RubyGems - cose - Versions diffs - 0.4.1 → 0.5.0 - Mend

cose 0.4.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 421ef632c61005a43efc9b8c9fff3560d7b22386bd3ab8ff0a556ac57a338eba
-  data.tar.gz: '0912bd03e39ca678d6a46b6d1f7b046593a656b754235dd584b59242c9fe34d2'
+  metadata.gz: eb978af65e0e7ba43a06e776b45792856bec76e58a7ce6d1d3d88619c6fca09e
+  data.tar.gz: c8cdf73b87523e266c36076c542cf91bb5e252bda826523308b4adc355ce1c6d
 SHA512:
-  metadata.gz: aaae536b461341f4b79960a66c261709510887ab8690083473b41ca45ec8952c19e1d298fc716abbbf8973790ca82d78ee967673a58332ea2998fbcfe771819f
-  data.tar.gz: 026774ddd5ea2fa6f23a6d7866e22f87a880aa802af380733b8bfdf62efbb0a808a4c07d287935b31fcda31544e6855a7686f6aee1b4640180cf0591abd780bd
+  metadata.gz: bc8f10f840915de994963318cf3fb5f138eb836bd391280029cceb7b5b4c9a95577dd281be1d67f1dc36def4a5a809af6e4ff665dc26e0cf30990219248cf043
+  data.tar.gz: 87ec47c8278246a0fdbec217a1d13b6588aed62400bfd49010d4573dab75b70a436867fe8d4fb895b784bbe29783c28e2910f576f213aeda8d830662f1067f7f

data/.gitignore CHANGED Viewed

@@ -11,5 +11,6 @@
 .rspec_status
 /Gemfile.lock
+/gemfiles/*.gemfile.lock
 .byebug_history

data/.travis.yml CHANGED Viewed

@@ -1,10 +1,16 @@
 sudo: false
 language: ruby
 rvm:
   - ruby-head
-  - 2.6.1
-  - 2.5.3
+  - 2.6.2
+  - 2.5.4
   - 2.4.5
+gemfile:
+  - gemfiles/openssl_2_0.gemfile
+  - gemfiles/openssl_2_1.gemfile
 before_install: gem install bundler -v 2.0.1
 matrix:

data/Appraisals ADDED Viewed

@@ -0,0 +1,7 @@
+appraise "openssl_2_0" do
+  gem "openssl", "~> 2.0.0"
+end
+appraise "openssl_2_1" do
+  gem "openssl", "~> 2.1.0"
+end

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,14 @@
 # Changelog
+## [v0.5.0] - 2019-03-25
+### Added
+- `COSE::Key.serialize(openssl_pkey)` serializes an `OpenSSL::PKey::PKey` object into CBOR data. Supports RSA keys plus
+ EC keys from curves prime256v1, secp384r1 and secp521r1.
+- `COSE::Key::EC2#to_pkey` converts to an `OpenSSL::PKey::EC` object
+- `COSE::Key::RSA#to_pkey` converts to an `OpenSSL::PKey::RSA` object
 ## [v0.4.1] - 2019-03-12
 ### Fixed
@@ -45,6 +54,7 @@
 - EC2 key object
 - Works with ruby 2.5
+[v0.5.0]: https://github.com/cedarcode/cose-ruby/compare/v0.4.1...v0.5.0/
 [v0.4.1]: https://github.com/cedarcode/cose-ruby/compare/v0.4.0...v0.4.1/
 [v0.4.0]: https://github.com/cedarcode/cose-ruby/compare/v0.3.0...v0.4.0/
 [v0.3.0]: https://github.com/cedarcode/cose-ruby/compare/v0.2.0...v0.3.0/

data/README.md CHANGED Viewed

@@ -25,12 +25,23 @@ Or install it yourself as:
 ### Key Objects
+#### Deserialization (from CBOR to Ruby objects)
 ```ruby
 cbor_data = "..."
-key = COSE::Key.deserialize(cbor_data)
+cose_key = COSE::Key.deserialize(cbor_data)
+```
+Once you have a `COSE::Key` instance you can either access key parameters directly and/or convert it to an
+`OpenSSL::PKey::PKey` instance for operating with it (encrypting/decrypting, signing/verifying, etc).
+```ruby
+# Convert to an OpenSSL::PKey::PKey
+openssl_pkey = cose_key.to_pkey
-case key.class
+# Access COSE key parameters
+case key
 when COSE::Key::EC2
   key.curve
   key.x_coordinate
@@ -39,43 +50,73 @@ when COSE::Key::EC2
 when COSE::Key::RSA
   key.modulus_n
   key.public_exponent_e
+  key.private_exponent_d
+  key.prime_factor_p
+  key.prime_factor_q
+  key.d_p
+  key.d_q
+  key.q_inv
 when COSE::Key::Symmetric
   key.key_value
 end
 ```
-#### EC2
+If you already know which COSE key type is encoded in the CBOR data, then:
 ```ruby
-cbor_data = "..."
+ec2_key_cbor = "..."
+cose_ec2_key = COSE::Key::EC2.deserialize(ec2_key_cbor)
+cose_ec2_key.curve
+cose_ec2_key.x_coordinate
+cose_ec2_key.y_coordinate
+cose_ec2_key.d_coordinate
-key = COSE::Key::EC2.deserialize(cbor_data)
+# or
-key.curve
-key.x_coordinate
-key.y_coordinate
-key.d_coordinate
+ec_pkey = cose_ec2_key.to_pkey # Instance of an OpenSSL::PKey::EC
 ```
-#### Symmetric
+```ruby
+symmetric_key_cbor = "..."
+cose_symmetric_key = COSE::Key::Symmetric.deserialize(symmetric_key_cbor)
+cose_symmetric_key.key_value
+```
 ```ruby
-cbor_data = "..."
+rsa_key_cbor = "..."
+cose_rsa_key = COSE::Key::RSA.deserialize(rsa_key_cbor)
+cose_rsa_key.modulus_n
+cose_rsa_key.public_exponent_e
+cose_rsa_key.private_exponent_d
+cose_rsa_key.prime_factor_p
+cose_rsa_key.prime_factor_q
+cose_rsa_key.d_p
+cose_rsa_key.d_q
+cose_rsa_key.q_inv
-key = COSE::Key::Symmetric.deserialize(cbor_data)
+# or
-key.key_value
+rsa_pkey = cose_rsa_key.to_pkey # Instance of an OpenSSL::PKey::RSA
 ```
-#### RSA
+#### Serialization (from Ruby objects to CBOR)
 ```ruby
-cbor_data = "..."
+ec_pkey = OpenSSL::PKey::EC.new("prime256v1").generate_key
+cose_ec2_key_cbor = COSE::Key.serialize(ec_pkey)
+```
-key = COSE::Key::RSA.deserialize(cbor_data)
+```ruby
+rsa_pkey = OpenSSL::PKey::RSA.new(2048)
-key.modulus_n
-key.public_exponent_e
+cose_rsa_key_cbor = COSE::Key.serialize(rsa_pkey)
 ```
 ### Signing Objects

data/cose.gemspec CHANGED Viewed

@@ -33,6 +33,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "cbor", "~> 0.5.9.2"
+  spec.add_development_dependency "appraisal", "~> 2.2.0"
   spec.add_development_dependency "bundler", ">= 1.17", "< 3"
   spec.add_development_dependency "byebug", "~> 11.0"
   spec.add_development_dependency "rake", "~> 12.3"

data/gemfiles/openssl_2_0.gemfile ADDED Viewed

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "openssl", "~> 2.0.0"
+gemspec path: "../"

data/gemfiles/openssl_2_1.gemfile ADDED Viewed

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "openssl", "~> 2.1.0"
+gemspec path: "../"

data/lib/cose/key.rb CHANGED Viewed

@@ -2,11 +2,23 @@ require "cbor"
 require "cose/key/ec2"
 require "cose/key/rsa"
 require "cose/key/symmetric"
+require "openssl"
 module COSE
   class UnknownKeyType < StandardError; end
   module Key
+    def self.serialize(pkey)
+      case pkey
+      when OpenSSL::PKey::EC, OpenSSL::PKey::EC::Point
+        COSE::Key::EC2.from_pkey(pkey).serialize
+      when OpenSSL::PKey::RSA
+        COSE::Key::RSA.from_pkey(pkey).serialize
+      else
+        raise "Unsupported serialization of #{pkey.class} object"
+      end
+    end
     def self.deserialize(data)
       map = CBOR.decode(data)

data/lib/cose/key/ec2.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 require "cose/key/base"
+require "openssl"
 module COSE
   module Key
@@ -13,6 +14,44 @@ module COSE
       Y_LABEL = -3
       KTY_EC2 = 2
+      CRV_P256 = 1
+      CRV_P384 = 2
+      CRV_P521 = 3
+      PKEY_CURVES = {
+        CRV_P256 => "prime256v1",
+        CRV_P384 => "secp384r1",
+        CRV_P521 => "secp521r1"
+      }.freeze
+      def self.from_pkey(pkey)
+        curve = PKEY_CURVES.key(pkey.group.curve_name) || raise("Unsupported EC curve #{pkey.group.curve_name}")
+        case pkey
+        when OpenSSL::PKey::EC::Point
+          public_key = pkey
+        when OpenSSL::PKey::EC
+          public_key = pkey.public_key
+          private_key = pkey.private_key
+        else
+          raise "Unsupported"
+        end
+        if public_key
+          bytes = public_key.to_bn.to_s(2)[1..-1]
+          coordinate_length = bytes.size / 2
+          x_coordinate = bytes[0..(coordinate_length - 1)]
+          y_coordinate = bytes[coordinate_length..-1]
+        end
+        if private_key
+          d_coordinate = private_key.to_s(2)
+        end
+        new(curve: curve, x_coordinate: x_coordinate, y_coordinate: y_coordinate, d_coordinate: d_coordinate)
+      end
       attr_reader :algorithm, :curve, :d_coordinate, :x_coordinate, :y_coordinate
@@ -32,6 +71,34 @@ module COSE
         end
       end
+      def serialize
+        CBOR.encode(
+          Base::LABEL_KTY => KTY_EC2,
+          CRV_LABEL => curve,
+          X_LABEL => x_coordinate,
+          Y_LABEL => y_coordinate,
+          D_LABEL => d_coordinate
+        )
+      end
+      def to_pkey
+        if PKEY_CURVES[curve]
+          group = OpenSSL::PKey::EC::Group.new(PKEY_CURVES[curve])
+          pkey = OpenSSL::PKey::EC.new(group)
+          public_key_bn = OpenSSL::BN.new("\x04" + x_coordinate + y_coordinate, 2)
+          public_key_point = OpenSSL::PKey::EC::Point.new(group, public_key_bn)
+          pkey.public_key = public_key_point
+          if d_coordinate
+            pkey.private_key = OpenSSL::BN.new(d_coordinate, 2)
+          end
+          pkey
+        else
+          raise "Unsupported curve #{curve}"
+        end
+      end
       def self.from_map(map)
         enforce_type(map, KTY_EC2, "Not an EC2 key")

data/lib/cose/key/rsa.rb CHANGED Viewed

@@ -1,18 +1,65 @@
 # frozen_string_literal: true
 require "cose/key/base"
+require "openssl"
 module COSE
   module Key
     class RSA < Base
       LABEL_N = -1
       LABEL_E = -2
+      LABEL_D = -3
+      LABEL_P = -4
+      LABEL_Q = -5
+      LABEL_D_P = -6
+      LABEL_D_Q = -7
+      LABEL_Q_INV = -8
       KTY_RSA = 3
-      attr_reader :modulus_n, :public_exponent_e
+      def self.from_pkey(pkey)
+        params = pkey.params
-      def initialize(modulus_n:, public_exponent_e:)
+        attributes = {
+          modulus_n: params["n"].to_s(2),
+          public_exponent_e: params["e"].to_s(2)
+        }
+        if pkey.private?
+          attributes.merge!(
+            private_exponent_d: params["d"].to_s(2),
+            prime_factor_p: params["p"].to_s(2),
+            prime_factor_q: params["q"].to_s(2),
+            d_p: params["dmp1"].to_s(2),
+            d_q: params["dmq1"].to_s(2),
+            q_inv: params["iqmp"].to_s(2)
+          )
+        end
+        new(attributes)
+      end
+      attr_reader(
+        :modulus_n,
+        :public_exponent_e,
+        :private_exponent_d,
+        :prime_factor_p,
+        :prime_factor_q,
+        :d_p,
+        :d_q,
+        :q_inv
+      )
+      def initialize(
+        modulus_n:,
+        public_exponent_e:,
+        private_exponent_d: nil,
+        prime_factor_p: nil,
+        prime_factor_q: nil,
+        d_p: nil,
+        d_q: nil,
+        q_inv: nil
+      )
         if !modulus_n
           raise ArgumentError, "Required modulus_n is missing"
         elsif !public_exponent_e
@@ -20,14 +67,50 @@ module COSE
         else
           @modulus_n = modulus_n
           @public_exponent_e = public_exponent_e
+          @private_exponent_d = private_exponent_d
+          @prime_factor_p = prime_factor_p
+          @prime_factor_q = prime_factor_q
+          @d_p = d_p
+          @d_q = d_q
+          @q_inv = q_inv
         end
       end
+      def serialize
+        CBOR.encode(
+          Base::LABEL_KTY => KTY_RSA,
+          LABEL_N => modulus_n,
+          LABEL_E => public_exponent_e,
+          LABEL_D => private_exponent_d,
+          LABEL_P => prime_factor_p,
+          LABEL_Q => prime_factor_q,
+          LABEL_D_P => d_p,
+          LABEL_D_Q => d_q,
+          LABEL_Q_INV => q_inv
+        )
+      end
+      def to_pkey
+        pkey = OpenSSL::PKey::RSA.new
+        pkey.set_key(bn(modulus_n), bn(public_exponent_e), bn(private_exponent_d))
+        pkey.set_factors(bn(prime_factor_p), bn(prime_factor_q))
+        pkey.set_crt_params(bn(d_p), bn(d_q), bn(q_inv))
+        pkey
+      end
       def self.from_map(map)
         enforce_type(map, KTY_RSA, "Not an RSA key")
         new(modulus_n: map[LABEL_N], public_exponent_e: map[LABEL_E])
       end
+      private
+      def bn(data)
+        OpenSSL::BN.new(data, 2)
+      end
     end
   end
 end

data/lib/cose/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module COSE
-  VERSION = "0.4.1"
+  VERSION = "0.5.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cose
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Gonzalo Rodriguez
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-13 00:00:00.000000000 Z
+date: 2019-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cbor
@@ -25,6 +25,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.5.9.2
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -113,6 +127,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
+- Appraisals
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
@@ -121,6 +136,8 @@ files:
 - bin/console
 - bin/setup
 - cose.gemspec
+- gemfiles/openssl_2_0.gemfile
+- gemfiles/openssl_2_1.gemfile
 - lib/cose.rb
 - lib/cose/encrypt.rb
 - lib/cose/encrypt0.rb