Sha256: 81fff81e59363480133cadb5668d154dc723d7627f99fc428e15f78af7efe0f9
Contents?: true
Size: 1.49 KB
Versions: 2
Compression:
Stored size: 1.49 KB
Contents
# frozen_string_literal: true
require "cose/algorithm/signature_algorithm"
require "cose/error"
require "cose/key/ec2"
require "openssl"
module COSE
module Algorithm
class ECDSA < SignatureAlgorithm
attr_reader :hash_function
def initialize(*args, hash_function:)
super(*args)
@hash_function = hash_function
end
def compatible_key?(key)
to_pkey(key)
rescue COSE::Error
false
end
private
def valid_signature?(key, signature, verification_data)
pkey = to_pkey(key)
pkey.verify(hash_function, in_der(signature, pkey.group.degree), verification_data)
end
def to_pkey(key)
case key
when COSE::Key::EC2
key.to_pkey
when OpenSSL::PKey::EC
key
else
raise(COSE::Error, "Incompatible key for algorithm")
end
end
# Borrowed from jwt rubygem.
# https://github.com/jwt/ruby-jwt/blob/7a6a3f1dbaff806993156d1dff9c217bb2523ff8/lib/jwt/security_utils.rb#L34-L39
#
# Hopefully this will be provided by openssl rubygem in the future.
def in_der(signature, key_length)
n = (key_length.to_f / BYTE_LENGTH).ceil
if signature.size == n * 2
r = signature[0..(n - 1)]
s = signature[n..-1]
OpenSSL::ASN1::Sequence.new([r, s].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
else
signature
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| cose-0.10.0 | lib/cose/algorithm/ecdsa.rb |
| cose-0.9.0 | lib/cose/algorithm/ecdsa.rb |