jose 0.2.0 → 0.3.0

data/lib/jose/jwe/alg_rsa.rb

@@ -21,25 +21,15 @@ class JOSE::JWE::ALG_RSA < Struct.new(:rsa_padding, :rsa_oaep_md)
   end
 
   def to_map(fields)
-    alg = nil
-    if rsa_padding == :rsa_pkcs1_padding
-      alg = 'RSA1_5'
-    elsif rsa_padding == :rsa_pkcs1_oaep_padding
-      if rsa_oaep_md == OpenSSL::Digest::SHA1
-        alg = 'RSA-OAEP'
-      elsif rsa_oaep_md == OpenSSL::Digest::SHA256
-        alg = 'RSA-OAEP-256'
-      else
-        raise ArgumentError, "unhandled JOSE::JWE::ALG_RSA rsa_oaep_md: #{rsa_oaep_md.inspect}"
-      end
-    else
-      raise ArgumentError, "unhandled JOSE::JWE::ALG_RSA rsa_padding: #{rsa_padding.inspect}"
-    end
-    return fields.put('alg', alg)
+    return fields.put('alg', algorithm)
   end
 
   # JOSE::JWE::ALG callbacks
 
+  def generate_key(fields, enc)
+    return JOSE::JWE::ALG.generate_key([:rsa, 2048], algorithm, enc.algorithm)
+  end
+
   def key_decrypt(key, enc, encrypted_key)
     if key.is_a?(JOSE::JWK)
       return key.kty.decrypt_private(encrypted_key, rsa_padding: rsa_padding, rsa_oaep_md: rsa_oaep_md)
@@ -60,4 +50,22 @@ class JOSE::JWE::ALG_RSA < Struct.new(:rsa_padding, :rsa_oaep_md)
     return enc.next_cek
   end
 
+  # API functions
+
+  def algorithm
+    if rsa_padding == :rsa_pkcs1_padding
+      'RSA1_5'
+    elsif rsa_padding == :rsa_pkcs1_oaep_padding
+      if rsa_oaep_md == OpenSSL::Digest::SHA1
+        'RSA-OAEP'
+      elsif rsa_oaep_md == OpenSSL::Digest::SHA256
+        'RSA-OAEP-256'
+      else
+        raise ArgumentError, "unhandled JOSE::JWE::ALG_RSA rsa_oaep_md: #{rsa_oaep_md.inspect}"
+      end
+    else
+      raise ArgumentError, "unhandled JOSE::JWE::ALG_RSA rsa_padding: #{rsa_padding.inspect}"
+    end
+  end
+
 end

data/lib/jose/jwe/enc_aes_cbc_hmac.rb

@@ -41,13 +41,14 @@ class JOSE::JWE::ENC_AES_CBC_HMAC < Struct.new(:cipher_name, :bits, :cek_len, :i
     enc_key = cek_s.read(enc_len)
     aad_len = [(aad.bytesize * 8)].pack('Q>')
     mac_data = [aad, iv, cipher_text, aad_len].pack('a*a*a*a*')
-    if cipher_tag != OpenSSL::HMAC.digest(hmac.new, mac_key, mac_data)[0..tag_len]
+    if cipher_tag != OpenSSL::HMAC.digest(hmac.new, mac_key, mac_data)[0...tag_len]
       raise ArgumentError, "decryption error"
     else
       cipher = OpenSSL::Cipher.new(cipher_name)
       cipher.decrypt
-      cipher.key = cek
+      cipher.key = enc_key
       cipher.iv = iv
+      cipher.padding = 0
       plain_text = JOSE::JWA::PKCS7.unpad(cipher.update(cipher_text) + cipher.final)
       return plain_text
     end
@@ -60,12 +61,13 @@ class JOSE::JWE::ENC_AES_CBC_HMAC < Struct.new(:cipher_name, :bits, :cek_len, :i
     enc_key = cek_s.read(enc_len)
     cipher = OpenSSL::Cipher.new(cipher_name)
     cipher.encrypt
-    cipher.key = cek
+    cipher.key = enc_key
     cipher.iv = iv
+    cipher.padding = 0
     cipher_text = cipher.update(JOSE::JWA::PKCS7.pad(plain_text)) + cipher.final
     aad_len = [(aad.bytesize * 8)].pack('Q>')
     mac_data = [aad, iv, cipher_text, aad_len].pack('a*a*a*a*')
-    cipher_tag = OpenSSL::HMAC.digest(hmac.new, mac_key, mac_data)[0..tag_len]
+    cipher_tag = OpenSSL::HMAC.digest(hmac.new, mac_key, mac_data)[0...tag_len]
     return cipher_text, cipher_tag
   end
 

data/lib/jose/jwe/enc_aes_gcm.rb

@@ -40,6 +40,7 @@ class JOSE::JWE::ENC_AES_GCM < Struct.new(:cipher_name, :bits, :cek_len, :iv_len
     cipher.decrypt
     cipher.key = cek
     cipher.iv = iv
+    cipher.padding = 0
     cipher.auth_data = aad
     cipher.auth_tag = cipher_tag
     plain_text = cipher.update(cipher_text) + cipher.final
@@ -52,6 +53,7 @@ class JOSE::JWE::ENC_AES_GCM < Struct.new(:cipher_name, :bits, :cek_len, :iv_len
     cipher.encrypt
     cipher.key = cek
     cipher.iv = iv
+    cipher.padding = 0
     cipher.auth_data = aad
     cipher_text = cipher.update(plain_text) + cipher.final
     return cipher_text, cipher.auth_tag

data/lib/jose/jwk.rb

@@ -226,10 +226,18 @@ module JOSE
     end
 
     def block_encrypt(plain_text, jwe = nil)
-      jwe ||= kty.block_encryptor(fields, plain_text)
+      jwe ||= block_encryptor
       return JOSE::JWE.block_encrypt(self, plain_text, jwe)
     end
 
+    def self.block_encryptor(jwe)
+      return from(jwe).block_encryptor
+    end
+
+    def block_encryptor
+      return kty.block_encryptor(fields)
+    end
+
     def self.box_decrypt(jwk, encrypted)
       return from(jwk).box_decrypt(encrypted)
     end
@@ -249,7 +257,7 @@ module JOSE
         my_private_jwk = JOSE::JWK.from(my_private_jwk)
       end
       if jwe.nil?
-        jwe = other_public_jwk.kty.block_encryptor(fields, plain_text)
+        jwe = other_public_jwk.block_encryptor
       end
       if jwe.is_a?(Hash)
         jwe = JOSE::Map.new(jwe)
@@ -318,6 +326,24 @@ module JOSE
       return JOSE::JWK.new(nil, *kty.generate_key(fields))
     end
 
+    def self.merge(left, right)
+      return from(left).merge(right)
+    end
+
+    def merge(object)
+      object = case object
+      when JOSE::Map, Hash
+        object
+      when String
+        JOSE.decode(object)
+      when JOSE::JWK
+        object.to_map
+      else
+        raise ArgumentError, "'object' must be a Hash, String, or JOSE::JWK"
+      end
+      return JOSE::JWK.from_map(self.to_map.merge(object))
+    end
+
     def self.shared_secret(your_jwk, my_jwk)
       return from(your_jwk).shared_secret(from(my_jwk))
     end
@@ -334,10 +360,18 @@ module JOSE
     end
 
     def sign(plain_text, jws = nil, header = nil)
-      jws ||= kty.signer(fields, plain_text)
+      jws ||= signer
       return JOSE::JWS.sign(self, plain_text, jws, header)
     end
 
+    def self.signer(jwk)
+      return from(jwk).signer
+    end
+
+    def signer
+      return kty.signer(fields)
+    end
+
     def self.verify(signed, jwk)
       return from(jwk).verify(signed)
     end

data/lib/jose/jwk/kty_ec.rb

@@ -82,11 +82,28 @@ class JOSE::JWK::KTY_EC < Struct.new(:key)
 
   # JOSE::JWK::KTY callbacks
 
-  def block_encryptor(fields, plain_text)
-    return JOSE::Map[
-      'alg' => 'ECDH-ES',
-      'enc' => 'A128GCM'
-    ]
+  def block_encryptor(fields)
+    if fields and fields['use'] == 'enc' and not fields['alg'].nil? and not fields['enc'].nil?
+      jwe = JOSE::Map[
+        'alg' => fields['alg'],
+        'enc' => fields['enc']
+      ]
+      if not fields['apu'].nil?
+        jwe = jwe.put('apu', fields['apu'])
+      end
+      if not fields['apv'].nil?
+        jwe = jwe.put('apv', fields['apv'])
+      end
+      if not fields['epk'].nil?
+        jwe = jwe.put('epk', fields['epk'])
+      end
+      return jwe
+    else
+      return JOSE::Map[
+        'alg' => 'ECDH-ES',
+        'enc' => 'A128GCM'
+      ]
+    end
   end
 
   def derive_key(my_private_key)
@@ -104,6 +121,16 @@ class JOSE::JWK::KTY_EC < Struct.new(:key)
     if curve_name.is_a?(Array) and curve_name.length == 2 and curve_name[0] == :ec
       curve_name = curve_name[1]
     end
+    curve_name = case curve_name
+    when 'P-256'
+      'prime256v1'
+    when 'P-384'
+      'secp384r1'
+    when 'P-521'
+      'secp521r1'
+    else
+      curve_name
+    end
     if curve_name.is_a?(String)
       return from_key(OpenSSL::PKey::EC.new(curve_name).generate_key)
     else
@@ -131,9 +158,21 @@ class JOSE::JWK::KTY_EC < Struct.new(:key)
     return rpad.concat(spad)
   end
 
-  def signer(fields = nil, plain_text = nil)
-    if key.private_key?
-      return JOSE::Map['alg' => 'ES256']
+  def signer(fields = nil)
+    if key.private_key? and fields and fields['use'] == 'sig' and not fields['alg'].nil?
+      return JOSE::Map['alg' => fields['alg']]
+    elsif key.private_key?
+      alg = case key.group.curve_name
+      when 'prime256v1', 'secp256r1'
+        'ES256'
+      when 'secp384r1'
+        'ES384'
+      when 'secp521r1'
+        'ES512'
+      else
+        raise ArgumentError, "unhandled EC curve name: #{key.group.curve_name.inspect}"
+      end
+      return JOSE::Map['alg' => alg]
     else
       raise ArgumentError, "signing not supported for public keys"
     end

data/lib/jose/jwk/kty_oct.rb

@@ -28,25 +28,39 @@ class JOSE::JWK::KTY_oct < Struct.new(:oct)
 
   # JOSE::JWK::KTY callbacks
 
-  def block_encryptor(fields, plain_text)
-    enc = case (oct.bytesize * 8)
-    when 128
-      'A128GCM'
-    when 192
-      'A192GCM'
-    when 256
-      'A256GCM'
-    when 384
-      'A192CBC-HS384'
-    when 512
-      'A256CBC-HS512'
+  def block_encryptor(fields)
+    if fields and fields['use'] == 'enc' and not fields['alg'].nil? and not fields['enc'].nil?
+      jwe = JOSE::Map[
+        'alg' => fields['alg'],
+        'enc' => fields['enc']
+      ]
+      if not fields['p2c'].nil?
+        jwe = jwe.put('p2c', fields['p2c'])
+      end
+      if not fields['p2s'].nil?
+        jwe = jwe.put('p2s', fields['p2s'])
+      end
+      return jwe
     else
-      raise ArgumentError, "oct of size #{oct.bytesize * 8} has no default block encryptor"
+      enc = case (oct.bytesize * 8)
+      when 128
+        'A128GCM'
+      when 192
+        'A192GCM'
+      when 256
+        'A256GCM'
+      when 384
+        'A192CBC-HS384'
+      when 512
+        'A256CBC-HS512'
+      else
+        raise ArgumentError, "oct of size #{oct.bytesize * 8} has no default block encryptor"
+      end
+      return JOSE::Map[
+        'alg' => 'dir',
+        'enc' => enc
+      ]
     end
-    return JOSE::Map[
-      'alg' => 'dir',
-      'enc' => enc
-    ]
   end
 
   def derive_key
@@ -78,8 +92,20 @@ class JOSE::JWK::KTY_oct < Struct.new(:oct)
     return OpenSSL::HMAC.digest(digest_type.new, oct, message)
   end
 
-  def signer(fields = nil, plain_text = nil)
-    return JOSE::Map['alg' => 'HS256']
+  def signer(fields = nil)
+    if fields and fields['use'] == 'sig' and not fields['alg'].nil?
+      return JOSE::Map['alg' => fields['alg']]
+    else
+      bitsize = (oct.bytesize * 8)
+      alg = if bitsize < 384
+        'HS256'
+      elsif bitsize < 512
+        'HS384'
+      else
+        'HS512'
+      end
+      return JOSE::Map['alg' => alg]
+    end
   end
 
   def verify(message, digest_type, signature)

data/lib/jose/jwk/kty_okp_ed25519.rb

@@ -84,8 +84,14 @@ class JOSE::JWK::KTY_OKP_Ed25519 < Struct.new(:okp)
     return JOSE::JWA::Curve25519.ed25519_sign(message, okp)
   end
 
-  def signer(fields = nil, plain_text = nil)
-    return JOSE::Map['alg' => 'Ed25519']
+  def signer(fields = nil)
+    if okp.bytesize == SK_BYTES and fields and fields['use'] == 'sig' and not fields['alg'].nil?
+      return JOSE::Map['alg' => fields['alg']]
+    elsif okp.bytesize == SK_BYTES
+      return JOSE::Map['alg' => 'Ed25519']
+    else
+      raise ArgumentError, "signing not supported for public keys"
+    end
   end
 
   def verify(message, digest_type, signature)

data/lib/jose/jwk/kty_okp_ed25519ph.rb

@@ -84,8 +84,14 @@ class JOSE::JWK::KTY_OKP_Ed25519ph < Struct.new(:okp)
     return JOSE::JWA::Curve25519.ed25519ph_sign(message, okp)
   end
 
-  def signer(fields = nil, plain_text = nil)
-    return JOSE::Map['alg' => 'Ed25519ph']
+  def signer(fields = nil)
+    if okp.bytesize == SK_BYTES and fields and fields['use'] == 'sig' and not fields['alg'].nil?
+      return JOSE::Map['alg' => fields['alg']]
+    elsif okp.bytesize == SK_BYTES
+      return JOSE::Map['alg' => 'Ed25519ph']
+    else
+      raise ArgumentError, "signing not supported for public keys"
+    end
   end
 
   def verify(message, sign_type, signature)

data/lib/jose/jwk/kty_okp_ed448.rb

@@ -93,8 +93,14 @@ class JOSE::JWK::KTY_OKP_Ed448 < Struct.new(:okp)
     return JOSE::JWA::Curve448.ed448_sign(message, okp)
   end
 
-  def signer(fields = nil, plain_text = nil)
-    return JOSE::Map['alg' => 'Ed448']
+  def signer(fields = nil)
+    if (okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES) and fields and fields['use'] == 'sig' and not fields['alg'].nil?
+      return JOSE::Map['alg' => fields['alg']]
+    elsif (okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES)
+      return JOSE::Map['alg' => 'Ed448']
+    else
+      raise ArgumentError, "signing not supported for public keys"
+    end
   end
 
   def verify(message, digest_type, signature)

data/lib/jose/jwk/kty_okp_ed448ph.rb

@@ -93,8 +93,14 @@ class JOSE::JWK::KTY_OKP_Ed448ph < Struct.new(:okp)
     return JOSE::JWA::Curve448.ed448ph_sign(message, okp)
   end
 
-  def signer(fields = nil, plain_text = nil)
-    return JOSE::Map['alg' => 'Ed448ph']
+  def signer(fields = nil)
+    if (okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES) and fields and fields['use'] == 'sig' and not fields['alg'].nil?
+      return JOSE::Map['alg' => fields['alg']]
+    elsif (okp.bytesize == SK_BYTES or okp.bytesize == LEGACY_SK_BYTES)
+      return JOSE::Map['alg' => 'Ed448ph']
+    else
+      raise ArgumentError, "signing not supported for public keys"
+    end
   end
 
   def verify(message, digest_type, signature)

data/lib/jose/jwk/kty_okp_x25519.rb

@@ -55,11 +55,28 @@ class JOSE::JWK::KTY_OKP_X25519 < Struct.new(:okp)
 
   # JOSE::JWK::KTY callbacks
 
-  def block_encryptor(fields, plain_text)
-    return JOSE::Map[
-      'alg' => 'ECDH-ES',
-      'enc' => 'A128GCM'
-    ]
+  def block_encryptor(fields)
+    if fields and fields['use'] == 'enc' and not fields['alg'].nil? and not fields['enc'].nil?
+      jwe = JOSE::Map[
+        'alg' => fields['alg'],
+        'enc' => fields['enc']
+      ]
+      if not fields['apu'].nil?
+        jwe = jwe.put('apu', fields['apu'])
+      end
+      if not fields['apv'].nil?
+        jwe = jwe.put('apv', fields['apv'])
+      end
+      if not fields['epk'].nil?
+        jwe = jwe.put('epk', fields['epk'])
+      end
+      return jwe
+    else
+      return JOSE::Map[
+        'alg' => 'ECDH-ES',
+        'enc' => 'A128GCM'
+      ]
+    end
   end
 
   def derive_key(my_sk)

data/lib/jose/jwk/kty_okp_x448.rb

@@ -55,11 +55,28 @@ class JOSE::JWK::KTY_OKP_X448 < Struct.new(:okp)
 
   # JOSE::JWK::KTY callbacks
 
-  def block_encryptor(fields, plain_text)
-    return JOSE::Map[
-      'alg' => 'ECDH-ES',
-      'enc' => 'A128GCM'
-    ]
+  def block_encryptor(fields)
+    if fields and fields['use'] == 'enc' and not fields['alg'].nil? and not fields['enc'].nil?
+      jwe = JOSE::Map[
+        'alg' => fields['alg'],
+        'enc' => fields['enc']
+      ]
+      if not fields['apu'].nil?
+        jwe = jwe.put('apu', fields['apu'])
+      end
+      if not fields['apv'].nil?
+        jwe = jwe.put('apv', fields['apv'])
+      end
+      if not fields['epk'].nil?
+        jwe = jwe.put('epk', fields['epk'])
+      end
+      return jwe
+    else
+      return JOSE::Map[
+        'alg' => 'ECDH-ES',
+        'enc' => 'A128GCM'
+      ]
+    end
   end
 
   def derive_key(my_sk)