81
81
if ["HS256", "HS384", "HS512"].include?(algo)
82
raise JWT::DecodeError.new("Signature verification failed") unless signature == sign_hmac(algo, signing_input, key)
82
raise JWT::DecodeError.new("Signature verification failed") unless secure_compare(signature, sign_hmac(algo, signing_input, key))
83
83
elsif ["RS256", "RS384", "RS512"].include?(algo)
84
84
raise JWT::DecodeError.new("Signature verification failed") unless verify_rsa(algo, key, signing_input, signature)