diff options
Diffstat (limited to 'vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php')
-rw-r--r-- | vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php b/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php new file mode 100644 index 0000000..e676bed --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php @@ -0,0 +1,49 @@ +<?php + +declare(strict_types=1); + +/* + * The MIT License (MIT) + * + * Copyright (c) 2014-2018 Spomky-Labs + * + * This software may be modified and distributed under the terms + * of the MIT license. See the LICENSE file for details. + */ + +namespace Jose\Component\Signature\Algorithm; + +use Base64Url\Base64Url; +use Jose\Component\Core\JWK; + +abstract class HMAC implements SignatureAlgorithm +{ + public function allowedKeyTypes(): array + { + return ['oct']; + } + + public function verify(JWK $key, string $input, string $signature): bool + { + return \hash_equals($this->sign($key, $input), $signature); + } + + public function sign(JWK $key, string $input): string + { + $this->checkKey($key); + + return \hash_hmac($this->getHashAlgorithm(), $input, Base64Url::decode($key->get('k')), true); + } + + protected function checkKey(JWK $key) + { + if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { + throw new \InvalidArgumentException('Wrong key type.'); + } + if (!$key->has('k')) { + throw new \InvalidArgumentException('The key parameter "k" is missing.'); + } + } + + abstract protected function getHashAlgorithm(): string; +} |