x25 · paweldomas · Jul 29, 2016 · Aug 2, 2016
diff --git a/luajwt.lua b/luajwt.lua
@@ -6,12 +6,28 @@ local alg_sign = {
 	['HS256'] = function(data, key) return crypto.hmac.digest('sha256', data, key, true) end,
 	['HS384'] = function(data, key) return crypto.hmac.digest('sha384', data, key, true) end,
 	['HS512'] = function(data, key) return crypto.hmac.digest('sha512', data, key, true) end,
+	['RS256'] = function(data, key)
+		local privkey = crypto.pkey.from_pem(key, true)
+		if privkey == nil then
+			return nil, "Not a private PEM key"
+		else
+			return crypto.sign("sha256", data, privkey)
+		end
+	end
 }
 
 local alg_verify = {
 	['HS256'] = function(data, signature, key) return signature == alg_sign['HS256'](data, key) end,
 	['HS384'] = function(data, signature, key) return signature == alg_sign['HS384'](data, key) end,
 	['HS512'] = function(data, signature, key) return signature == alg_sign['HS512'](data, key) end,
+	['RS256'] = function(data, signature, key)
+		local pubkey = crypto.pkey.from_pem(key)
+		if pubkey == nil then
+			return nil, "Not a public PEM key"
+		else
+			return crypto.verify("sha256", data, signature, pubkey)
+		end
+	end
 }
 
 local function b64_encode(input)	
@@ -77,8 +93,10 @@ function M.encode(data, key, alg)
 	}
 
 	local signing_input = table.concat(segments, ".")
-
-	local signature = alg_sign[alg](signing_input, key)
+	local signature, error = alg_sign[alg](signing_input, key)
+	if signature == nil then
+		return nil, error
+	end
 
 	segments[#segments+1] = b64_encode(signature)
 
@@ -131,7 +149,11 @@ function M.decode(data, key, verify)
 			return nil, "Algorithm not supported"
 		end
 
-		if not alg_verify[header.alg](headerb64 .. "." .. bodyb64, sig, key) then
+		local verify_result, error
+			= alg_verify[header.alg](headerb64 .. "." .. bodyb64, sig, key);
+		if verify_result == nil then
+			return nil, error
+		elseif verify_result == false then
 			return nil, "Invalid signature"
 		end