JWT::JWK::OKPRbNaCl

def check_jwk_params!(key_params, _given_params)

def check_jwk_params!(key_params, _given_params)
  raise JWT::JWKError, "Incorrect 'kty' value: #{key_params[:kty]}, expected #{KTY}" unless key_params[:kty] == KTY
end

def export(options = {})

def export(options = {})
  exported = parameters.clone
  exported.reject! { |k, _| OKP_PRIVATE_KEY_ELEMENTS.include?(k) } unless private? && options[:include_private] == true
  exported
end

def extract_key_params(key)

def extract_key_params(key)
  case key
  when JWT::JWK::KeyBase
    key.export(include_private: true)
  when RbNaCl::Signatures::Ed25519::SigningKey
    @signing_key = key
    @verify_key = key.verify_key
    parse_okp_key_params(@verify_key, @signing_key)
  when RbNaCl::Signatures::Ed25519::VerifyKey
    @signing_key = nil
    @verify_key = key
    parse_okp_key_params(@verify_key)
  when Hash
    key.transform_keys(&:to_sym)
  else
    raise ArgumentError, 'key must be of type RbNaCl::Signatures::Ed25519::SigningKey, RbNaCl::Signatures::Ed25519::VerifyKey or Hash with key parameters'
  end
end

def import(jwk_data)

def import(jwk_data)
  new(jwk_data)
end

def initialize(key, params = nil, options = {})

def initialize(key, params = nil, options = {})
  params ||= {}
  # For backwards compatibility when kid was a String
  params = { kid: params } if params.is_a?(String)
  key_params = extract_key_params(key)
  params = params.transform_keys(&:to_sym)
  check_jwk_params!(key_params, params)
  super(options, key_params.merge(params))
end

def key_digest

def key_digest
  Thumbprint.new(self).to_s
end

def members

def members
  OKP_PUBLIC_KEY_ELEMENTS.each_with_object({}) { |i, h| h[i] = self[i] }
end

def parse_okp_key_params(verify_key, signing_key = nil)

def parse_okp_key_params(verify_key, signing_key = nil)
  params = {
    kty: KTY,
    crv: 'Ed25519',
    x: ::JWT::Base64.url_encode(verify_key.to_bytes)
  }
  if signing_key
    params[:d] = ::JWT::Base64.url_encode(signing_key.to_bytes)
  end
  params
end

def private?

def private?
  !signing_key.nil?
end

def signing_key

def signing_key
  return @signing_key if defined?(@signing_key)
  @signing_key = signing_key_from_parameters
end

def signing_key_from_parameters

def signing_key_from_parameters
  return nil unless self[:d]
  RbNaCl::Signatures::Ed25519::SigningKey.new(::JWT::Base64.url_decode(self[:d]))
end

def verify_key

def verify_key
  return @verify_key if defined?(@verify_key)
  @verify_key = verify_key_from_parameters
end

def verify_key_from_parameters

def verify_key_from_parameters
  RbNaCl::Signatures::Ed25519::VerifyKey.new(::JWT::Base64.url_decode(self[:x]))
end

Modules

Classes

class JWT::JWK::OKPRbNaCl

def check_jwk_params!(key_params, _given_params)

def export(options = {})

def extract_key_params(key)

def import(jwk_data)

def initialize(key, params = nil, options = {})

def key_digest

def members

def parse_okp_key_params(verify_key, signing_key = nil)

def private?

def signing_key

def signing_key_from_parameters

def verify_key

def verify_key_from_parameters

Namespace

Parent class

Instance Methods

Defined in