Class: JWT::JWK::HMAC

Inherits:

KeyBase

• Object
• KeyBase
• JWT::JWK::HMAC

Defined in:

lib/jwt/jwk/hmac.rb

Overview

JWK for HMAC keys

Constant Summary

KTY =

'oct'

KTYS =

[KTY, String, JWT::JWK::HMAC].freeze

HMAC_PUBLIC_KEY_ELEMENTS =

%i[kty].freeze

HMAC_PRIVATE_KEY_ELEMENTS =

%i[k].freeze

HMAC_KEY_ELEMENTS =

(HMAC_PRIVATE_KEY_ELEMENTS + HMAC_PUBLIC_KEY_ELEMENTS).freeze

Class Method Summary

• .import(jwk_data) ⇒ Object

Instance Method Summary

• #[]=(key, value) ⇒ Object
• #export(options = {}) ⇒ Object

  See tools.ietf.org/html/rfc7517#appendix-A.3.

• #initialize(key, params = nil, options = {}) ⇒ HMAC constructor

  A new instance of HMAC.

• #key_digest ⇒ Object
• #keypair ⇒ Object
• #members ⇒ Object
• #private? ⇒ Boolean
• #public_key ⇒ Object
• #signing_key ⇒ Object
• #verify_key ⇒ Object

Methods inherited from KeyBase

#<=>, #==, #[], #hash, #kid

Constructor Details

#initialize(key, params = nil, options = {}) ⇒ HMAC

Returns a new instance of HMAC.

# File 'lib/jwt/jwk/hmac.rb', line 13

def initialize(key, params = nil, options = {})
  params ||= {}

  # For backwards compatibility when kid was a String
  params = { kid: params } if params.is_a?(String)

  key_params = extract_key_params(key)

  params = params.transform_keys(&:to_sym)
  check_jwk(key_params, params)

  super(options, key_params.merge(params))
end

Class Method Details

.import(jwk_data) ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 96

def import(jwk_data)
  new(jwk_data)
end

Instance Method Details

#[]=(key, value) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/jwt/jwk/hmac.rb', line 64

def []=(key, value)
  raise ArgumentError, 'cannot overwrite cryptographic key attributes' if HMAC_KEY_ELEMENTS.include?(key.to_sym)

  super(key, value)
end

#export(options = {}) ⇒ Object

See tools.ietf.org/html/rfc7517#appendix-A.3

# File 'lib/jwt/jwk/hmac.rb', line 48

def export(options = {})
  exported = parameters.clone
  exported.reject! { |k, _| HMAC_PRIVATE_KEY_ELEMENTS.include? k } unless private? && options[:include_private] == true
  exported
end

#key_digest ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 58

def key_digest
  sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::UTF8String.new(signing_key),
                                      OpenSSL::ASN1::UTF8String.new(KTY)])
  OpenSSL::Digest::SHA256.hexdigest(sequence.to_der)
end

#keypair ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 27

def keypair
  secret
end

#members ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 54

def members
  HMAC_KEY_ELEMENTS.each_with_object({}) { |i, h| h[i] = self[i] }
end

#private? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/jwt/jwk/hmac.rb', line 31

def private?
  true
end

#public_key ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 35

def public_key
  nil
end

#signing_key ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 43

def signing_key
  secret
end

#verify_key ⇒ Object

# File 'lib/jwt/jwk/hmac.rb', line 39

def verify_key
  secret
end