Module: Autonoma::Hmac
- Defined in:
- lib/autonoma/hmac.rb
Class Method Summary collapse
-
.sign_body(body, secret) ⇒ Object
Sign a body string with a secret using HMAC-SHA256.
-
.verify_signature(body, signature, secret) ⇒ Object
Verify a signature using constant-time comparison.
Class Method Details
.sign_body(body, secret) ⇒ Object
Sign a body string with a secret using HMAC-SHA256. Returns 64-char lowercase hex.
20 21 22 |
# File 'lib/autonoma/hmac.rb', line 20 def self.sign_body(body, secret) OpenSSL::HMAC.hexdigest("SHA256", secret, body) end |
.verify_signature(body, signature, secret) ⇒ Object
Verify a signature using constant-time comparison.
25 26 27 28 29 30 31 32 |
# File 'lib/autonoma/hmac.rb', line 25 def self.verify_signature(body, signature, secret) expected = sign_body(body, secret) return false unless expected.length == signature.length Autonoma.secure_compare(expected, signature) rescue StandardError false end |