Class: Acme::Client::JWK::RSA

Inherits:
Base
  • Object
show all
Defined in:
lib/acme/client/jwk/rsa.rb

Constant Summary collapse

DIGEST =

Digest algorithm to use when signing.

OpenSSL::Digest::SHA256

Constants inherited from Base

Base::THUMBPRINT_DIGEST

Instance Method Summary collapse

Methods inherited from Base

#jws, #jws_header, #thumbprint, #to_json

Constructor Details

#initialize(private_key) ⇒ RSA

Instantiate a new RSA JWK.

private_key - A OpenSSL::PKey::RSA instance.

Returns nothing.



10
11
12
13
14
15
16
# File 'lib/acme/client/jwk/rsa.rb', line 10

def initialize(private_key)
  unless private_key.is_a?(OpenSSL::PKey::RSA)
    raise ArgumentError, 'private_key must be a OpenSSL::PKey::RSA'
  end

  @private_key = private_key
end

Instance Method Details

#jwa_algObject

The name of the algorithm as needed for the ‘alg` member of a JWS object.

Returns a String.



41
42
43
44
45
# File 'lib/acme/client/jwk/rsa.rb', line 41

def jwa_alg
  # https://tools.ietf.org/html/rfc7518#section-3.1
  # RSASSA-PKCS1-v1_5 using SHA-256
  'RS256'
end

#sign(message) ⇒ Object

Sign a message with the private key.

message - A String message to sign.

Returns a String signature.



34
35
36
# File 'lib/acme/client/jwk/rsa.rb', line 34

def sign(message)
  @private_key.sign(DIGEST.new, message)
end

#to_hObject

Get this JWK as a Hash for JSON serialization.

Returns a Hash.



21
22
23
24
25
26
27
# File 'lib/acme/client/jwk/rsa.rb', line 21

def to_h
  {
    e: Acme::Client::Util.urlsafe_base64(public_key.e.to_s(2)),
    kty: 'RSA',
    n: Acme::Client::Util.urlsafe_base64(public_key.n.to_s(2))
  }
end