Convert points to ec pkeys

Author: anakinj

CHANGELOG.md

@@ -8,6 +8,7 @@
 
 - Add support for x5t header parameter for X.509 certificate thumbprint verification [#669](https://github.com/jwt/ruby-jwt/pull/669) ([@hieuk09](https://github.com/hieuk09))
 - Raise an error if the ECDSA signing or verification key is not an instance of `OpenSSL::PKey::EC` [#688](https://github.com/jwt/ruby-jwt/pull/688) ([@anakinj](https://github.com/anakinj))
+- Allow `OpenSSL::PKey::EC::Point` to be used as the verification key in ECDSA [#689](https://github.com/jwt/ruby-jwt/pull/689) ([@anakinj](https://github.com/anakinj))
 - Your contribution here
 
 **Fixes and enhancements:**

lib/jwt/jwa/ecdsa.rb

@@ -12,7 +12,8 @@ def initialize(alg, digest)
       end
 
       def sign(data:, signing_key:)
-        raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::EC instance.") unless signing_key.is_a?(::OpenSSL::PKey::EC)
+        raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::EC instance") unless signing_key.is_a?(::OpenSSL::PKey::EC)
+        raise_sign_error!('The given key is not a private key') unless signing_key.private?
 
         curve_definition = curve_by_name(signing_key.group.curve_name)
         key_algorithm = curve_definition[:algorithm]
@@ -23,7 +24,9 @@ def sign(data:, signing_key:)
       end
 
       def verify(data:, signature:, verification_key:)
-        raise_verify_error!("The given key is a #{verification_key.class}. It has to be an OpenSSL::PKey::EC instance.") unless verification_key.is_a?(::OpenSSL::PKey::EC)
+        verification_key = self.class.create_public_key_from_point(verification_key) if verification_key.is_a?(::OpenSSL::PKey::EC::Point)
+
+        raise_verify_error!("The given key is a #{verification_key.class}. It has to be an OpenSSL::PKey::EC instance") unless verification_key.is_a?(::OpenSSL::PKey::EC)
 
         curve_definition = curve_by_name(verification_key.group.curve_name)
         key_algorithm = curve_definition[:algorithm]
@@ -67,6 +70,14 @@ def self.curve_by_name(name)
         end
       end
 
+      def self.create_public_key_from_point(point)
+        sequence = OpenSSL::ASN1::Sequence([
+                                             OpenSSL::ASN1::Sequence([OpenSSL::ASN1::ObjectId('id-ecPublicKey'), OpenSSL::ASN1::ObjectId(point.group.curve_name)]),
+                                             OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
+                                           ])
+        OpenSSL::PKey::EC.new(sequence.to_der)
+      end
+
       private
 
       attr_reader :digest

lib/jwt/jwk/ec.rb

@@ -137,7 +137,7 @@ def parse_ec_key(key)
       end
 
       if ::JWT.openssl_3?
-        def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d) # rubocop:disable Metrics/MethodLength
+        def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d)
           curve = EC.to_openssl_curve(jwk_crv)
           x_octets = decode_octets(jwk_x)
           y_octets = decode_octets(jwk_y)
@@ -147,29 +147,25 @@ def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d) # rubocop:disable Metrics/Method
             OpenSSL::BN.new([0x04, x_octets, y_octets].pack('Ca*a*'), 2)
           )
 
-          sequence = if jwk_d
-                       # https://datatracker.ietf.org/doc/html/rfc5915.html
-                       # ECPrivateKey ::= SEQUENCE {
-                       #   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
-                       #   privateKey     OCTET STRING,
-                       #   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
-                       #   publicKey  [1] BIT STRING OPTIONAL
-                       # }
+          if jwk_d
+            # https://datatracker.ietf.org/doc/html/rfc5915.html
+            # ECPrivateKey ::= SEQUENCE {
+            #   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+            #   privateKey     OCTET STRING,
+            #   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+            #   publicKey  [1] BIT STRING OPTIONAL
+            # }
 
-                       OpenSSL::ASN1::Sequence([
+            sequence = OpenSSL::ASN1::Sequence([
                                                  OpenSSL::ASN1::Integer(1),
                                                  OpenSSL::ASN1::OctetString(OpenSSL::BN.new(decode_octets(jwk_d), 2).to_s(2)),
                                                  OpenSSL::ASN1::ObjectId(curve, 0, :EXPLICIT),
                                                  OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed), 1, :EXPLICIT)
                                                ])
-                     else
-                       OpenSSL::ASN1::Sequence([
-                                                 OpenSSL::ASN1::Sequence([OpenSSL::ASN1::ObjectId('id-ecPublicKey'), OpenSSL::ASN1::ObjectId(curve)]),
-                                                 OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
-                                               ])
-                     end
-
-          OpenSSL::PKey::EC.new(sequence.to_der)
+            OpenSSL::PKey::EC.new(sequence.to_der)
+          else
+            ::JWT::JWA::Ecdsa.create_public_key_from_point(point)
+          end
         end
       else
         def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d)

spec/jwt/jwa/ecdsa_spec.rb

@@ -35,18 +35,19 @@
   let(:ecdsa_key) { test_pkey('ec256-private.pem') }
   let(:data) { 'test data' }
   let(:instance) { described_class.new('ES256', 'sha256') }
+  let(:signature) { instance.sign(data: data, signing_key: ecdsa_key) }
 
   describe '#verify' do
     context 'when the verification key is valid' do
       it 'returns true for a valid signature' do
-        signature = instance.sign(data: data, signing_key: ecdsa_key)
         expect(instance.verify(data: data, signature: signature, verification_key: ecdsa_key)).to be true
       end
 
       it 'returns false for an invalid signature' do
         expect(instance.verify(data: data, signature: 'invalid_signature', verification_key: ecdsa_key)).to be false
       end
     end
+
     context 'when verification results in a OpenSSL::PKey::PKeyError error' do
       it 'raises a JWT::VerificationError' do
         allow(ecdsa_key).to receive(:dsa_verify_asn1).and_raise(OpenSSL::PKey::PKeyError.new('Error'))
@@ -60,25 +61,40 @@
       it 'raises a JWT::DecodeError' do
         expect do
           instance.verify(data: data, signature: '', verification_key: 'not_a_key')
-        end.to raise_error(JWT::DecodeError, 'The given key is a String. It has to be an OpenSSL::PKey::EC instance.')
+        end.to raise_error(JWT::DecodeError, 'The given key is a String. It has to be an OpenSSL::PKey::EC instance')
+      end
+    end
+
+    context 'when the verification key is a point' do
+      it 'verifies the signature' do
+        expect(ecdsa_key.public_key).to be_a(OpenSSL::PKey::EC::Point)
+        expect(instance.verify(data: data, signature: signature, verification_key: ecdsa_key.public_key)).to be(true)
       end
     end
   end
 
   describe '#sign' do
     context 'when the signing key is valid' do
       it 'returns a valid signature' do
-        signature = instance.sign(data: data, signing_key: ecdsa_key)
         expect(signature).to be_a(String)
         expect(signature.length).to be > 0
       end
     end
 
+    context 'when the signing key is a public key' do
+      it 'raises a JWT::DecodeError' do
+        public_key = test_pkey('ec256-public.pem')
+        expect do
+          instance.sign(data: data, signing_key: public_key)
+        end.to raise_error(JWT::EncodeError, 'The given key is not a private key')
+      end
+    end
+
     context 'when the signing key is not an OpenSSL::PKey::EC instance' do
       it 'raises a JWT::DecodeError' do
         expect do
           instance.sign(data: data, signing_key: 'not_a_key')
-        end.to raise_error(JWT::EncodeError, 'The given key is a String. It has to be an OpenSSL::PKey::EC instance.')
+        end.to raise_error(JWT::EncodeError, 'The given key is a String. It has to be an OpenSSL::PKey::EC instance')
       end
     end
 

spec/jwt/jwk/decode_with_jwk_spec.rb

@@ -169,7 +169,7 @@
 
         it 'fails in some way' do
           expect { described_class.decode(signed_token, nil, true, algorithms: ['ES384'], jwks: jwks) }.to(
-            raise_error(JWT::DecodeError, 'The given key is a String. It has to be an OpenSSL::PKey::EC instance.')
+            raise_error(JWT::DecodeError, 'The given key is a String. It has to be an OpenSSL::PKey::EC instance')
           )
         end
       end