Module: JWT::Algos::HmacRbNaClFixed

Defined in:

lib/jwt/algos/hmac_rbnacl_fixed.rb

Constant Summary

MAPPING =

{
  'HS256' => ::RbNaCl::HMAC::SHA256,
  'HS512256' => ::RbNaCl::HMAC::SHA512256,
  'HS384' => nil,
  'HS512' => ::RbNaCl::HMAC::SHA512
}.freeze

SUPPORTED =

MAPPING.keys

Class Method Summary

• .padded_key_bytes(key, bytesize) ⇒ Object
• .resolve_algorithm(algorithm) ⇒ Object
• .sign(algorithm, msg, key) ⇒ Object
• .verify(algorithm, key, signing_input, signature) ⇒ Object

Class Method Details

.padded_key_bytes(key, bytesize) ⇒ Object

# File 'lib/jwt/algos/hmac_rbnacl_fixed.rb', line 47

def padded_key_bytes(key, bytesize)
  key.bytes.fill(0, key.bytesize...bytesize).pack('C*')
end

.resolve_algorithm(algorithm) ⇒ Object

# File 'lib/jwt/algos/hmac_rbnacl_fixed.rb', line 43

def resolve_algorithm(algorithm)
  MAPPING.fetch(algorithm)
end

.sign(algorithm, msg, key) ⇒ Object

Raises:

• (JWT::DecodeError)

# File 'lib/jwt/algos/hmac_rbnacl_fixed.rb', line 17

def sign(algorithm, msg, key)
  key ||= ''

  raise JWT::DecodeError, 'HMAC key expected to be a String' unless key.is_a?(String)

  if (hmac = resolve_algorithm(algorithm)) && key.bytesize <= hmac.key_bytes
    hmac.auth(padded_key_bytes(key, hmac.key_bytes), msg.encode('binary'))
  else
    Hmac.sign(algorithm, msg, key)
  end
end

.verify(algorithm, key, signing_input, signature) ⇒ Object

# File 'lib/jwt/algos/hmac_rbnacl_fixed.rb', line 29

def verify(algorithm, key, signing_input, signature)
  key ||= ''

  raise JWT::DecodeError, 'HMAC key expected to be a String' unless key.is_a?(String)

  if (hmac = resolve_algorithm(algorithm)) && key.bytesize <= hmac.key_bytes
    hmac.verify(padded_key_bytes(key, hmac.key_bytes), signature.encode('binary'), signing_input.encode('binary'))
  else
    Hmac.verify(algorithm, key, signing_input, signature)
  end
rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError
  false
end