diff --git a/CHANGELOG.md b/CHANGELOG.md index 90f56f4e..005a1c8f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ - Deprecation warnings for deprecated methods and classes [#629](https://github.com/jwt/ruby-jwt/pull/629) ([@anakinj](https://github.com/anakinj)) - Improved documentation for public apis [#629](https://github.com/jwt/ruby-jwt/pull/629) ([@anakinj](https://github.com/anakinj)) +- Use correct methods when raising error during signing/verification with EdDSA [#633](https://github.com/jwt/ruby-jwt/pull/633) - Your contribution here ## [v2.9.3](https://github.com/jwt/ruby-jwt/tree/v2.9.3) (2024-10-03) diff --git a/lib/jwt/jwa/eddsa.rb b/lib/jwt/jwa/eddsa.rb index 3db3e3e6..1d9e656f 100644 --- a/lib/jwt/jwa/eddsa.rb +++ b/lib/jwt/jwa/eddsa.rb @@ -11,7 +11,7 @@ def initialize(alg) def sign(data:, signing_key:) unless signing_key.is_a?(RbNaCl::Signatures::Ed25519::SigningKey) - raise_encode_error!("Key given is a #{signing_key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey") + raise_sign_error!("Key given is a #{signing_key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey") end signing_key.sign(data) @@ -19,7 +19,7 @@ def sign(data:, signing_key:) def verify(data:, signature:, verification_key:) unless verification_key.is_a?(RbNaCl::Signatures::Ed25519::VerifyKey) - raise_decode_error!("key given is a #{verification_key.class} but has to be a RbNaCl::Signatures::Ed25519::VerifyKey") + raise_verify_error!("key given is a #{verification_key.class} but has to be a RbNaCl::Signatures::Ed25519::VerifyKey") end verification_key.verify(signature, data) diff --git a/spec/jwt/jwa/eddsa_spec.rb b/spec/jwt/jwa/eddsa_spec.rb index f97aed0b..eae97509 100644 --- a/spec/jwt/jwa/eddsa_spec.rb +++ b/spec/jwt/jwa/eddsa_spec.rb @@ -13,4 +13,20 @@ expect(JWT::JWA::Eddsa.verify('RS256', key.verify_key, 'data', signature)).to be(true) end end + + context 'when when signing with invalid RbNaCl::Signatures::Ed25519::SigningKey' do + it 'raises an error' do + expect do + JWT::JWA::Eddsa.sign('RS256', 'data', 'key') + end.to raise_error(JWT::EncodeError, 'Key given is a String but has to be an RbNaCl::Signatures::Ed25519::SigningKey') + end + end + + context 'when when verifying with invalid RbNaCl::Signatures::Ed25519::VerifyKey' do + it 'raises an error' do + expect do + JWT::JWA::Eddsa.verify('RS256', 'key', 'data', 'signature') + end.to raise_error(JWT::DecodeError, 'key given is a String but has to be a RbNaCl::Signatures::Ed25519::VerifyKey') + end + end end