Class: JOSE::JWK::KTY_OKP_Ed448ph
- Inherits:
-
Struct
- Object
- Struct
- JOSE::JWK::KTY_OKP_Ed448ph
- Defined in:
- lib/jose/jwk/kty_okp_ed448ph.rb
Constant Summary collapse
- SECRET_BYTES =
57
- LEGACY_SECRET_BYTES =
32
- PK_BYTES =
57
- SK_BYTES =
SECRET_BYTES + PK_BYTES
- LEGACY_SK_BYTES =
LEGACY_SECRET_BYTES + PK_BYTES
Instance Attribute Summary collapse
-
#okp ⇒ Object
Returns the value of attribute okp.
Class Method Summary collapse
-
.from_map(fields) ⇒ Object
JOSE::JWK callbacks.
-
.from_okp(okp) ⇒ Object
API functions.
- .from_openssh_key(key) ⇒ Object
-
.generate_key(okp_params) ⇒ Object
JOSE::JWK::KTY callbacks.
Instance Method Summary collapse
- #generate_key(fields) ⇒ Object
- #key_encryptor(fields, key) ⇒ Object
- #sign(message, digest_type) ⇒ Object
- #signer(fields = nil) ⇒ Object
- #to_key ⇒ Object
- #to_map(fields) ⇒ Object
- #to_okp ⇒ Object
- #to_openssh_key(fields) ⇒ Object
- #to_public_map(fields) ⇒ Object
- #to_thumbprint_map(fields) ⇒ Object
- #verify(message, digest_type, signature) ⇒ Object
Instance Attribute Details
#okp ⇒ Object
Returns the value of attribute okp
1 2 3 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 1 def okp @okp end |
Class Method Details
.from_map(fields) ⇒ Object
JOSE::JWK callbacks
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 11 def self.from_map(fields) if fields['kty'] == 'OKP' and fields['crv'] == 'Ed448ph' and fields['x'].is_a?(String) pk = JOSE.urlsafe_decode64(fields['x']) secret = nil if fields['d'].is_a?(String) secret = JOSE.urlsafe_decode64(fields['d']) end if pk.bytesize == PK_BYTES and (secret.nil? or secret.bytesize == SECRET_BYTES or secret.bytesize == LEGACY_SECRET_BYTES) if secret.nil? return JOSE::JWK::KTY_OKP_Ed448ph.new(pk), fields.except('kty', 'crv', 'x') else return JOSE::JWK::KTY_OKP_Ed448ph.new(secret + pk), fields.except('kty', 'crv', 'x', 'd') end end end raise ArgumentError, "invalid 'OKP' crv 'Ed448ph' JWK" end |
.from_okp(okp) ⇒ Object
API functions
115 116 117 118 119 120 121 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 115 def self.from_okp(okp) if okp.is_a?(Array) and okp.length == 2 and okp[0] == :Ed448ph and okp[1].is_a?(String) and (okp[1].bytesize == PK_BYTES or okp[1].bytesize == SK_BYTES or okp[1].bytesize == LEGACY_SK_BYTES) return JOSE::JWK::KTY_OKP_Ed448ph.new(okp[1]), JOSE::Map[] else raise ArgumentError, "'okp' must be an Array in the form of [:Ed448ph, String]" end end |
.from_openssh_key(key) ⇒ Object
123 124 125 126 127 128 129 130 131 132 133 134 135 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 123 def self.from_openssh_key(key) type, _, sk, comment = key if type and sk and type == 'ssh-ed448ph' and sk.bytesize == SK_BYTES if comment == '' or comment.nil? return from_okp([:Ed448ph, sk]) else kty, fields = from_okp([:Ed448ph, sk]) return kty, fields.merge('kid' => comment) end else raise ArgumentError, "unrecognized openssh key type: #{type.inspect}" end end |
.generate_key(okp_params) ⇒ Object
JOSE::JWK::KTY callbacks
67 68 69 70 71 72 73 74 75 76 77 78 79 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 67 def self.generate_key(okp_params) secret = nil if okp_params.is_a?(Array) and (okp_params.length == 2 or okp_params.length == 3) and okp_params[0] == :okp and okp_params[1] == :Ed448ph secret = okp_params[2] if okp_params.length == 3 elsif okp_params.is_a?(String) secret = okp_params end if secret.nil? or (secret.is_a?(String) and (secret.bytesize == SECRET_BYTES or secret.bytesize == LEGACY_SECRET_BYTES)) return from_okp([:Ed448ph, JOSE::JWA::Curve448.ed448ph_keypair(secret)[1]]) else raise ArgumentError, "'secret' must be nil or a String of #{SECRET_BYTES} bytes" end end |
Instance Method Details
#generate_key(fields) ⇒ Object
81 82 83 84 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 81 def generate_key(fields) kty, other_fields = JOSE::JWK::KTY_OKP_Ed448ph.generate_key([:okp, :Ed448ph]) return kty, fields.delete('kid').merge(other_fields) end |
#key_encryptor(fields, key) ⇒ Object
86 87 88 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 86 def key_encryptor(fields, key) return JOSE::JWK::KTY.key_encryptor(self, fields, key) end |
#sign(message, digest_type) ⇒ Object
90 91 92 93 94 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 90 def sign(, digest_type) raise ArgumentError, "'digest_type' must be :Ed448ph" if digest_type != :Ed448ph raise NotImplementedError, "Ed448ph public key cannot be used for signing" if okp.bytesize != SK_BYTES and okp.bytesize != LEGACY_SK_BYTES return JOSE::JWA::Curve448.ed448ph_sign(, okp) end |
#signer(fields = nil) ⇒ Object
96 97 98 99 100 101 102 103 104 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 96 def signer(fields = nil) if (okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES) and fields and fields['use'] == 'sig' and not fields['alg'].nil? return JOSE::Map['alg' => fields['alg']] elsif (okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES) return JOSE::Map['alg' => 'Ed448ph'] else raise ArgumentError, "signing not supported for public keys" end end |
#to_key ⇒ Object
29 30 31 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 29 def to_key return okp end |
#to_map(fields) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 33 def to_map(fields) if okp.bytesize == SK_BYTES secret, pk = okp[0, SECRET_BYTES], okp[SECRET_BYTES, SK_BYTES] return fields. put('crv', 'Ed448ph'). put('d', JOSE.urlsafe_encode64(secret)). put('kty', 'OKP'). put('x', JOSE.urlsafe_encode64(pk)) elsif okp.bytesize == LEGACY_SK_BYTES secret, pk = okp[0, LEGACY_SECRET_BYTES], okp[LEGACY_SECRET_BYTES, LEGACY_SK_BYTES] return fields. put('crv', 'Ed448ph'). put('d', JOSE.urlsafe_encode64(secret)). put('kty', 'OKP'). put('x', JOSE.urlsafe_encode64(pk)) else pk = okp return fields. put('crv', 'Ed448ph'). put('kty', 'OKP'). put('x', JOSE.urlsafe_encode64(pk)) end end |
#to_okp ⇒ Object
137 138 139 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 137 def to_okp return [:Ed448ph, okp] end |
#to_openssh_key(fields) ⇒ Object
141 142 143 144 145 146 147 148 149 150 151 152 153 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 141 def to_openssh_key(fields) comment = fields['kid'] || '' pk = JOSE::JWA::Curve448.ed448ph_secret_to_public(okp) sk = okp return JOSE::JWK::OpenSSHKey.to_binary([ [ [ ['ssh-ed448ph', pk], ['ssh-ed448ph', pk, sk, comment] ] ] ]) end |
#to_public_map(fields) ⇒ Object
57 58 59 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 57 def to_public_map(fields) return to_map(fields).except('d') end |
#to_thumbprint_map(fields) ⇒ Object
61 62 63 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 61 def to_thumbprint_map(fields) return to_public_map(fields).slice('crv', 'kty', 'x') end |
#verify(message, digest_type, signature) ⇒ Object
106 107 108 109 110 111 |
# File 'lib/jose/jwk/kty_okp_ed448ph.rb', line 106 def verify(, digest_type, signature) raise ArgumentError, "'digest_type' must be :Ed448ph" if digest_type != :Ed448ph pk = okp pk = JOSE::JWA::Curve448.ed448ph_secret_to_public(okp) if okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES return JOSE::JWA::Curve448.ed448ph_verify(signature, , pk) end |