cose 0.11.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -1
- data/.rubocop.yml +3 -4
- data/CHANGELOG.md +9 -0
- data/README.md +1 -1
- data/cose.gemspec +2 -2
- data/lib/cose/algorithm/ecdsa.rb +6 -0
- data/lib/cose/algorithm/rsa_pss.rb +4 -0
- data/lib/cose/algorithm/signature_algorithm.rb +17 -1
- data/lib/cose/key/curve_key.rb +1 -1
- data/lib/cose/key/ec2.rb +1 -1
- data/lib/cose/key/rsa.rb +1 -1
- data/lib/cose/key/symmetric.rb +1 -1
- data/lib/cose/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f3fdc6957e5130367c9a1e8ab223b5c145d6caca1c04b01552410ef6d14bc740
|
|
4
|
+
data.tar.gz: 6849a1803ff3bb2e92bdf90b4226c8d023b07012b7cb18a915b9f816aed2e1dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cc1093c925a437283fb6b7658bacd6bcd2f8427962dd4f1a5ac9a9a81341a5beaa8f1d21ce40b74372dd86fddf5df1f7702a6790f79d166fd1a5ea8ca359d66a
|
|
7
|
+
data.tar.gz: 6d11eb89cfc72edaaa9d3533c87f39d509efcff65d7c10070321c39144f91b3ef421bf8dd32b250d621f31fde8a766c98e2c516d8091af802749c707a25ee9d0
|
data/.rspec
CHANGED
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [v1.0.0] - 2020-03-29
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- Signature verification validates key `alg` is compatible with the signature algorithm
|
|
8
|
+
|
|
9
|
+
NOTE: No breaking changes. Moving out of v0.x` to express the intention to keep the public API stable.
|
|
10
|
+
|
|
3
11
|
## [v0.11.0] - 2020-01-30
|
|
4
12
|
|
|
5
13
|
### Added
|
|
@@ -115,6 +123,7 @@
|
|
|
115
123
|
- EC2 key object
|
|
116
124
|
- Works with ruby 2.5
|
|
117
125
|
|
|
126
|
+
[v1.0.0]: https://github.com/cedarcode/cose-ruby/compare/v0.11.0...v1.0.0/
|
|
118
127
|
[v0.11.0]: https://github.com/cedarcode/cose-ruby/compare/v0.10.0...v0.11.0/
|
|
119
128
|
[v0.10.0]: https://github.com/cedarcode/cose-ruby/compare/v0.9.0...v0.10.0/
|
|
120
129
|
[v0.9.0]: https://github.com/cedarcode/cose-ruby/compare/v0.8.0...v0.9.0/
|
data/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Ruby implementation of RFC [8152](https://tools.ietf.org/html/rfc8152) CBOR Object Signing and Encryption (COSE)
|
|
4
4
|
|
|
5
|
-
[](https://rubygems.org/gems/cose)
|
|
5
|
+
[](https://rubygems.org/gems/cose)
|
|
6
6
|
[](https://travis-ci.org/cedarcode/cose-ruby)
|
|
7
7
|
|
|
8
8
|
## Installation
|
data/cose.gemspec
CHANGED
|
@@ -32,13 +32,13 @@ Gem::Specification.new do |spec|
|
|
|
32
32
|
spec.required_ruby_version = ">= 2.4"
|
|
33
33
|
|
|
34
34
|
spec.add_dependency "cbor", "~> 0.5.9"
|
|
35
|
-
spec.add_dependency "openssl-signature_algorithm", "~> 0.
|
|
35
|
+
spec.add_dependency "openssl-signature_algorithm", "~> 0.4.0"
|
|
36
36
|
|
|
37
37
|
spec.add_development_dependency "appraisal", "~> 2.2.0"
|
|
38
38
|
spec.add_development_dependency "bundler", ">= 1.17", "< 3"
|
|
39
39
|
spec.add_development_dependency "byebug", "~> 11.0"
|
|
40
40
|
spec.add_development_dependency "rake", "~> 13.0"
|
|
41
41
|
spec.add_development_dependency "rspec", "~> 3.8"
|
|
42
|
-
spec.add_development_dependency "rubocop", "0.
|
|
42
|
+
spec.add_development_dependency "rubocop", "0.80.1"
|
|
43
43
|
spec.add_development_dependency "rubocop-performance", "~> 1.4"
|
|
44
44
|
end
|
data/lib/cose/algorithm/ecdsa.rb
CHANGED
|
@@ -7,11 +7,12 @@ module COSE
|
|
|
7
7
|
module Algorithm
|
|
8
8
|
class SignatureAlgorithm < Base
|
|
9
9
|
def verify(key, signature, verification_data)
|
|
10
|
+
compatible_key?(key) || raise(COSE::Error, "Incompatible key for signature verification")
|
|
10
11
|
valid_signature?(key, signature, verification_data) || raise(COSE::Error, "Signature verification failed")
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
def compatible_key?(key)
|
|
14
|
-
to_pkey(key)
|
|
15
|
+
valid_key?(key) && to_pkey(key)
|
|
15
16
|
rescue COSE::Error
|
|
16
17
|
false
|
|
17
18
|
end
|
|
@@ -29,10 +30,25 @@ module COSE
|
|
|
29
30
|
end
|
|
30
31
|
end
|
|
31
32
|
|
|
33
|
+
def to_cose_key(key)
|
|
34
|
+
case key
|
|
35
|
+
when COSE::Key::Base
|
|
36
|
+
key
|
|
37
|
+
when OpenSSL::PKey::PKey
|
|
38
|
+
COSE::Key.from_pkey(key)
|
|
39
|
+
else
|
|
40
|
+
raise(COSE::Error, "Don't know how to transform #{key.class} to COSE::Key")
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
32
44
|
def signature_algorithm_class
|
|
33
45
|
raise NotImplementedError
|
|
34
46
|
end
|
|
35
47
|
|
|
48
|
+
def valid_key?(_key)
|
|
49
|
+
raise NotImplementedError
|
|
50
|
+
end
|
|
51
|
+
|
|
36
52
|
def to_pkey(_key)
|
|
37
53
|
raise NotImplementedError
|
|
38
54
|
end
|
data/lib/cose/key/curve_key.rb
CHANGED
|
@@ -20,7 +20,7 @@ module COSE
|
|
|
20
20
|
}
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
def initialize(crv:, x: nil, d: nil, **keyword_arguments) # rubocop:disable Naming/
|
|
23
|
+
def initialize(crv:, x: nil, d: nil, **keyword_arguments) # rubocop:disable Naming/MethodParameterName
|
|
24
24
|
super(**keyword_arguments)
|
|
25
25
|
|
|
26
26
|
if !crv
|
data/lib/cose/key/ec2.rb
CHANGED
|
@@ -48,7 +48,7 @@ module COSE
|
|
|
48
48
|
|
|
49
49
|
attr_reader :y
|
|
50
50
|
|
|
51
|
-
def initialize(y: nil, **keyword_arguments) # rubocop:disable Naming/
|
|
51
|
+
def initialize(y: nil, **keyword_arguments) # rubocop:disable Naming/MethodParameterName
|
|
52
52
|
if (!y || !keyword_arguments[:x]) && !keyword_arguments[:d]
|
|
53
53
|
raise ArgumentError, "Both x and y are required if d is missing"
|
|
54
54
|
else
|
data/lib/cose/key/rsa.rb
CHANGED
|
@@ -47,7 +47,7 @@ module COSE
|
|
|
47
47
|
|
|
48
48
|
attr_reader :n, :e, :d, :p, :q, :dp, :dq, :qinv
|
|
49
49
|
|
|
50
|
-
def initialize(n:, e:, d: nil, p: nil, q: nil, dp: nil, dq: nil, qinv: nil, **keyword_arguments) # rubocop:disable Naming/
|
|
50
|
+
def initialize(n:, e:, d: nil, p: nil, q: nil, dp: nil, dq: nil, qinv: nil, **keyword_arguments) # rubocop:disable Naming/MethodParameterName
|
|
51
51
|
super(**keyword_arguments)
|
|
52
52
|
|
|
53
53
|
if !n
|
data/lib/cose/key/symmetric.rb
CHANGED
data/lib/cose/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gonzalo Rodriguez
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: exe
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-
|
|
12
|
+
date: 2020-03-29 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: cbor
|
|
@@ -31,14 +31,14 @@ dependencies:
|
|
|
31
31
|
requirements:
|
|
32
32
|
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
|
-
version: 0.
|
|
34
|
+
version: 0.4.0
|
|
35
35
|
type: :runtime
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
39
|
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
|
-
version: 0.
|
|
41
|
+
version: 0.4.0
|
|
42
42
|
- !ruby/object:Gem::Dependency
|
|
43
43
|
name: appraisal
|
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -121,14 +121,14 @@ dependencies:
|
|
|
121
121
|
requirements:
|
|
122
122
|
- - '='
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: 0.80.1
|
|
125
125
|
type: :development
|
|
126
126
|
prerelease: false
|
|
127
127
|
version_requirements: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - '='
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 0.
|
|
131
|
+
version: 0.80.1
|
|
132
132
|
- !ruby/object:Gem::Dependency
|
|
133
133
|
name: rubocop-performance
|
|
134
134
|
requirement: !ruby/object:Gem::Requirement
|