class Sandal::Sig::HS

Base implementation of the HMAC-SHA family of signature algorithms.

Attributes

name[R]

The JWA name of the algorithm.

Public Class Methods

new(name, sha_size, key) click to toggle source

Creates a new instance; it’s probably easier to use one of the subclass constructors.

@oaram name [String] The JWA name of the algorithm. @param sha_size [Integer] The size of the SHA algorithm. @param key [String] The key to use for signing or validation.

# File lib/sandal/sig/hs.rb, line 18
def initialize(name, sha_size, key)
  @name = name
  @digest = OpenSSL::Digest.new("sha#{sha_size}")
  @key = key
end

Public Instance Methods

sign(payload) click to toggle source

Signs a payload and returns the signature.

@param payload [String] The payload of the token to sign. @return [String] The signature.

# File lib/sandal/sig/hs.rb, line 28
def sign(payload)
  OpenSSL::HMAC.digest(@digest, @key, payload)
end
valid?(signature, payload) click to toggle source

Validates a payload signature and returns whether the signature matches.

@param signature [String] The signature to validate. @param payload [String] The payload of the token. @return [Boolean] true if the signature is correct; otherwise false.

# File lib/sandal/sig/hs.rb, line 37
def valid?(signature, payload)
  Sandal::Util.jwt_strings_equal?(sign(payload), signature)
end