module JsonWebToken::Algorithm::Rsa
Sign or verify a JSON Web Signature (JWS) structure using RSASSA-PKCS-v1_5 @see tools.ietf.org/html/rfc7518#section-3.3
Constants
- KEY_BITS_MIN
Public Instance Methods
@param sha_bits [String] desired security level in bits of the signature scheme @param private_key [OpenSSL::PKey::RSA] key used to sign a digital signature, or mac @param signing_input [String] input payload for a mac computation @return [BinaryString] a digital signature, or mac @example
Rsa.sign('256', < private_key >, 'signing_input').bytes.length # => 256
# File lib/json_web_token/algorithm/rsa.rb, line 21 def sign(sha_bits, private_key, signing_input) validate_key(sha_bits, private_key) private_key.sign(digest_new(sha_bits), signing_input) end
# File lib/json_web_token/algorithm/rsa.rb, line 39 def validate_key_size(_sha_bits, key) fail('Invalid key: RSA modulus too small') if weak_key?(key) end
@param mac [BinaryString] a digital signature, or mac @param sha_bits [String] desired security level in bits of the signature scheme @param public_key [OpenSSL::PKey::RSA] key used to verify a digital signature, or mac @param signing_input [String] input payload for a mac computation @return [Boolean] a predicate to verify the signing_input for a given mac
@example
Rsa.verify?(< binary_string >, '256', < public_key >, 'signing_input') # => true
# File lib/json_web_token/algorithm/rsa.rb, line 34 def verify?(mac, sha_bits, public_key, signing_input) validate_key(sha_bits, public_key) public_key.verify(digest_new(sha_bits), mac, signing_input) end
github.com/ruby/openssl/issues/5
# File lib/json_web_token/algorithm/rsa.rb, line 44 def weak_key?(key) !key || key.n.num_bits < KEY_BITS_MIN end