Module: JWT::Algos::HmacRbNaClFixed
- Defined in:
- lib/jwt/jwa/hmac_rbnacl_fixed.rb
Constant Summary collapse
- MAPPING =
{ 'HS512256' => ::RbNaCl::HMAC::SHA512256 }.freeze
- SUPPORTED =
MAPPING.keys
Class Method Summary collapse
- .padded_key_bytes(key, bytesize) ⇒ Object
- .resolve_algorithm(algorithm) ⇒ Object
- .sign(algorithm, msg, key) ⇒ Object
- .verify(algorithm, key, signing_input, signature) ⇒ Object
Class Method Details
.padded_key_bytes(key, bytesize) ⇒ Object
40 41 42 |
# File 'lib/jwt/jwa/hmac_rbnacl_fixed.rb', line 40 def padded_key_bytes(key, bytesize) key.bytes.fill(0, key.bytesize...bytesize).pack('C*') end |
.resolve_algorithm(algorithm) ⇒ Object
36 37 38 |
# File 'lib/jwt/jwa/hmac_rbnacl_fixed.rb', line 36 def resolve_algorithm(algorithm) MAPPING.fetch(algorithm) end |
.sign(algorithm, msg, key) ⇒ Object
10 11 12 13 14 15 16 17 18 19 20 |
# File 'lib/jwt/jwa/hmac_rbnacl_fixed.rb', line 10 def sign(algorithm, msg, key) key ||= '' Deprecations.warning("The use of the algorithm #{algorithm} is deprecated and will be removed in the next major version of ruby-jwt") raise JWT::DecodeError, 'HMAC key expected to be a String' unless key.is_a?(String) if (hmac = resolve_algorithm(algorithm)) && key.bytesize <= hmac.key_bytes hmac.auth(padded_key_bytes(key, hmac.key_bytes), msg.encode('binary')) else Hmac.sign(algorithm, msg, key) end end |
.verify(algorithm, key, signing_input, signature) ⇒ Object
22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'lib/jwt/jwa/hmac_rbnacl_fixed.rb', line 22 def verify(algorithm, key, signing_input, signature) key ||= '' Deprecations.warning("The use of the algorithm #{algorithm} is deprecated and will be removed in the next major version of ruby-jwt") raise JWT::DecodeError, 'HMAC key expected to be a String' unless key.is_a?(String) if (hmac = resolve_algorithm(algorithm)) && key.bytesize <= hmac.key_bytes hmac.verify(padded_key_bytes(key, hmac.key_bytes), signature.encode('binary'), signing_input.encode('binary')) else Hmac.verify(algorithm, key, signing_input, signature) end rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError false end |