class Sandal::Sig::RS
Base implementation of the RSA-SHA family of signature algorithms.
Attributes
The JWA name of the algorithm.
Public Class Methods
Creates a new instance; it’s probably easier to use one of the subclass constructors.
@oaram name [String] The JWA name of the algorithm. @param sha_size [Integer] The size of the SHA algorithm. @param key [OpenSSL::PKey::RSA] The key to use for signing (private) or validation (public). This must be at
least 2048 bits to be compliant with the JWA specification.
# File lib/sandal/sig/rs.rb, line 19 def initialize(name, sha_size, key) @name = name @digest = OpenSSL::Digest.new("sha#{sha_size}") @key = key end
Public Instance Methods
Signs a payload and returns the signature.
@param payload [String] The payload of the token to sign. @return [String] The signature.
# File lib/sandal/sig/rs.rb, line 29 def sign(payload) @key.sign(@digest, payload) end
Validates a payload signature and returns whether the signature matches.
@param signature [String] The signature to validate. @param payload [String] The payload of the token. @return [Boolean] true if the signature is correct; otherwise false.
# File lib/sandal/sig/rs.rb, line 38 def valid?(signature, payload) @key.verify(@digest, signature, payload) rescue OpenSSL::PKey::PKeyError # happens in jruby if the signature is invalid false end
Private Instance Methods
Makes an RSA key.
@param key [OpenSSL::PKey::RSA or String] The key. @return [OpenSSL::PKey::RSA] The key.
# File lib/sandal/sig/rs.rb, line 50 def make_key(key) key.is_a?(String) ? OpenSSL::PKey::RSA.new(key) : key end