class JWT::JWK::RSA

Constants

ASN1_SEQUENCE
BINARY
KTY
KTYS
RSA_KEY_ELEMENTS

Attributes

keypair[R]

Public Class Methods

new(keypair, options = {}) click to toggle source
Calls superclass method JWT::JWK::KeyBase::new
# File lib/jwt/jwk/rsa.rb, line 13
def initialize(keypair, options = {})
  raise ArgumentError, 'keypair must be of type OpenSSL::PKey::RSA' unless keypair.is_a?(OpenSSL::PKey::RSA)

  @keypair = keypair

  super(options)
end

Private Class Methods

create_rsa_key(rsa_parameters) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 94
def create_rsa_key(rsa_parameters)
  sequence = ASN1_SEQUENCE.each_with_object([]) do |key, arr|
    next if rsa_parameters[key].nil?

    arr << OpenSSL::ASN1::Integer.new(rsa_parameters[key])
  end

  if sequence.size > 2 # For a private key
    sequence.unshift(OpenSSL::ASN1::Integer.new(0))
  end

  OpenSSL::PKey::RSA.new(OpenSSL::ASN1::Sequence(sequence).to_der)
end
decode_open_ssl_bn(jwk_data) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 130
def decode_open_ssl_bn(jwk_data)
  return nil unless jwk_data

  OpenSSL::BN.new(::JWT::Base64.url_decode(jwk_data), BINARY)
end
import(jwk_data) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 69
def import(jwk_data)
  pkey_params = jwk_attributes(jwk_data, *RSA_KEY_ELEMENTS) do |value|
    decode_open_ssl_bn(value)
  end
  new(rsa_pkey(pkey_params), kid: jwk_attributes(jwk_data, :kid)[:kid])
end
jwk_attributes(jwk_data, *attributes) { |value| ... } click to toggle source
# File lib/jwt/jwk/rsa.rb, line 78
def jwk_attributes(jwk_data, *attributes)
  attributes.each_with_object({}) do |attribute, hash|
    value = jwk_data[attribute] || jwk_data[attribute.to_s]
    value = yield(value) if block_given?
    hash[attribute] = value
  end
end
rsa_pkey(rsa_parameters) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 86
def rsa_pkey(rsa_parameters)
  raise JWT::JWKError, 'Key format is invalid for RSA' unless rsa_parameters[:n] && rsa_parameters[:e]

  create_rsa_key(rsa_parameters)
end

Public Instance Methods

export(options = {}) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 29
def export(options = {})
  exported_hash = members.merge(kid: kid)

  return exported_hash unless private? && options[:include_private] == true

  append_private_parts(exported_hash)
end
key_digest() click to toggle source
# File lib/jwt/jwk/rsa.rb, line 45
def key_digest
  sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(public_key.n),
                                      OpenSSL::ASN1::Integer.new(public_key.e)])
  OpenSSL::Digest::SHA256.hexdigest(sequence.to_der)
end
members() click to toggle source
# File lib/jwt/jwk/rsa.rb, line 37
def members
  {
    kty: KTY,
    n: encode_open_ssl_bn(public_key.n),
    e: encode_open_ssl_bn(public_key.e)
  }
end
private?() click to toggle source
# File lib/jwt/jwk/rsa.rb, line 21
def private?
  keypair.private?
end
public_key() click to toggle source
# File lib/jwt/jwk/rsa.rb, line 25
def public_key
  keypair.public_key
end

Private Instance Methods

append_private_parts(the_hash) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 53
def append_private_parts(the_hash)
  the_hash.merge(
    d: encode_open_ssl_bn(keypair.d),
    p: encode_open_ssl_bn(keypair.p),
    q: encode_open_ssl_bn(keypair.q),
    dp: encode_open_ssl_bn(keypair.dmp1),
    dq: encode_open_ssl_bn(keypair.dmq1),
    qi: encode_open_ssl_bn(keypair.iqmp)
  )
end
encode_open_ssl_bn(key_part) click to toggle source
# File lib/jwt/jwk/rsa.rb, line 64
def encode_open_ssl_bn(key_part)
  ::JWT::Base64.url_encode(key_part.to_s(BINARY))
end