forked from jwt/ruby-jwt
/
signature.rb
39 lines (33 loc) · 1.05 KB
/
signature.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# frozen_string_literal: true
require 'jwt/security_utils'
require 'openssl'
require 'jwt/algos'
begin
require 'rbnacl'
rescue LoadError
raise if defined?(RbNaCl)
end
# JWT::Signature module
module JWT
# Signature logic for JWT
module Signature
extend self
ToSign = Struct.new(:algorithm, :msg, :key)
ToVerify = Struct.new(:algorithm, :public_key, :signing_input, :signature)
def sign(algorithm, msg, key)
algo, code = Algos.find(algorithm)
algo.sign ToSign.new(code, msg, key)
end
def verify(algorithm, key, signing_input, signature)
return true if algorithm.upcase == 'NONE'
raise JWT::DecodeError, 'No verification key available' unless key
algo, code = Algos.find(algorithm)
verified = algo.verify(ToVerify.new(code, key, signing_input, signature))
raise(JWT::VerificationError, 'Signature verification raised') unless verified
rescue OpenSSL::PKey::PKeyError
raise JWT::VerificationError, 'Signature verification raised'
ensure
OpenSSL.errors.clear
end
end
end