Class: JWT::JWA::Hmac

Inherits:
Object
  • Object
show all
Includes:
SigningAlgorithm
Defined in:
lib/jwt/jwa/hmac.rb

Defined Under Namespace

Modules: SecurityUtils

Instance Attribute Summary

Attributes included from SigningAlgorithm

#alg

Instance Method Summary collapse

Methods included from SigningAlgorithm

#header, included, #raise_sign_error!, #raise_verify_error!, #valid_alg?

Constructor Details

#initialize(alg, digest) ⇒ Hmac

Returns a new instance of Hmac.



8
9
10
11
# File 'lib/jwt/jwa/hmac.rb', line 8

def initialize(alg, digest)
  @alg = alg
  @digest = digest
end

Instance Method Details

#sign(data:, signing_key:) ⇒ Object



13
14
15
16
17
18
19
20
21
22
23
24
# File 'lib/jwt/jwa/hmac.rb', line 13

def sign(data:, signing_key:)
  signing_key ||= ''
  raise_verify_error!('HMAC key expected to be a String') unless signing_key.is_a?(String)

  OpenSSL::HMAC.digest(digest.new, signing_key, data)
rescue OpenSSL::HMACError => e
  if signing_key == '' && e.message == 'EVP_PKEY_new_mac_key: malloc failure'
    raise_verify_error!('OpenSSL 3.0 does not support nil or empty hmac_secret')
  end

  raise e
end

#verify(data:, signature:, verification_key:) ⇒ Object



26
27
28
# File 'lib/jwt/jwa/hmac.rb', line 26

def verify(data:, signature:, verification_key:)
  SecurityUtils.secure_compare(signature, sign(data: data, signing_key: verification_key))
end