Class: Sandal::Sig::HS

Inherits:

Object

• Object
• Sandal::Sig::HS

Defined in:

lib/sandal/sig/hs.rb

Overview

Base implementation of the HMAC-SHA family of signature algorithms.

Direct Known Subclasses

HS256, HS384, HS512

Instance Attribute Summary

• #name ⇒ Object readonly

  The JWA name of the algorithm.

Instance Method Summary

• #initialize(name, sha_size, key) ⇒ HS constructor

  Creates a new instance; it’s probably easier to use one of the subclass constructors.

• #sign(payload) ⇒ String

  Signs a payload and returns the signature.

• #valid?(signature, payload) ⇒ Boolean

  Validates a payload signature and returns whether the signature matches.

Constructor Details

#initialize(name, sha_size, key) ⇒ HS

Creates a new instance; it’s probably easier to use one of the subclass constructors.

Parameters:

• sha_size (Integer) —

  The size of the SHA algorithm.

• key (String) —

  The key to use for signing or validation.

# File 'lib/sandal/sig/hs.rb', line 18

def initialize(name, sha_size, key)
  @name = name
  @digest = OpenSSL::Digest.new("sha#{sha_size}")
  @key = key
end

Instance Attribute Details

#name ⇒ Object (readonly)

The JWA name of the algorithm.

# File 'lib/sandal/sig/hs.rb', line 10

def name
  @name
end

Instance Method Details

#sign(payload) ⇒ String

Signs a payload and returns the signature.

Parameters:

• payload (String) —

  The payload of the token to sign.

Returns:

• (String) —

  The signature.

# File 'lib/sandal/sig/hs.rb', line 28

def sign(payload)
  OpenSSL::HMAC.digest(@digest, @key, payload)
end

#valid?(signature, payload) ⇒ Boolean

Validates a payload signature and returns whether the signature matches.

Parameters:

• signature (String) —

  The signature to validate.

• payload (String) —

  The payload of the token.

Returns:

• (Boolean) —

  true if the signature is correct; otherwise false.

# File 'lib/sandal/sig/hs.rb', line 37

def valid?(signature, payload)
  Sandal::Util.jwt_strings_equal?(sign(payload), signature)
end