Module: Decidim::BulletinBoard::JwkUtils

Defined in:
lib/decidim/bulletin_board/jwk_utils.rb

Constant Summary collapse

JWK_PRIVATE_FIELDS = 
[:d, :p, :q, :dp, :dq, :qi].freeze

Class Method Summary collapse

Class Method Details

.decode_open_ssl_bn(jwk_data) ⇒ Object 



37
38
39
40
41
 
# File 'lib/decidim/bulletin_board/jwk_utils.rb', line 37

def self.decode_open_ssl_bn(jwk_data)
  return nil unless jwk_data

  OpenSSL::BN.new(::Base64.urlsafe_decode64(jwk_data), 2)
end

.encode_open_ssl_bn(key_part) ⇒ Object 



33
34
35
 
# File 'lib/decidim/bulletin_board/jwk_utils.rb', line 33

def self.encode_open_ssl_bn(key_part)
  ::Base64.urlsafe_encode64(key_part.to_s(2), padding: false)
end

.import_private_key(json) ⇒ Object 



16
17
18
 
# File 'lib/decidim/bulletin_board/jwk_utils.rb', line 16

def self.import_private_key(json)
  JWT::JWK.import(json)
end

.private_export(jwk) ⇒ Object 



20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/decidim/bulletin_board/jwk_utils.rb', line 20

def self.private_export(jwk)
  raise "Not a private key" unless jwk.private?

  jwk.export.merge(
    d: encode_open_ssl_bn(jwk.keypair.d),
    p: encode_open_ssl_bn(jwk.keypair.p),
    q: encode_open_ssl_bn(jwk.keypair.q),
    dp: encode_open_ssl_bn(jwk.keypair.dmp1),
    dq: encode_open_ssl_bn(jwk.keypair.dmq1),
    qi: encode_open_ssl_bn(jwk.keypair.iqmp)
  )
end

.private_key?(json) ⇒ Boolean

Returns:

  • (Boolean) 


12
13
14
 
# File 'lib/decidim/bulletin_board/jwk_utils.rb', line 12

def self.private_key?(json)
  (json.keys & JWK_PRIVATE_FIELDS).any?
end

.thumbprint(json) ⇒ Object 



8
9
10
 
# File 'lib/decidim/bulletin_board/jwk_utils.rb', line 8

def self.thumbprint(json)
  Base64.urlsafe_encode64(Digest::SHA256.digest(json.slice(:e, :kty, :n).to_json), padding: false)
end