Module: JWT::Algos::Hmac

Defined in:

lib/jwt/algos/hmac.rb

Defined Under Namespace

Modules: SecurityUtils

Constant Summary

MAPPING =

{
  'HS256' => OpenSSL::Digest::SHA256,
  'HS384' => OpenSSL::Digest::SHA384,
  'HS512' => OpenSSL::Digest::SHA512
}.freeze

SUPPORTED =

MAPPING.keys

Class Method Summary

• .sign(algorithm, msg, key) ⇒ Object
• .verify(algorithm, key, signing_input, signature) ⇒ Object

Class Method Details

.sign(algorithm, msg, key) ⇒ Object

# File 'lib/jwt/algos/hmac.rb', line 16

def sign(algorithm, msg, key)
  key ||= ''

  raise JWT::DecodeError, 'HMAC key expected to be a String' unless key.is_a?(String)

  OpenSSL::HMAC.digest(MAPPING[algorithm].new, key, msg)
rescue OpenSSL::HMACError => e
  if key == '' && e.message == 'EVP_PKEY_new_mac_key: malloc failure'
    raise JWT::DecodeError, 'OpenSSL 3.0 does not support nil or empty hmac_secret'
  end

  raise e
end

.verify(algorithm, key, signing_input, signature) ⇒ Object

# File 'lib/jwt/algos/hmac.rb', line 30

def verify(algorithm, key, signing_input, signature)
  SecurityUtils.secure_compare(signature, sign(algorithm, signing_input, key))
end