class Sandal::Sig::RS

Base implementation of the RSA-SHA family of signature algorithms.

Attributes

name[R]

The JWA name of the algorithm.

Public Class Methods

new(name, sha_size, key) click to toggle source

Creates a new instance; it’s probably easier to use one of the subclass constructors.

@oaram name [String] The JWA name of the algorithm. @param sha_size [Integer] The size of the SHA algorithm. @param key [OpenSSL::PKey::RSA] The key to use for signing (private) or validation (public). This must be at

least 2048 bits to be compliant with the JWA specification.
# File lib/sandal/sig/rs.rb, line 19
def initialize(name, sha_size, key)
  @name = name
  @digest = OpenSSL::Digest.new("sha#{sha_size}")
  @key = key
end

Public Instance Methods

sign(payload) click to toggle source

Signs a payload and returns the signature.

@param payload [String] The payload of the token to sign. @return [String] The signature.

# File lib/sandal/sig/rs.rb, line 29
def sign(payload)
  @key.sign(@digest, payload)
end
valid?(signature, payload) click to toggle source

Validates a payload signature and returns whether the signature matches.

@param signature [String] The signature to validate. @param payload [String] The payload of the token. @return [Boolean] true if the signature is correct; otherwise false.

# File lib/sandal/sig/rs.rb, line 38
def valid?(signature, payload)
  @key.verify(@digest, signature, payload)
rescue OpenSSL::PKey::PKeyError # happens in jruby if the signature is invalid
  false
end

Private Instance Methods

make_key(key) click to toggle source

Makes an RSA key.

@param key [OpenSSL::PKey::RSA or String] The key. @return [OpenSSL::PKey::RSA] The key.

# File lib/sandal/sig/rs.rb, line 50
def make_key(key)
  key.is_a?(String) ? OpenSSL::PKey::RSA.new(key) : key
end