Class: JWT::JWA::Ps
- Inherits:
-
Object
- Object
- JWT::JWA::Ps
- Includes:
- SigningAlgorithm
- Defined in:
- lib/jwt/jwa/ps.rb
Overview
Implementation of the RSASSA-PSS family of algorithms
Instance Attribute Summary
Attributes included from SigningAlgorithm
Instance Method Summary collapse
-
#initialize(alg) ⇒ Ps
constructor
A new instance of Ps.
- #sign(data:, signing_key:) ⇒ Object
- #verify(data:, signature:, verification_key:) ⇒ Object
Methods included from SigningAlgorithm
#header, #raise_sign_error!, #raise_verify_error!, #valid_alg?
Constructor Details
#initialize(alg) ⇒ Ps
Returns a new instance of Ps.
9 10 11 12 |
# File 'lib/jwt/jwa/ps.rb', line 9 def initialize(alg) @alg = alg @digest_algorithm = alg.sub('PS', 'sha') end |
Instance Method Details
#sign(data:, signing_key:) ⇒ Object
14 15 16 17 18 19 |
# File 'lib/jwt/jwa/ps.rb', line 14 def sign(data:, signing_key:) raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::RSA instance.") unless signing_key.is_a?(::OpenSSL::PKey::RSA) raise_sign_error!('The key length must be greater than or equal to 2048 bits') if signing_key.n.num_bits < 2048 signing_key.sign_pss(digest_algorithm, data, salt_length: :digest, mgf1_hash: digest_algorithm) end |
#verify(data:, signature:, verification_key:) ⇒ Object
21 22 23 24 25 |
# File 'lib/jwt/jwa/ps.rb', line 21 def verify(data:, signature:, verification_key:) verification_key.verify_pss(digest_algorithm, signature, data, salt_length: :auto, mgf1_hash: digest_algorithm) rescue OpenSSL::PKey::PKeyError raise JWT::VerificationError, 'Signature verification raised' end |