Module: JWT::Algos::HmacRbNaCl
- Defined in:
- lib/jwt/algos/hmac_rbnacl.rb
Constant Summary collapse
- MAPPING =
{ 'HS256' => ::RbNaCl::HMAC::SHA256, 'HS512256' => ::RbNaCl::HMAC::SHA512256, 'HS384' => nil, 'HS512' => ::RbNaCl::HMAC::SHA512 }.freeze
- SUPPORTED =
MAPPING.keys
Class Method Summary collapse
- .key_for_rbnacl(hmac, key) ⇒ Object
- .padded_empty_key(length) ⇒ Object
- .resolve_algorithm(algorithm) ⇒ Object
- .sign(algorithm, msg, key) ⇒ Object
- .verify(algorithm, key, signing_input, signature) ⇒ Object
Class Method Details
.key_for_rbnacl(hmac, key) ⇒ Object
35 36 37 38 39 40 41 42 |
# File 'lib/jwt/algos/hmac_rbnacl.rb', line 35 def key_for_rbnacl(hmac, key) key ||= '' raise JWT::DecodeError, 'HMAC key expected to be a String' unless key.is_a?(String) return padded_empty_key(hmac.key_bytes) if key == '' key end |
.padded_empty_key(length) ⇒ Object
48 49 50 |
# File 'lib/jwt/algos/hmac_rbnacl.rb', line 48 def padded_empty_key(length) Array.new(length, 0x0).pack('C*').encode('binary') end |
.resolve_algorithm(algorithm) ⇒ Object
44 45 46 |
# File 'lib/jwt/algos/hmac_rbnacl.rb', line 44 def resolve_algorithm(algorithm) MAPPING.fetch(algorithm) end |
.sign(algorithm, msg, key) ⇒ Object
17 18 19 20 21 22 23 |
# File 'lib/jwt/algos/hmac_rbnacl.rb', line 17 def sign(algorithm, msg, key) if (hmac = resolve_algorithm(algorithm)) hmac.auth(key_for_rbnacl(hmac, key).encode('binary'), msg.encode('binary')) else Hmac.sign(algorithm, msg, key) end end |
.verify(algorithm, key, signing_input, signature) ⇒ Object
25 26 27 28 29 30 31 32 33 |
# File 'lib/jwt/algos/hmac_rbnacl.rb', line 25 def verify(algorithm, key, signing_input, signature) if (hmac = resolve_algorithm(algorithm)) hmac.verify(key_for_rbnacl(hmac, key).encode('binary'), signature.encode('binary'), signing_input.encode('binary')) else Hmac.verify(algorithm, key, signing_input, signature) end rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError false end |