summaryrefslogtreecommitdiffstats
path: root/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php')
-rw-r--r--vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php49
1 files changed, 49 insertions, 0 deletions
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php b/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php
new file mode 100644
index 0000000..e676bed
--- /dev/null
+++ b/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php
@@ -0,0 +1,49 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+
+abstract class HMAC implements SignatureAlgorithm
+{
+ public function allowedKeyTypes(): array
+ {
+ return ['oct'];
+ }
+
+ public function verify(JWK $key, string $input, string $signature): bool
+ {
+ return \hash_equals($this->sign($key, $input), $signature);
+ }
+
+ public function sign(JWK $key, string $input): string
+ {
+ $this->checkKey($key);
+
+ return \hash_hmac($this->getHashAlgorithm(), $input, Base64Url::decode($key->get('k')), true);
+ }
+
+ protected function checkKey(JWK $key)
+ {
+ if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ if (!$key->has('k')) {
+ throw new \InvalidArgumentException('The key parameter "k" is missing.');
+ }
+ }
+
+ abstract protected function getHashAlgorithm(): string;
+}