Sha256: fc75a6d86043549829449a0ecefdfeaf3fde8a345b7020300177233ad31968af
Contents?: true
Size: 1.22 KB
Versions: 1
Compression:
Stored size: 1.22 KB
Contents
# frozen_string_literal: true
module JWT
module KMS
# Represent a AWS HMAC key
# https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
class HmacKey
include JWT::JWA::SigningAlgorithm
MAPPINGS = {
"HMAC_256" => { alg: "HS256", mac_algorithm: "HMAC_SHA_256" },
"HMAC_384" => { alg: "HS384", mac_algorithm: "HMAC_SHA_384" },
"HMAC_512" => { alg: "HS512", mac_algorithm: "HMAC_SHA_512" }
}.freeze
def initialize(key_id:, key_spec: nil)
@key_id = key_id
@key_spec = key_spec
end
def alg
MAPPINGS.dig(key_spec, :alg)
end
def sign(data:, **)
KMS.client.generate_mac(key_id: key_id, mac_algorithm: mac_algorithm, message: data).mac
end
def verify(data:, signature:, **)
KMS.client.verify_mac(key_id: key_id, mac_algorithm: mac_algorithm, message: data, mac: signature).mac_valid
end
private
attr_reader :key_id
def key_spec
@key_spec ||= description.key_spec
end
def mac_algorithm
MAPPINGS.dig(key_spec, :mac_algorithm)
end
def description
@description ||= KMS.client.describe_key(key_id: key_id)
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| jwt-kms-0.2.0 | lib/jwt/kms/hmac_key.rb |