Class: JWT::JWA::Hmac
- Inherits:
-
Object
- Object
- JWT::JWA::Hmac
- Includes:
- SigningAlgorithm
- Defined in:
- lib/jwt/jwa/hmac.rb
Defined Under Namespace
Modules: SecurityUtils
Instance Attribute Summary
Attributes included from SigningAlgorithm
Instance Method Summary collapse
-
#initialize(alg, digest) ⇒ Hmac
constructor
A new instance of Hmac.
- #sign(data:, signing_key:) ⇒ Object
- #verify(data:, signature:, verification_key:) ⇒ Object
Methods included from SigningAlgorithm
#header, included, #raise_sign_error!, #raise_verify_error!, #valid_alg?
Constructor Details
#initialize(alg, digest) ⇒ Hmac
Returns a new instance of Hmac.
8 9 10 11 |
# File 'lib/jwt/jwa/hmac.rb', line 8 def initialize(alg, digest) @alg = alg @digest = digest end |
Instance Method Details
#sign(data:, signing_key:) ⇒ Object
13 14 15 16 17 18 19 20 21 22 23 24 |
# File 'lib/jwt/jwa/hmac.rb', line 13 def sign(data:, signing_key:) signing_key ||= '' raise_verify_error!('HMAC key expected to be a String') unless signing_key.is_a?(String) OpenSSL::HMAC.digest(digest.new, signing_key, data) rescue OpenSSL::HMACError => e if signing_key == '' && e. == 'EVP_PKEY_new_mac_key: malloc failure' raise_verify_error!('OpenSSL 3.0 does not support nil or empty hmac_secret') end raise e end |
#verify(data:, signature:, verification_key:) ⇒ Object
26 27 28 |
# File 'lib/jwt/jwa/hmac.rb', line 26 def verify(data:, signature:, verification_key:) SecurityUtils.secure_compare(signature, sign(data: data, signing_key: verification_key)) end |