cose 0.11.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rspec +1 -1
- data/.rubocop.yml +3 -4
- data/CHANGELOG.md +9 -0
- data/README.md +1 -1
- data/cose.gemspec +2 -2
- data/lib/cose/algorithm/ecdsa.rb +6 -0
- data/lib/cose/algorithm/rsa_pss.rb +4 -0
- data/lib/cose/algorithm/signature_algorithm.rb +17 -1
- data/lib/cose/key/curve_key.rb +1 -1
- data/lib/cose/key/ec2.rb +1 -1
- data/lib/cose/key/rsa.rb +1 -1
- data/lib/cose/key/symmetric.rb +1 -1
- data/lib/cose/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f3fdc6957e5130367c9a1e8ab223b5c145d6caca1c04b01552410ef6d14bc740
|
|
4
|
+
data.tar.gz: 6849a1803ff3bb2e92bdf90b4226c8d023b07012b7cb18a915b9f816aed2e1dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cc1093c925a437283fb6b7658bacd6bcd2f8427962dd4f1a5ac9a9a81341a5beaa8f1d21ce40b74372dd86fddf5df1f7702a6790f79d166fd1a5ea8ca359d66a
|
|
7
|
+
data.tar.gz: 6d11eb89cfc72edaaa9d3533c87f39d509efcff65d7c10070321c39144f91b3ef421bf8dd32b250d621f31fde8a766c98e2c516d8091af802749c707a25ee9d0
|
data/.rspec
CHANGED
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [v1.0.0] - 2020-03-29
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- Signature verification validates key `alg` is compatible with the signature algorithm
|
|
8
|
+
|
|
9
|
+
NOTE: No breaking changes. Moving out of v0.x` to express the intention to keep the public API stable.
|
|
10
|
+
|
|
3
11
|
## [v0.11.0] - 2020-01-30
|
|
4
12
|
|
|
5
13
|
### Added
|
|
@@ -115,6 +123,7 @@
|
|
|
115
123
|
- EC2 key object
|
|
116
124
|
- Works with ruby 2.5
|
|
117
125
|
|
|
126
|
+
[v1.0.0]: https://github.com/cedarcode/cose-ruby/compare/v0.11.0...v1.0.0/
|
|
118
127
|
[v0.11.0]: https://github.com/cedarcode/cose-ruby/compare/v0.10.0...v0.11.0/
|
|
119
128
|
[v0.10.0]: https://github.com/cedarcode/cose-ruby/compare/v0.9.0...v0.10.0/
|
|
120
129
|
[v0.9.0]: https://github.com/cedarcode/cose-ruby/compare/v0.8.0...v0.9.0/
|
data/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Ruby implementation of RFC [8152](https://tools.ietf.org/html/rfc8152) CBOR Object Signing and Encryption (COSE)
|
|
4
4
|
|
|
5
|
-
[](https://rubygems.org/gems/cose)
|
|
5
|
+
[](https://rubygems.org/gems/cose)
|
|
6
6
|
[](https://travis-ci.org/cedarcode/cose-ruby)
|
|
7
7
|
|
|
8
8
|
## Installation
|
data/cose.gemspec
CHANGED
|
@@ -32,13 +32,13 @@ Gem::Specification.new do |spec|
|
|
|
32
32
|
spec.required_ruby_version = ">= 2.4"
|
|
33
33
|
|
|
34
34
|
spec.add_dependency "cbor", "~> 0.5.9"
|
|
35
|
-
spec.add_dependency "openssl-signature_algorithm", "~> 0.
|
|
35
|
+
spec.add_dependency "openssl-signature_algorithm", "~> 0.4.0"
|
|
36
36
|
|
|
37
37
|
spec.add_development_dependency "appraisal", "~> 2.2.0"
|
|
38
38
|
spec.add_development_dependency "bundler", ">= 1.17", "< 3"
|
|
39
39
|
spec.add_development_dependency "byebug", "~> 11.0"
|
|
40
40
|
spec.add_development_dependency "rake", "~> 13.0"
|
|
41
41
|
spec.add_development_dependency "rspec", "~> 3.8"
|
|
42
|
-
spec.add_development_dependency "rubocop", "0.
|
|
42
|
+
spec.add_development_dependency "rubocop", "0.80.1"
|
|
43
43
|
spec.add_development_dependency "rubocop-performance", "~> 1.4"
|
|
44
44
|
end
|
data/lib/cose/algorithm/ecdsa.rb
CHANGED
|
@@ -7,11 +7,12 @@ module COSE
|
|
|
7
7
|
module Algorithm
|
|
8
8
|
class SignatureAlgorithm < Base
|
|
9
9
|
def verify(key, signature, verification_data)
|
|
10
|
+
compatible_key?(key) || raise(COSE::Error, "Incompatible key for signature verification")
|
|
10
11
|
valid_signature?(key, signature, verification_data) || raise(COSE::Error, "Signature verification failed")
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
def compatible_key?(key)
|
|
14
|
-
to_pkey(key)
|
|
15
|
+
valid_key?(key) && to_pkey(key)
|
|
15
16
|
rescue COSE::Error
|
|
16
17
|
false
|
|
17
18
|
end
|
|
@@ -29,10 +30,25 @@ module COSE
|
|
|
29
30
|
end
|
|
30
31
|
end
|
|
31
32
|
|
|
33
|
+
def to_cose_key(key)
|
|
34
|
+
case key
|
|
35
|
+
when COSE::Key::Base
|
|
36
|
+
key
|
|
37
|
+
when OpenSSL::PKey::PKey
|
|
38
|
+
COSE::Key.from_pkey(key)
|
|
39
|
+
else
|
|
40
|
+
raise(COSE::Error, "Don't know how to transform #{key.class} to COSE::Key")
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
32
44
|
def signature_algorithm_class
|
|
33
45
|
raise NotImplementedError
|
|
34
46
|
end
|
|
35
47
|
|
|
48
|
+
def valid_key?(_key)
|
|
49
|
+
raise NotImplementedError
|
|
50
|
+
end
|
|
51
|
+
|
|
36
52
|
def to_pkey(_key)
|
|
37
53
|
raise NotImplementedError
|
|
38
54
|
end
|
data/lib/cose/key/curve_key.rb
CHANGED
|
@@ -20,7 +20,7 @@ module COSE
|
|
|
20
20
|
}
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
def initialize(crv:, x: nil, d: nil, **keyword_arguments) # rubocop:disable Naming/
|
|
23
|
+
def initialize(crv:, x: nil, d: nil, **keyword_arguments) # rubocop:disable Naming/MethodParameterName
|
|
24
24
|
super(**keyword_arguments)
|
|
25
25
|
|
|
26
26
|
if !crv
|
data/lib/cose/key/ec2.rb
CHANGED
|
@@ -48,7 +48,7 @@ module COSE
|
|
|
48
48
|
|
|
49
49
|
attr_reader :y
|
|
50
50
|
|
|
51
|
-
def initialize(y: nil, **keyword_arguments) # rubocop:disable Naming/
|
|
51
|
+
def initialize(y: nil, **keyword_arguments) # rubocop:disable Naming/MethodParameterName
|
|
52
52
|
if (!y || !keyword_arguments[:x]) && !keyword_arguments[:d]
|
|
53
53
|
raise ArgumentError, "Both x and y are required if d is missing"
|
|
54
54
|
else
|
data/lib/cose/key/rsa.rb
CHANGED
|
@@ -47,7 +47,7 @@ module COSE
|
|
|
47
47
|
|
|
48
48
|
attr_reader :n, :e, :d, :p, :q, :dp, :dq, :qinv
|
|
49
49
|
|
|
50
|
-
def initialize(n:, e:, d: nil, p: nil, q: nil, dp: nil, dq: nil, qinv: nil, **keyword_arguments) # rubocop:disable Naming/
|
|
50
|
+
def initialize(n:, e:, d: nil, p: nil, q: nil, dp: nil, dq: nil, qinv: nil, **keyword_arguments) # rubocop:disable Naming/MethodParameterName
|
|
51
51
|
super(**keyword_arguments)
|
|
52
52
|
|
|
53
53
|
if !n
|
data/lib/cose/key/symmetric.rb
CHANGED
data/lib/cose/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gonzalo Rodriguez
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: exe
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-
|
|
12
|
+
date: 2020-03-29 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: cbor
|
|
@@ -31,14 +31,14 @@ dependencies:
|
|
|
31
31
|
requirements:
|
|
32
32
|
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
|
-
version: 0.
|
|
34
|
+
version: 0.4.0
|
|
35
35
|
type: :runtime
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
39
|
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
|
-
version: 0.
|
|
41
|
+
version: 0.4.0
|
|
42
42
|
- !ruby/object:Gem::Dependency
|
|
43
43
|
name: appraisal
|
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -121,14 +121,14 @@ dependencies:
|
|
|
121
121
|
requirements:
|
|
122
122
|
- - '='
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: 0.80.1
|
|
125
125
|
type: :development
|
|
126
126
|
prerelease: false
|
|
127
127
|
version_requirements: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - '='
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 0.
|
|
131
|
+
version: 0.80.1
|
|
132
132
|
- !ruby/object:Gem::Dependency
|
|
133
133
|
name: rubocop-performance
|
|
134
134
|
requirement: !ruby/object:Gem::Requirement
|