forked from jwt/ruby-jwt
/
eddsa.rb
30 lines (26 loc) · 1.18 KB
/
eddsa.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
module JWT
module Algos
module Eddsa
module_function
SUPPORTED = %w[ED25519 EdDSA].freeze
def sign(to_sign)
algorithm, msg, key = to_sign.values
if key.class != RbNaCl::Signatures::Ed25519::SigningKey
raise EncodeError, "Key given is a #{key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey"
end
unless SUPPORTED.map(&:downcase).map(&:to_sym).include?(algorithm.downcase.to_sym)
raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key.primitive} signing key was provided"
end
key.sign(msg)
end
def verify(to_verify)
algorithm, public_key, signing_input, signature = to_verify.values
unless SUPPORTED.map(&:downcase).map(&:to_sym).include?(algorithm.downcase.to_sym)
raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key.primitive} signing key was provided"
end
raise DecodeError, "key given is a #{public_key.class} but has to be a RbNaCl::Signatures::Ed25519::VerifyKey" if public_key.class != RbNaCl::Signatures::Ed25519::VerifyKey
public_key.verify(signature, signing_input)
end
end
end
end