module JWT::Signature

Signature logic for JWT

Constants

ToSign
ToVerify

Public Instance Methods

sign(algorithm, msg, key) click to toggle source
# File lib/jwt/signature.rb, line 20
def sign(algorithm, msg, key)
  algo, code = Algos.find(algorithm)
  algo.sign ToSign.new(code, msg, key)
end
verify(algorithm, key, signing_input, signature) click to toggle source
# File lib/jwt/signature.rb, line 25
def verify(algorithm, key, signing_input, signature)
  return true if algorithm.casecmp('none').zero?

  raise JWT::DecodeError, 'No verification key available' unless key

  algo, code = Algos.find(algorithm)
  verified = algo.verify(ToVerify.new(code, key, signing_input, signature))
  raise(JWT::VerificationError, 'Signature verification raised') unless verified
rescue OpenSSL::PKey::PKeyError
  raise JWT::VerificationError, 'Signature verification raised'
ensure
  OpenSSL.errors.clear
end