RubyGems - cose - Versions diffs - 0.4.1 → 0.5.0 - Mend

cose 0.4.1 → 0.5.0

Files changed (14) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 421ef632c61005a43efc9b8c9fff3560d7b22386bd3ab8ff0a556ac57a338eba
-  data.tar.gz: '0912bd03e39ca678d6a46b6d1f7b046593a656b754235dd584b59242c9fe34d2'
+  metadata.gz: eb978af65e0e7ba43a06e776b45792856bec76e58a7ce6d1d3d88619c6fca09e
+  data.tar.gz: c8cdf73b87523e266c36076c542cf91bb5e252bda826523308b4adc355ce1c6d
 SHA512:
-  metadata.gz: aaae536b461341f4b79960a66c261709510887ab8690083473b41ca45ec8952c19e1d298fc716abbbf8973790ca82d78ee967673a58332ea2998fbcfe771819f
-  data.tar.gz: 026774ddd5ea2fa6f23a6d7866e22f87a880aa802af380733b8bfdf62efbb0a808a4c07d287935b31fcda31544e6855a7686f6aee1b4640180cf0591abd780bd
+  metadata.gz: bc8f10f840915de994963318cf3fb5f138eb836bd391280029cceb7b5b4c9a95577dd281be1d67f1dc36def4a5a809af6e4ff665dc26e0cf30990219248cf043
+  data.tar.gz: 87ec47c8278246a0fdbec217a1d13b6588aed62400bfd49010d4573dab75b70a436867fe8d4fb895b784bbe29783c28e2910f576f213aeda8d830662f1067f7f

data/.gitignore CHANGED Viewed

@@ -11,5 +11,6 @@
 .rspec_status
 /Gemfile.lock
+/gemfiles/*.gemfile.lock
 .byebug_history

data/.travis.yml CHANGED Viewed

@@ -1,10 +1,16 @@
 sudo: false
 language: ruby
 rvm:
   - ruby-head
-  - 2.6.1
-  - 2.5.3
+  - 2.6.2
+  - 2.5.4
   - 2.4.5
+gemfile:
+  - gemfiles/openssl_2_0.gemfile
+  - gemfiles/openssl_2_1.gemfile
 before_install: gem install bundler -v 2.0.1
 matrix:

data/Appraisals ADDED Viewed

@@ -0,0 +1,7 @@
+appraise "openssl_2_0" do
+  gem "openssl", "~> 2.0.0"
+end
+appraise "openssl_2_1" do
+  gem "openssl", "~> 2.1.0"
+end

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,14 @@
 # Changelog
+## [v0.5.0] - 2019-03-25
+### Added
+- `COSE::Key.serialize(openssl_pkey)` serializes an `OpenSSL::PKey::PKey` object into CBOR data. Supports RSA keys plus
+ EC keys from curves prime256v1, secp384r1 and secp521r1.
+- `COSE::Key::EC2#to_pkey` converts to an `OpenSSL::PKey::EC` object
+- `COSE::Key::RSA#to_pkey` converts to an `OpenSSL::PKey::RSA` object
 ## [v0.4.1] - 2019-03-12
 ### Fixed
@@ -45,6 +54,7 @@
 - EC2 key object
 - Works with ruby 2.5
+[v0.5.0]: https://github.com/cedarcode/cose-ruby/compare/v0.4.1...v0.5.0/
 [v0.4.1]: https://github.com/cedarcode/cose-ruby/compare/v0.4.0...v0.4.1/
 [v0.4.0]: https://github.com/cedarcode/cose-ruby/compare/v0.3.0...v0.4.0/
 [v0.3.0]: https://github.com/cedarcode/cose-ruby/compare/v0.2.0...v0.3.0/

data/README.md CHANGED Viewed

@@ -25,12 +25,23 @@ Or install it yourself as:
 ### Key Objects
+#### Deserialization (from CBOR to Ruby objects)
 ```ruby
 cbor_data = "..."
-key = COSE::Key.deserialize(cbor_data)
+cose_key = COSE::Key.deserialize(cbor_data)
+```
+Once you have a `COSE::Key` instance you can either access key parameters directly and/or convert it to an
+`OpenSSL::PKey::PKey` instance for operating with it (encrypting/decrypting, signing/verifying, etc).
+```ruby
+# Convert to an OpenSSL::PKey::PKey
+openssl_pkey = cose_key.to_pkey
-case key.class
+# Access COSE key parameters
+case key
 when COSE::Key::EC2
   key.curve
   key.x_coordinate
@@ -39,43 +50,73 @@ when COSE::Key::EC2
 when COSE::Key::RSA
   key.modulus_n
   key.public_exponent_e
+  key.private_exponent_d
+  key.prime_factor_p
+  key.prime_factor_q
+  key.d_p
+  key.d_q
+  key.q_inv
 when COSE::Key::Symmetric
   key.key_value
 end
 ```
-#### EC2
+If you already know which COSE key type is encoded in the CBOR data, then:
 ```ruby
-cbor_data = "..."
+ec2_key_cbor = "..."
+cose_ec2_key = COSE::Key::EC2.deserialize(ec2_key_cbor)
+cose_ec2_key.curve
+cose_ec2_key.x_coordinate
+cose_ec2_key.y_coordinate
+cose_ec2_key.d_coordinate
-key = COSE::Key::EC2.deserialize(cbor_data)
+# or
-key.curve
-key.x_coordinate
-key.y_coordinate
-key.d_coordinate
+ec_pkey = cose_ec2_key.to_pkey # Instance of an OpenSSL::PKey::EC
 ```
-#### Symmetric
+```ruby
+symmetric_key_cbor = "..."
+cose_symmetric_key = COSE::Key::Symmetric.deserialize(symmetric_key_cbor)
+cose_symmetric_key.key_value
+```
 ```ruby
-cbor_data = "..."
+rsa_key_cbor = "..."
+cose_rsa_key = COSE::Key::RSA.deserialize(rsa_key_cbor)
+cose_rsa_key.modulus_n
+cose_rsa_key.public_exponent_e
+cose_rsa_key.private_exponent_d
+cose_rsa_key.prime_factor_p
+cose_rsa_key.prime_factor_q
+cose_rsa_key.d_p
+cose_rsa_key.d_q
+cose_rsa_key.q_inv
-key = COSE::Key::Symmetric.deserialize(cbor_data)
+# or
-key.key_value
+rsa_pkey = cose_rsa_key.to_pkey # Instance of an OpenSSL::PKey::RSA
 ```
-#### RSA
+#### Serialization (from Ruby objects to CBOR)
 ```ruby
-cbor_data = "..."
+ec_pkey = OpenSSL::PKey::EC.new("prime256v1").generate_key
+cose_ec2_key_cbor = COSE::Key.serialize(ec_pkey)
+```
-key = COSE::Key::RSA.deserialize(cbor_data)
+```ruby
+rsa_pkey = OpenSSL::PKey::RSA.new(2048)
-key.modulus_n
-key.public_exponent_e
+cose_rsa_key_cbor = COSE::Key.serialize(rsa_pkey)
 ```
 ### Signing Objects

data/cose.gemspec CHANGED Viewed

@@ -33,6 +33,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "cbor", "~> 0.5.9.2"
+  spec.add_development_dependency "appraisal", "~> 2.2.0"
   spec.add_development_dependency "bundler", ">= 1.17", "< 3"
   spec.add_development_dependency "byebug", "~> 11.0"
   spec.add_development_dependency "rake", "~> 12.3"

data/gemfiles/openssl_2_0.gemfile ADDED Viewed

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "openssl", "~> 2.0.0"
+gemspec path: "../"

data/gemfiles/openssl_2_1.gemfile ADDED Viewed

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "openssl", "~> 2.1.0"
+gemspec path: "../"

data/lib/cose/key.rb CHANGED Viewed

@@ -2,11 +2,23 @@ require "cbor"
 require "cose/key/ec2"
 require "cose/key/rsa"
 require "cose/key/symmetric"
+require "openssl"
 module COSE
   class UnknownKeyType < StandardError; end
   module Key
+    def self.serialize(pkey)
+      case pkey
+      when OpenSSL::PKey::EC, OpenSSL::PKey::EC::Point
+        COSE::Key::EC2.from_pkey(pkey).serialize
+      when OpenSSL::PKey::RSA
+        COSE::Key::RSA.from_pkey(pkey).serialize
+      else
+        raise "Unsupported serialization of #{pkey.class} object"
+      end
+    end
     def self.deserialize(data)
       map = CBOR.decode(data)

data/lib/cose/key/ec2.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 require "cose/key/base"
+require "openssl"
 module COSE
   module Key
@@ -13,6 +14,44 @@ module COSE
       Y_LABEL = -3
       KTY_EC2 = 2
+      CRV_P256 = 1
+      CRV_P384 = 2
+      CRV_P521 = 3
+      PKEY_CURVES = {
+        CRV_P256 => "prime256v1",
+        CRV_P384 => "secp384r1",
+        CRV_P521 => "secp521r1"
+      }.freeze
+      def self.from_pkey(pkey)
+        curve = PKEY_CURVES.key(pkey.group.curve_name) || raise("Unsupported EC curve #{pkey.group.curve_name}")
+        case pkey
+        when OpenSSL::PKey::EC::Point
+          public_key = pkey
+        when OpenSSL::PKey::EC
+          public_key = pkey.public_key
+          private_key = pkey.private_key
+        else
+          raise "Unsupported"
+        end
+        if public_key
+          bytes = public_key.to_bn.to_s(2)[1..-1]
+          coordinate_length = bytes.size / 2
+          x_coordinate = bytes[0..(coordinate_length - 1)]
+          y_coordinate = bytes[coordinate_length..-1]
+        end
+        if private_key
+          d_coordinate = private_key.to_s(2)
+        end
+        new(curve: curve, x_coordinate: x_coordinate, y_coordinate: y_coordinate, d_coordinate: d_coordinate)
+      end
       attr_reader :algorithm, :curve, :d_coordinate, :x_coordinate, :y_coordinate
@@ -32,6 +71,34 @@ module COSE
         end
       end
+      def serialize
+        CBOR.encode(
+          Base::LABEL_KTY => KTY_EC2,
+          CRV_LABEL => curve,
+          X_LABEL => x_coordinate,
+          Y_LABEL => y_coordinate,
+          D_LABEL => d_coordinate
+        )
+      end
+      def to_pkey
+        if PKEY_CURVES[curve]
+          group = OpenSSL::PKey::EC::Group.new(PKEY_CURVES[curve])
+          pkey = OpenSSL::PKey::EC.new(group)
+          public_key_bn = OpenSSL::BN.new("\x04" + x_coordinate + y_coordinate, 2)
+          public_key_point = OpenSSL::PKey::EC::Point.new(group, public_key_bn)
+          pkey.public_key = public_key_point
+          if d_coordinate
+            pkey.private_key = OpenSSL::BN.new(d_coordinate, 2)
+          end
+          pkey
+        else
+          raise "Unsupported curve #{curve}"
+        end
+      end
       def self.from_map(map)
         enforce_type(map, KTY_EC2, "Not an EC2 key")

data/lib/cose/key/rsa.rb CHANGED Viewed

@@ -1,18 +1,65 @@
 # frozen_string_literal: true
 require "cose/key/base"
+require "openssl"
 module COSE
   module Key
     class RSA < Base
       LABEL_N = -1
       LABEL_E = -2
+      LABEL_D = -3
+      LABEL_P = -4
+      LABEL_Q = -5
+      LABEL_D_P = -6
+      LABEL_D_Q = -7
+      LABEL_Q_INV = -8
       KTY_RSA = 3
-      attr_reader :modulus_n, :public_exponent_e
+      def self.from_pkey(pkey)
+        params = pkey.params
-      def initialize(modulus_n:, public_exponent_e:)
+        attributes = {
+          modulus_n: params["n"].to_s(2),
+          public_exponent_e: params["e"].to_s(2)
+        }
+        if pkey.private?
+          attributes.merge!(
+            private_exponent_d: params["d"].to_s(2),
+            prime_factor_p: params["p"].to_s(2),
+            prime_factor_q: params["q"].to_s(2),
+            d_p: params["dmp1"].to_s(2),
+            d_q: params["dmq1"].to_s(2),
+            q_inv: params["iqmp"].to_s(2)
+          )
+        end
+        new(attributes)
+      end
+      attr_reader(
+        :modulus_n,
+        :public_exponent_e,
+        :private_exponent_d,
+        :prime_factor_p,
+        :prime_factor_q,
+        :d_p,
+        :d_q,
+        :q_inv
+      )
+      def initialize(
+        modulus_n:,
+        public_exponent_e:,
+        private_exponent_d: nil,
+        prime_factor_p: nil,
+        prime_factor_q: nil,
+        d_p: nil,
+        d_q: nil,
+        q_inv: nil
+      )
         if !modulus_n
           raise ArgumentError, "Required modulus_n is missing"
         elsif !public_exponent_e
@@ -20,14 +67,50 @@ module COSE
         else
           @modulus_n = modulus_n
           @public_exponent_e = public_exponent_e
+          @private_exponent_d = private_exponent_d
+          @prime_factor_p = prime_factor_p
+          @prime_factor_q = prime_factor_q
+          @d_p = d_p
+          @d_q = d_q
+          @q_inv = q_inv
         end
       end
+      def serialize
+        CBOR.encode(
+          Base::LABEL_KTY => KTY_RSA,
+          LABEL_N => modulus_n,
+          LABEL_E => public_exponent_e,
+          LABEL_D => private_exponent_d,
+          LABEL_P => prime_factor_p,
+          LABEL_Q => prime_factor_q,
+          LABEL_D_P => d_p,
+          LABEL_D_Q => d_q,
+          LABEL_Q_INV => q_inv
+        )
+      end
+      def to_pkey
+        pkey = OpenSSL::PKey::RSA.new
+        pkey.set_key(bn(modulus_n), bn(public_exponent_e), bn(private_exponent_d))
+        pkey.set_factors(bn(prime_factor_p), bn(prime_factor_q))
+        pkey.set_crt_params(bn(d_p), bn(d_q), bn(q_inv))
+        pkey
+      end
       def self.from_map(map)
         enforce_type(map, KTY_RSA, "Not an RSA key")
         new(modulus_n: map[LABEL_N], public_exponent_e: map[LABEL_E])
       end
+      private
+      def bn(data)
+        OpenSSL::BN.new(data, 2)
+      end
     end
   end
 end

data/lib/cose/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module COSE
-  VERSION = "0.4.1"
+  VERSION = "0.5.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cose
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Gonzalo Rodriguez
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-13 00:00:00.000000000 Z
+date: 2019-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cbor
@@ -25,6 +25,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.5.9.2
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -113,6 +127,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
+- Appraisals
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
@@ -121,6 +136,8 @@ files:
 - bin/console
 - bin/setup
 - cose.gemspec
+- gemfiles/openssl_2_0.gemfile
+- gemfiles/openssl_2_1.gemfile
 - lib/cose.rb
 - lib/cose/encrypt.rb
 - lib/cose/encrypt0.rb