lib/jwt/jwa/eddsa.rb
# frozen_string_literal: true
module JWT
module JWA
module Eddsa
SUPPORTED = %w[ED25519 EdDSA].freeze
SUPPORTED_DOWNCASED = SUPPORTED.map(&:downcase).freeze
class << self
def sign(algorithm, msg, key)
unless key.is_a?(RbNaCl::Signatures::Ed25519::SigningKey)
raise EncodeError, "Key given is a #{key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey"
end
validate_algorithm!(algorithm)
key.sign(msg)
end
def verify(algorithm, public_key, signing_input, signature)
unless public_key.is_a?(RbNaCl::Signatures::Ed25519::VerifyKey)
raise DecodeError, "key given is a #{public_key.class} but has to be a RbNaCl::Signatures::Ed25519::VerifyKey"
end
validate_algorithm!(algorithm)
public_key.verify(signature, signing_input)
rescue RbNaCl::CryptoError
false
end
private
def validate_algorithm!(algorithm)
return if SUPPORTED_DOWNCASED.include?(algorithm.downcase)
raise IncorrectAlgorithm, "Algorithm #{algorithm} not supported. Supported algoritms are #{SUPPORTED.join(', ')}"
end
end
end
end
end