Class: Sandal::Sig::RS

Inherits:
Object
  • Object
show all
Defined in:
lib/sandal/sig/rs.rb

Overview

Base implementation of the RSA-SHA family of signature algorithms.

Direct Known Subclasses

RS256, RS384, RS512

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(name, sha_size, key) ⇒ RS

Creates a new instance; it’s probably easier to use one of the subclass constructors.

Parameters:

  • sha_size (Integer)

    The size of the SHA algorithm.

  • key (OpenSSL::PKey::RSA)

    The key to use for signing (private) or validation (public). This must be at least 2048 bits to be compliant with the JWA specification.



19
20
21
22
23
 
# File 'lib/sandal/sig/rs.rb', line 19

def initialize(name, sha_size, key)
  @name = name
  @digest = OpenSSL::Digest.new("sha#{sha_size}")
  @key = key
end

Instance Attribute Details

#nameObject (readonly)

The JWA name of the algorithm.



10
11
12
 
# File 'lib/sandal/sig/rs.rb', line 10

def name
  @name
end

Instance Method Details

#sign(payload) ⇒ String

Signs a payload and returns the signature.

Parameters:

  • payload (String)

    The payload of the token to sign.

Returns:

  • (String)

    The signature.



29
30
31
 
# File 'lib/sandal/sig/rs.rb', line 29

def sign(payload)
  @key.sign(@digest, payload)
end

#valid?(signature, payload) ⇒ Boolean

Validates a payload signature and returns whether the signature matches.

Parameters:

  • signature (String)

    The signature to validate.

  • payload (String)

    The payload of the token.

Returns:

  • (Boolean)

    true if the signature is correct; otherwise false.



38
39
40
41
42
 
# File 'lib/sandal/sig/rs.rb', line 38

def valid?(signature, payload)
  @key.verify(@digest, signature, payload)
rescue OpenSSL::PKey::PKeyError # happens in jruby if the signature is invalid
  false
end