jose 0.1.0

data/lib/jose/jwk/kty_oct.rb

@@ -0,0 +1,104 @@
+class JOSE::JWK::KTY_oct < Struct.new(:oct)
+
+  # JOSE::JWK callbacks
+
+  def self.from_map(fields)
+    if fields['kty'] == 'oct' and fields['k'].is_a?(String)
+      return JOSE::JWK::KTY_oct.new(JOSE.urlsafe_decode64(fields['k'])), fields.except('kty', 'k')
+    else
+      raise ArgumentError, "invalid 'oct' JWK"
+    end
+  end
+
+  def to_key
+    return oct
+  end
+
+  def to_map(fields)
+    return fields.put('k', JOSE.urlsafe_encode64(oct)).put('kty', 'oct')
+  end
+
+  def to_public_map(fields)
+    return to_map(fields)
+  end
+
+  def to_thumbprint_map(fields)
+    return to_public_map(fields).slice('k', 'kty')
+  end
+
+  # JOSE::JWK::KTY callbacks
+
+  def block_encryptor(fields, plain_text)
+    enc = case (oct.bytesize * 8)
+    when 128
+      'A128GCM'
+    when 192
+      'A192GCM'
+    when 256
+      'A256GCM'
+    when 384
+      'A192CBC-HS384'
+    when 512
+      'A256CBC-HS512'
+    else
+      raise ArgumentError, "oct of size #{oct.bytesize * 8} has no default block encryptor"
+    end
+    return JOSE::Map[
+      'alg' => 'dir',
+      'enc' => enc
+    ]
+  end
+
+  def derive_key
+    return oct
+  end
+
+  def self.generate_key(size)
+    if size.is_a?(Array) and size.length == 2 and size[0] == :oct
+      size = size[1]
+    end
+    case size
+    when Integer
+      return from_oct(SecureRandom.random_bytes(size))
+    else
+      raise ArgumentError, "'size' must be an Integer"
+    end
+  end
+
+  def generate_key(fields)
+    kty, other_fields = JOSE::JWK::KTY_oct.generate_key(oct.bytesize)
+    return kty, fields.delete('kid').merge(other_fields)
+  end
+
+  def key_encryptor(fields, key)
+    return JOSE::JWK::KTY.key_encryptor(self, fields, key)
+  end
+
+  def sign(message, digest_type)
+    return OpenSSL::HMAC.digest(digest_type.new, oct, message)
+  end
+
+  def signer(fields = nil, plain_text = nil)
+    return JOSE::Map['alg' => 'HS256']
+  end
+
+  def verify(message, digest_type, signature)
+    return JOSE::JWA.constant_time_compare(signature, sign(message, digest_type))
+  end
+
+  # API functions
+
+  def self.from_oct(binary)
+    case binary
+    when String
+      return JOSE::JWK::KTY_oct.new(binary), JOSE::Map[]
+    else
+      raise ArgumentError, "'binary' must be a String"
+    end
+  end
+
+  def to_oct
+    return oct
+  end
+
+end

data/lib/jose/jwk/kty_rsa.rb

@@ -0,0 +1,185 @@
+class JOSE::JWK::KTY_RSA < Struct.new(:key)
+
+  # JOSE::JWK callbacks
+
+  def self.from_map(fields)
+    if fields['kty'] == 'RSA' and fields['e'].is_a?(String) and fields['n'].is_a?(String)
+      if fields['oth'].is_a?(Array)
+        raise ArgumentError, "multi-prime RSA keys are not supported"
+      elsif fields['d'].is_a?(String)
+        if fields['dp'].is_a?(String) and fields['dq'].is_a?(String) and fields['p'].is_a?(String) and fields['q'].is_a?(String) and fields['qi'].is_a?(String)
+          rsa      = OpenSSL::PKey::RSA.new
+          rsa.d    = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2)
+          rsa.dmp1 = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['dp']), 2)
+          rsa.dmq1 = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['dq']), 2)
+          rsa.e    = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2)
+          rsa.n    = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2)
+          rsa.p    = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['p']), 2)
+          rsa.q    = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['q']), 2)
+          rsa.iqmp = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['qi']), 2)
+          return JOSE::JWK::KTY_RSA.new(rsa), fields.except('kty', 'd', 'dp', 'dq', 'e', 'n', 'p', 'q', 'qi')
+        else
+          raise ArgumentError, "invalid 'RSA' JWK"
+        end
+      else
+        rsa   = OpenSSL::PKey::RSA.new
+        rsa.e = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2)
+        rsa.n = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2)
+        return JOSE::JWK::KTY_RSA.new(rsa), fields.except('kty', 'e', 'n')
+      end
+    else
+      raise ArgumentError, "invalid 'RSA' JWK"
+    end
+  end
+
+  def to_key
+    return key
+  end
+
+  def to_map(fields)
+    if key.private?
+      return fields.
+        put('d',   JOSE.urlsafe_encode64(key.d.to_s(2))).
+        put('dp',  JOSE.urlsafe_encode64(key.dmp1.to_s(2))).
+        put('dq',  JOSE.urlsafe_encode64(key.dmq1.to_s(2))).
+        put('e',   JOSE.urlsafe_encode64(key.e.to_s(2))).
+        put('kty', 'RSA').
+        put('n',   JOSE.urlsafe_encode64(key.n.to_s(2))).
+        put('p',   JOSE.urlsafe_encode64(key.p.to_s(2))).
+        put('q',   JOSE.urlsafe_encode64(key.q.to_s(2))).
+        put('qi',  JOSE.urlsafe_encode64(key.iqmp.to_s(2))).
+        put('q',   JOSE.urlsafe_encode64(key.q.to_s(2)))
+    else
+      return fields.
+        put('e',   JOSE.urlsafe_encode64(key.e.to_s(2))).
+        put('kty', 'RSA').
+        put('n',   JOSE.urlsafe_encode64(key.n.to_s(2)))
+    end
+  end
+
+  def to_public_map(fields)
+    return to_map(fields).except('d', 'dp', 'dq', 'p', 'q', 'qi', 'oth')
+  end
+
+  def to_thumbprint_map(fields)
+    return to_public_map(fields).slice('e', 'kty', 'n')
+  end
+
+  # JOSE::JWK::KTY callbacks
+
+  def block_encryptor(fields, plain_text)
+    return JOSE::Map[
+      'alg' => 'RSA-OAEP',
+      'enc' => 'A128GCM'
+    ]
+  end
+
+  def decrypt_private(cipher_text, rsa_padding: :rsa_pkcs1_padding, rsa_oaep_md: nil)
+    case rsa_padding
+    when :rsa_pkcs1_padding
+      return key.private_decrypt(cipher_text, OpenSSL::PKey::RSA::PKCS1_PADDING)
+    when :rsa_pkcs1_oaep_padding
+      rsa_oaep_md ||= OpenSSL::Digest::SHA1
+      if rsa_oaep_md == OpenSSL::Digest::SHA1
+        return key.private_decrypt(cipher_text, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+      elsif rsa_oaep_md == OpenSSL::Digest::SHA256
+        return JOSE::JWA::PKCS1.rsaes_oaep_decrypt(rsa_oaep_md, cipher_text, key)
+      else
+        raise ArgumentError, "unsupported RSA OAEP md: #{rsa_oaep_md.inspect}"
+      end
+    else
+      raise ArgumentError, "unsupported RSA padding: #{rsa_padding.inspect}"
+    end
+  end
+
+  def encrypt_public(plain_text, rsa_padding: :rsa_pkcs1_padding, rsa_oaep_md: nil)
+    case rsa_padding
+    when :rsa_pkcs1_padding
+      return key.public_encrypt(plain_text, OpenSSL::PKey::RSA::PKCS1_PADDING)
+    when :rsa_pkcs1_oaep_padding
+      rsa_oaep_md ||= OpenSSL::Digest::SHA1
+      if rsa_oaep_md == OpenSSL::Digest::SHA1
+        return key.public_encrypt(plain_text, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+      elsif rsa_oaep_md == OpenSSL::Digest::SHA256
+        return JOSE::JWA::PKCS1.rsaes_oaep_encrypt(rsa_oaep_md, plain_text, key)
+      else
+        raise ArgumentError, "unsupported RSA OAEP md: #{rsa_oaep_md.inspect}"
+      end
+    else
+      raise ArgumentError, "unsupported RSA padding: #{rsa_padding.inspect}"
+    end
+  end
+
+  def self.generate_key(modulus_size, exponent_size = nil)
+    if modulus_size.is_a?(Array)
+      if modulus_size.length == 2 and modulus_size[0] == :rsa
+        modulus_size = modulus_size[1]
+      elsif modulus_size.length == 3 and modulus_size[0] == :rsa
+        exponent_size = modulus_size[2]
+        modulus_size  = modulus_size[1]
+      end
+    end
+    if modulus_size.is_a?(Integer) and (exponent_size.nil? or exponent_size.is_a?(Integer))
+      return from_key(OpenSSL::PKey::RSA.generate(modulus_size, exponent_size))
+    else
+      raise ArgumentError, "'modulus_size' must be an Integer and 'exponent_size' must be nil or an Integer"
+    end
+  end
+
+  def generate_key(fields)
+    kty, other_fields = JOSE::JWK::KTY_RSA.generate_key([:rsa, key.n.num_bits, key.e.to_i])
+    return kty, fields.delete('kid').merge(other_fields)
+  end
+
+  def key_encryptor(fields, key)
+    return JOSE::JWK::KTY.key_encryptor(self, fields, key)
+  end
+
+  def sign(message, digest_type, padding: :rsa_pkcs1_padding)
+    case padding
+    when :rsa_pkcs1_padding
+      return key.sign(digest_type.new, message)
+    when :rsa_pkcs1_pss_padding
+      return JOSE::JWA::PKCS1.rsassa_pss_sign(digest_type, message, key)
+    else
+      raise ArgumentError, "unsupported RSA padding: #{padding.inspect}"
+    end
+  end
+
+  def signer(fields = nil, plain_text = nil)
+    if key.private?
+      return JOSE::Map['alg' => 'RS256']
+    else
+      raise ArgumentError, "signing not supported for public keys"
+    end
+  end
+
+  def verify(message, digest_type, signature, padding: :rsa_pkcs1_padding)
+    case padding
+    when :rsa_pkcs1_padding
+      return key.verify(digest_type.new, signature, message)
+    when :rsa_pkcs1_pss_padding
+      return JOSE::JWA::PKCS1.rsassa_pss_verify(digest_type, message, signature, key)
+    else
+      raise ArgumentError, "unsupported RSA padding: #{padding.inspect}"
+    end
+  rescue OpenSSL::PKey::PKeyError # jruby raises this error if the signature is invalid
+    false
+  end
+
+  # API functions
+
+  def self.from_key(key)
+    case key
+    when OpenSSL::PKey::RSA
+      return JOSE::JWK::KTY_RSA.new(key), JOSE::Map[]
+    else
+      raise ArgumentError, "'key' must be a OpenSSL::PKey::RSA"
+    end
+  end
+
+  def to_pem(password = nil)
+    return JOSE::JWK::PEM.to_binary(key, password)
+  end
+
+end

data/lib/jose/jwk/pem.rb

@@ -0,0 +1,19 @@
+module JOSE::JWK::PEM
+
+  extend self
+
+  def from_binary(object, password = nil)
+    pkey = OpenSSL::PKey.read(object, password)
+    return JOSE::JWK::KTY.from_key(pkey)
+  end
+
+  def to_binary(key, password = nil)
+    if password
+      cipher = OpenSSL::Cipher.new('DES-EDE3-CBC')
+      return key.to_pem(cipher, password)
+    else
+      return key.to_pem
+    end
+  end
+
+end

data/lib/jose/jwk/set.rb

@@ -0,0 +1,2 @@
+class JOSE::JWK::Set
+end

data/lib/jose/jws.rb

@@ -0,0 +1,242 @@
+module JOSE
+
+  class SignedBinary < ::String
+    def expand
+      return JOSE::JWS.expand(self)
+    end
+  end
+
+  class SignedMap < JOSE::Map
+    def compact
+      return JOSE::JWS.compact(self)
+    end
+  end
+
+  class JWS < Struct.new(:alg, :b64, :fields)
+
+    # Decode API
+
+    def self.from(object, modules = {})
+      case object
+      when JOSE::Map, Hash
+        return from_map(object, modules)
+      when String
+        return from_binary(object, modules)
+      when JOSE::JWS
+        return object
+      else
+        raise ArgumentError, "'object' must be a Hash, String, or JOSE::JWS"
+      end
+    end
+
+    def self.from_binary(object, modules = {})
+      case object
+      when String
+        return from_map(JOSE.decode(object), modules)
+      else
+        raise ArgumentError, "'object' must be a String"
+      end
+    end
+
+    def self.from_file(file, modules = {})
+      return from_binary(File.binread(file), modules)
+    end
+
+    def self.from_map(object, modules = {})
+      case object
+      when JOSE::Map, Hash
+        return from_fields(JOSE::JWS.new(nil, nil, JOSE::Map.new(object)), modules)
+      else
+        raise ArgumentError, "'object' must be a Hash"
+      end
+    end
+
+    # Encode API
+
+    def self.to_binary(jws)
+      return from(jws).to_binary
+    end
+
+    def to_binary
+      return JOSE.encode(to_map)
+    end
+
+    def self.to_file(jws, file)
+      return from(jws).to_file(file)
+    end
+
+    def to_file(file)
+      return File.binwrite(file, to_binary)
+    end
+
+    def self.to_map(jws)
+      return from(jws).to_map
+    end
+
+    def to_map
+      return alg.to_map(fields)
+    end
+
+    # API
+
+    def self.compact(map)
+      if map.is_a?(Hash) or map.is_a?(JOSE::Map)
+        return JOSE::SignedBinary.new([
+          map['protected'] || '',
+          '.',
+          map['payload'] || '',
+          '.',
+          map['signature'] || ''
+        ].join)
+      else
+        raise ArgumentError, "'map' must be a Hash or a JOSE::Map"
+      end
+    end
+
+    def self.expand(binary)
+      if binary.is_a?(String)
+        parts = binary.split('.')
+        if parts.length == 3
+          protected_binary, payload, signature = parts
+          return JOSE::SignedMap[
+            'payload'   => payload,
+            'protected' => protected_binary,
+            'signature' => signature
+          ]
+        else
+          raise ArgumentError, "'binary' is not a valid signed String"
+        end
+      else
+        raise ArgumentError, "'binary' must be a String"
+      end
+    end
+
+    def self.peek_payload(signed)
+      if signed.is_a?(String)
+        signed = expand(signed)
+      end
+      return JOSE.urlsafe_decode64(signed['payload'])
+    end
+
+    def self.peek_protected(signed)
+      if signed.is_a?(String)
+        signed = expand(signed)
+      end
+      return JOSE::Map.new(JOSE.decode(JOSE.urlsafe_decode64(signed['protected'])))
+    end
+
+    def self.sign(key, plain_text, jws, header = nil)
+      return from(jws).sign(key, plain_text, header)
+    end
+
+    def sign(key, plain_text, header = nil)
+      protected_binary = JOSE.urlsafe_encode64(to_binary)
+      payload = JOSE.urlsafe_encode64(plain_text)
+      signing_input = signing_input(plain_text, protected_binary)
+      signature = JOSE.urlsafe_encode64(alg.sign(key, signing_input))
+      return signature_to_map(payload, protected_binary, header, key, signature)
+    end
+
+    # See https://tools.ietf.org/html/draft-ietf-jose-jws-signing-input-options-04
+    def signing_input(payload, protected_binary = JOSE.urlsafe_encode64(to_binary))
+      if b64 == true or b64.nil?
+        payload = JOSE.urlsafe_encode64(payload)
+      end
+      return [protected_binary, '.', payload].join
+    end
+
+    def self.verify(key, signed)
+      if signed.is_a?(String)
+        signed = JOSE::JWS.expand(signed)
+      end
+      if signed.is_a?(Hash)
+        signed = JOSE::SignedMap.new(signed)
+      end
+      if signed.is_a?(JOSE::Map) and signed['payload'].is_a?(String) and signed['protected'].is_a?(String) and signed['signature'].is_a?(String)
+        jws = from_binary(JOSE.urlsafe_decode64(signed['protected']))
+        signature = JOSE.urlsafe_decode64(signed['signature'])
+        plain_text = JOSE.urlsafe_decode64(signed['payload'])
+        return jws.verify(key, plain_text, signature, signed['protected'])
+      else
+        raise ArgumentError, "'signed' is not a valid signed String, Hash, or JOSE::Map"
+      end
+    end
+
+    def verify(key, plain_text, signature, protected_binary = JOSE.urlsafe_encode64(to_binary))
+      payload = JOSE.urlsafe_encode64(plain_text)
+      signing_input = signing_input(plain_text, protected_binary)
+      return alg.verify(key, signing_input, signature), plain_text, self
+    end
+
+    def self.verify_strict(key, allow, signed)
+      if signed.is_a?(String)
+        signed = JOSE::JWS.expand(signed)
+      end
+      if signed.is_a?(Hash)
+        signed = JOSE::SignedMap.new(signed)
+      end
+      if signed.is_a?(JOSE::Map) and signed['payload'].is_a?(String) and signed['protected'].is_a?(String) and signed['signature'].is_a?(String)
+        protected_map = JOSE.decode(JOSE.urlsafe_decode64(signed['protected']))
+        plain_text = JOSE.urlsafe_decode64(signed['payload'])
+        if allow.member?(protected_map['alg'])
+          jws = from_map(protected_map)
+          signature = JOSE.urlsafe_decode64(signed['signature'])
+          return jws.verify(key, plain_text, signature, signed['protected'])
+        else
+          return false, plain_text, protected_map
+        end
+      else
+        raise ArgumentError, "'signed' is not a valid signed String, Hash, or JOSE::Map"
+      end
+    end
+
+  private
+
+    def self.from_fields(jws, modules)
+      if jws.fields.has_key?('b64')
+        jws.b64 = jws.fields['b64']
+        jws.fields = jws.fields.delete('b64')
+        return from_fields(jws, modules)
+      elsif jws.fields.has_key?('alg') and jws.fields['alg'].is_a?(String)
+        alg = modules[:alg] || case
+        when jws.fields['alg'].start_with?('ES')
+          JOSE::JWS::ALG_ECDSA
+        when jws.fields['alg'].start_with?('HS')
+          JOSE::JWS::ALG_HMAC
+        when jws.fields['alg'].start_with?('PS')
+          JOSE::JWS::ALG_RSA_PSS
+        when jws.fields['alg'].start_with?('RS')
+          JOSE::JWS::ALG_RSA_PKCS1_V1_5
+        when jws.fields['alg'] == 'none'
+          JOSE::JWS::ALG_none
+        else
+          raise ArgumentError, "unknown 'alg': #{jws.fields['alg'].inspect}"
+        end
+        jws.alg, jws.fields = alg.from_map(jws.fields)
+        return from_fields(jws, modules)
+      elsif jws.alg.nil?
+        raise ArgumentError, "missing required keys: 'alg'"
+      else
+        return jws
+      end
+    end
+
+    def signature_to_map(payload, protected_binary, header, key, signature)
+      if header and header.is_a?(Hash)
+        header = JOSE::Map.new(header)
+      end
+      header ||= JOSE::Map[]
+      if key.is_a?(JOSE::JWK) and key.fields['kid'].is_a?(String)
+        header = header.put('kid', key.fields['kid'])
+      end
+      if header.size == 0
+        return JOSE::SignedMap['payload' => payload, 'protected' => protected_binary, 'signature' => signature]
+      else
+        return JOSE::SignedMap['header' => header.to_hash, 'payload' => payload, 'protected' => protected_binary, 'signature' => signature]
+      end
+    end
+
+  end
+end
+
+require 'jose/jws/alg'