_decrypt(encrypted) return JOSE::JWE.block_decrypt(self, encrypted) end |
#box_encrypt(plain_text, my_private_jwk = nil, jwe = nil) ⇒ Object
Generates an ephemeral private key based on other public key curve.
213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 |
# File 'lib/jose/jwk.rb', line 213 def box_encrypt(plain_text, my_private_jwk = nil, jwe = nil) generated_jwk = nil other_public_jwk = self if my_private_jwk.nil? generated_jwk = my_private_jwk = other_public_jwk.generate_key end if not my_private_jwk.is_a?(JOSE::JWK) my_private_jwk = JOSE::JWK.from(my_private_jwk) end if jwe.nil? jwe = other_public_jwk.kty.block_encryptor(fields, plain_text) end if jwe.is_a?(Hash) jwe = JOSE::Map.new(jwe) end if jwe.is_a?(JOSE::Map) if jwe['apu'].nil? jwe = jwe.put('apu', my_private_jwk.fields['kid'] || my_private_jwk.thumbprint) end if jwe['apv'].nil? jwe = jwe.put('apv', other_public_jwk.fields['kid'] || other_public_jwk.thumbprint) end if jwe['epk'].nil? jwe = jwe.put('epk', my_private_jwk.to_public_map) end end if generated_jwk return JOSE::JWE.block_encrypt([other_public_jwk, my_private_jwk], plain_text, jwe), generated_jwk else return JOSE::JWE.block_encrypt([other_public_jwk, my_private_jwk], plain_text, jwe) end end |
#derive_key(*args) ⇒ Object
246 247 248 |
# File 'lib/jose/jwk.rb', line 246 def derive_key(*args) return kty.derive_key(*args) end |
#generate_key ⇒ Object
271 272 273 |
# File 'lib/jose/jwk.rb', line 271 def generate_key return JOSE::JWK.new(nil, *kty.generate_key(fields)) end |
#sign(plain_text, jws = nil, header = nil) ⇒ Object
279 280 281 282 |
# File 'lib/jose/jwk.rb', line 279 def sign(plain_text, jws = nil, header = nil) jws ||= kty.signer(fields, plain_text) return JOSE::JWS.sign(self, plain_text, jws, header) end |
#thumbprint(digest_type = nil) ⇒ Object
309 310 311 312 313 |
# File 'lib/jose/jwk.rb', line 309 def thumbprint(digest_type = nil) digest_type ||= 'SHA256' thumbprint_binary = JOSE.encode(to_thumbprint_map) return JOSE.urlsafe_encode64(OpenSSL::Digest.new(digest_type).digest(thumbprint_binary)) end |
#to_binary(key = nil, jwe = nil) ⇒ Object
95 96 97 98 99 100 101 102 103 104 |
# File 'lib/jose/jwk.rb', line 95 def to_binary(key = nil, jwe = nil) if not key.nil? jwe ||= kty.key_encryptor(fields, key) end if key and jwe return to_map(key, jwe).compact else return JOSE.encode(to_map) end end |
#to_file(file, key = nil, jwe = nil) ⇒ Object
110 111 112 |
# File 'lib/jose/jwk.rb', line 110 def to_file(file, key = nil, jwe = nil) return File.binwrite(file, to_binary(key, jwe)) end |
#to_key ⇒ Object
118 119 120 |
# File 'lib/jose/jwk.rb', line 118 def to_key return kty.to_key end |
#to_map(key = nil, jwe = nil) ⇒ Object
126 127 128 129 130 131 132 133 134 135 |
# File 'lib/jose/jwk.rb', line 126 def to_map(key = nil, jwe = nil) if not key.nil? jwe ||= kty.key_encryptor(fields, key) end if key and jwe return JOSE::JWE.block_encrypt(key, to_binary, jwe) else return kty.to_map(fields) end end |
#to_oct ⇒ Object
141 142 143 |
# File 'lib/jose/jwk.rb', line 141 def to_oct return kty.to_oct end |
#to_pem(password = nil) ⇒ Object
149 150 151 |
# File 'lib/jose/jwk.rb', line 149 def to_pem(password = nil) return kty.to_pem(password) end |
#to_public ⇒ Object
157 158 159 |
# File 'lib/jose/jwk.rb', line 157 def to_public return JOSE::JWK.from_map(to_public_map) end |
#to_public_key ⇒ Object
165 166 167 |
# File 'lib/jose/jwk.rb', line 165 def to_public_key return to_public.to_key end |
#to_public_map ⇒ Object
173 174 175 |
# File 'lib/jose/jwk.rb', line 173 def to_public_map return kty.to_public_map(fields) end |
#to_thumbprint_map ⇒ Object
181 182 183 |
# File 'lib/jose/jwk.rb', line 181 def to_thumbprint_map return kty.to_thumbprint_map(fields) end |
#verify(signed) ⇒ Object
288 289 290 |
# File 'lib/jose/jwk.rb', line 288 def verify(signed) return JOSE::JWS.verify(self, signed) end |
#verify_strict(signed, allow) ⇒ Object
296 297 298 |
# File 'lib/jose/jwk.rb', line 296 def verify_strict(signed, allow) return JOSE::JWS.verify_strict(self, allow, signed) end |