Module: JWT::Algos::Ps

Defined in:
lib/jwt/algos/ps.rb

Constant Summary collapse

SUPPORTED = 
%w[PS256 PS384 PS512].freeze

Class Method Summary collapse

Class Method Details

.require_openssl!Object 



30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/jwt/algos/ps.rb', line 30

def require_openssl!
  if Object.const_defined?('OpenSSL')
    major, minor = OpenSSL::VERSION.split('.').first(2)

    unless major.to_i >= 2 && minor.to_i >= 1
      raise JWT::RequiredDependencyError, "You currently have OpenSSL #{OpenSSL::VERSION}. PS support requires >= 2.1"
    end
  else
    raise JWT::RequiredDependencyError, 'PS signing requires OpenSSL +2.1'
  end
end

.sign(to_sign) ⇒ Object

Raises:



10
11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'lib/jwt/algos/ps.rb', line 10

def sign(to_sign)
  require_openssl!

  algorithm, msg, key = to_sign.values

  key_class = key.class

  raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key_class == String

  translated_algorithm = algorithm.sub('PS', 'sha')

  key.sign_pss(translated_algorithm, msg, salt_length: :digest, mgf1_hash: translated_algorithm)
end

.verify(to_verify) ⇒ Object 



24
25
26
27
28
 
# File 'lib/jwt/algos/ps.rb', line 24

def verify(to_verify)
  require_openssl!

  SecurityUtils.verify_ps(to_verify.algorithm, to_verify.public_key, to_verify.signing_input, to_verify.signature)
end