Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ public Map<String, BiFunction<EvaluationContext, RegoValue[], RegoValue>> builti
Map.entry("io.jwt.verify_es256", instance::verifyES256),
Map.entry("io.jwt.verify_es384", instance::verifyES384),
Map.entry("io.jwt.verify_es512", instance::verifyES512),
Map.entry("io.jwt.verify_eddsa", instance::verifyEdDSA),
Map.entry("io.jwt.encode_sign", instance::encodeSign),
Map.entry("io.jwt.encode_sign_raw", instance::encodeSignRaw));
}
Expand Down Expand Up @@ -849,6 +850,31 @@ public RegoBoolean verifyES512(EvaluationContext ctx, RegoValue[] args) {
return _verifyECDSA(jwt.getValue(), cert.getValue(), ctx.isStrictBuiltinErrors(), "ES512");
}

@OpaBuiltin(
name = "io.jwt.verify_eddsa",
description = "Verifies if a EdDSA JWT signature is valid.",
args = {
@OpaType(
type = "string",
name = "jwt",
description = "JWT token whose signature is to be verified"),
@OpaType(
type = "string",
name = "certificate",
description =
"PEM encoded certificate, PEM encoded public key, or the JWK key (set) used to verify the signature")
},
result =
@OpaType(
type = "boolean",
name = "result",
description = "`true` if the signature is valid, `false` otherwise"))
public RegoBoolean verifyEdDSA(EvaluationContext ctx, RegoValue[] args) {
RegoString jwt = getArg(args, 0, RegoString.class);
RegoString cert = getArg(args, 1, RegoString.class);
return _verifyEdDSA(jwt.getValue(), cert.getValue(), ctx.isStrictBuiltinErrors());
}

@OpaBuiltin(
name = "io.jwt.verify_rs256",
description = "Verifies if a RS256 JWT signature is valid.",
Expand Down