jose 1.1.3 → 1.2.0

data/lib/jose/jwa/xchacha20poly1305_rbnacl.rb

@@ -0,0 +1,35 @@
+module JOSE::JWA::XChaCha20Poly1305_RbNaCl
+
+  extend self
+
+  def __ruby__?; false; end
+
+  def __supported__?
+    return @supported ||= begin
+      begin
+        require 'rbnacl/libsodium'
+      rescue LoadError
+      end
+      begin
+        require 'rbnacl'
+      rescue LoadError
+      end
+      !!(defined?(RbNaCl::AEAD::XChaCha20Poly1305IETF))
+    end
+  end
+
+  def xchacha20poly1305_aead_encrypt(key, nonce, aad, plaintext)
+    cipher = RbNaCl::AEAD::XChaCha20Poly1305IETF.new(key)
+    ciphertext_with_tag = cipher.encrypt(nonce, plaintext, aad)
+    return [ciphertext_with_tag[0..-17], ciphertext_with_tag[-16..-1]]
+  end
+
+  def xchacha20poly1305_aead_decrypt(key, nonce, aad, ciphertext, tag)
+    cipher = RbNaCl::AEAD::XChaCha20Poly1305IETF.new(key)
+    ciphertext_with_tag = [ciphertext, tag].join()
+    return cipher.decrypt(nonce, ciphertext_with_tag, aad)
+  end
+
+end
+
+JOSE::JWA::XChaCha20Poly1305.__register__(JOSE::JWA::XChaCha20Poly1305_RbNaCl)

data/lib/jose/jwa/xchacha20poly1305_unsupported.rb

@@ -0,0 +1,16 @@
+module JOSE::JWA::XChaCha20Poly1305_Unsupported
+
+  extend self
+
+  def __ruby__?; true; end
+  def __supported__?; false; end
+
+  def xchacha20poly1305_aead_encrypt(key, nonce, aad, plaintext)
+    raise NotImplementedError
+  end
+
+  def xchacha20poly1305_aead_decrypt(key, nonce, aad, ciphertext, tag)
+    raise NotImplementedError
+  end
+
+end

data/lib/jose/jwa.rb

@@ -127,7 +127,9 @@ module JOSE
         'A256GCM',
         'A128CBC-HS256',
         'A192CBC-HS384',
-        'A256CBC-HS512'
+        'A256CBC-HS512',
+        'C20P',
+        'XC20P'
       ])
       jwe_alg = __jwe_alg_support_check__([
         ['A128GCMKW', :block],
@@ -136,6 +138,7 @@ module JOSE
         ['A128KW', :block],
         ['A192KW', :block],
         ['A256KW', :block],
+        ['C20PKW', :block],
         ['ECDH-ES', :box],
         ['ECDH-ES+A128KW', :box],
         ['ECDH-ES+A192KW', :box],
@@ -146,6 +149,7 @@ module JOSE
         ['RSA1_5', :rsa],
         ['RSA-OAEP', :rsa],
         ['RSA-OAEP-256', :rsa],
+        ['XC20PKW', :block],
         ['dir', :direct]
       ], jwe_enc)
       jwe_zip = __jwe_zip_support_check__([
@@ -231,7 +235,7 @@ module JOSE
             cipher_text = recv_jwk.box_encrypt(plain_text, send_jwk).compact
             next recv_jwk.box_decrypt(cipher_text).first == plain_text
           elsif strategy == :rsa
-            rsa ||= JOSE::JWK.generate_key([:rsa, 1024])
+            rsa ||= JOSE::JWK.generate_key([:rsa, 2048])
             cipher_text = rsa.block_encrypt(plain_text, { 'alg' => alg, 'enc' => enc }).compact
             next rsa.block_decrypt(cipher_text).first == plain_text
           elsif strategy == :direct
@@ -290,7 +294,7 @@ module JOSE
           kty.push(key_type) if not kty_OKP_crv.empty?
         when 'RSA'
           begin
-            JOSE::JWK.generate_key([:rsa, 256])
+            JOSE::JWK.generate_key([:rsa, 1024])
             kty.push(key_type)
           rescue StandardError, NotImplementedError
             # do nothing
@@ -314,7 +318,7 @@ module JOSE
         begin
           jwk = nil
           jwk ||= JOSE::JWK.generate_key([:oct, 0]).merge({ 'alg' => alg, 'use' => 'sig' }) if alg == 'none'
-          jwk ||= (rsa ||= JOSE::JWK.generate_key([:rsa, 1024])).merge({ 'alg' => alg, 'use' => 'sig' }) if alg.start_with?('RS') or alg.start_with?('PS')
+          jwk ||= (rsa ||= JOSE::JWK.generate_key([:rsa, 2048])).merge({ 'alg' => alg, 'use' => 'sig' }) if alg.start_with?('RS') or alg.start_with?('PS')
           jwk ||= JOSE::JWS.generate_key({ 'alg' => alg })
           signed_text = jwk.sign(plain_text).compact
           next jwk.verify_strict(signed_text, [alg]).first
@@ -337,3 +341,4 @@ require 'jose/jwa/curve25519'
 require 'jose/jwa/curve448'
 require 'jose/jwa/pkcs1'
 require 'jose/jwa/pkcs7'
+require 'jose/jwa/xchacha20poly1305'

data/lib/jose/jwe/alg.rb

@@ -19,7 +19,9 @@ end
 
 require 'jose/jwe/alg_aes_gcm_kw'
 require 'jose/jwe/alg_aes_kw'
+require 'jose/jwe/alg_c20p_kw'
 require 'jose/jwe/alg_dir'
 require 'jose/jwe/alg_ecdh_es'
 require 'jose/jwe/alg_pbes2'
 require 'jose/jwe/alg_rsa'
+require 'jose/jwe/alg_xc20p_kw'

data/lib/jose/jwe/alg_aes_gcm_kw.rb

@@ -103,7 +103,7 @@ class JOSE::JWE::ALG_AES_GCM_KW < Struct.new(:cipher_name, :bits, :iv, :tag)
     when 256
       'A256GCMKW'
     else
-      raise ArgumentError, "unhandled JOSE::JWE::ALG_AES_KW bits: #{bits.inspect}"
+      raise ArgumentError, "unhandled JOSE::JWE::ALG_AES_GCM_KW bits: #{bits.inspect}"
     end
   end
 

data/lib/jose/jwe/alg_c20p_kw.rb

@@ -0,0 +1,100 @@
+class JOSE::JWE::ALG_C20P_KW < Struct.new(:cipher_name, :bits, :iv, :tag)
+
+  # JOSE::JWE callbacks
+
+  def self.from_map(fields)
+    bits = nil
+    cipher_name = nil
+    case fields['alg']
+    when 'C20PKW'
+      bits = 256
+      cipher_name = 'chacha20-poly1305'
+    else
+      raise ArgumentError, "invalid 'alg' for JWE: #{fields['alg'].inspect}"
+    end
+    iv = nil
+    if fields.has_key?('iv')
+      iv = JOSE.urlsafe_decode64(fields['iv'])
+    end
+    tag = nil
+    if fields.has_key?('tag')
+      tag = JOSE.urlsafe_decode64(fields['tag'])
+    end
+    return new(cipher_name, bits, iv, tag), fields.except('alg', 'iv', 'tag')
+  end
+
+  def to_map(fields)
+    alg = algorithm
+    fields = fields.put('alg', alg)
+    if iv
+      fields = fields.put('iv', JOSE.urlsafe_encode64(iv))
+    end
+    if tag
+      fields = fields.put('tag', JOSE.urlsafe_encode64(tag))
+    end
+    return fields
+  end
+
+  # JOSE::JWE::ALG callbacks
+
+  def generate_key(fields, enc)
+    return JOSE::JWE::ALG.generate_key([:oct, bits.div(8)], algorithm, enc.algorithm)
+  end
+
+  def key_decrypt(key, enc, encrypted_key)
+    if iv.nil? or tag.nil?
+      raise ArgumentError, "missing required fields for decryption: 'iv' and 'tag'"
+    end
+    if key.is_a?(JOSE::JWK)
+      key = key.kty.derive_key
+    end
+    derived_key = key
+    aad = ''
+    cipher_text = encrypted_key
+    cipher_tag = tag
+    cipher = OpenSSL::Cipher.new(cipher_name)
+    cipher.decrypt
+    cipher.key = derived_key
+    cipher.iv = iv
+    cipher.padding = 0
+    cipher.auth_data = aad
+    cipher.auth_tag = cipher_tag
+    plain_text = cipher.update(cipher_text) + cipher.final
+    return plain_text
+  end
+
+  def key_encrypt(key, enc, decrypted_key)
+    if key.is_a?(JOSE::JWK)
+      key = key.kty.derive_key
+    end
+    new_alg = JOSE::JWE::ALG_C20P_KW.new(cipher_name, bits, iv || SecureRandom.random_bytes(12))
+    derived_key = key
+    aad = ''
+    plain_text = decrypted_key
+    cipher = OpenSSL::Cipher.new(new_alg.cipher_name)
+    cipher.encrypt
+    cipher.key = derived_key
+    cipher.iv = new_alg.iv
+    cipher.padding = 0
+    cipher.auth_data = aad
+    cipher_text = cipher.update(plain_text) + cipher.final
+    new_alg.tag = cipher.auth_tag
+    return cipher_text, new_alg
+  end
+
+  def next_cek(key, enc)
+    return enc.next_cek, self
+  end
+
+  # API functions
+
+  def algorithm
+    case bits
+    when 256
+      'C20PKW'
+    else
+      raise ArgumentError, "unhandled JOSE::JWE::ALG_C20P_KW bits: #{bits.inspect}"
+    end
+  end
+
+end

data/lib/jose/jwe/alg_xc20p_kw.rb

@@ -0,0 +1,86 @@
+class JOSE::JWE::ALG_XC20P_KW < Struct.new(:cipher_name, :bits, :iv, :tag)
+
+  # JOSE::JWE callbacks
+
+  def self.from_map(fields)
+    bits = nil
+    cipher_name = nil
+    case fields['alg']
+    when 'XC20PKW'
+      bits = 256
+      cipher_name = 'xchacha20-poly1305'
+    else
+      raise ArgumentError, "invalid 'alg' for JWE: #{fields['alg'].inspect}"
+    end
+    iv = nil
+    if fields.has_key?('iv')
+      iv = JOSE.urlsafe_decode64(fields['iv'])
+    end
+    tag = nil
+    if fields.has_key?('tag')
+      tag = JOSE.urlsafe_decode64(fields['tag'])
+    end
+    return new(cipher_name, bits, iv, tag), fields.except('alg', 'iv', 'tag')
+  end
+
+  def to_map(fields)
+    alg = algorithm
+    fields = fields.put('alg', alg)
+    if iv
+      fields = fields.put('iv', JOSE.urlsafe_encode64(iv))
+    end
+    if tag
+      fields = fields.put('tag', JOSE.urlsafe_encode64(tag))
+    end
+    return fields
+  end
+
+  # JOSE::JWE::ALG callbacks
+
+  def generate_key(fields, enc)
+    return JOSE::JWE::ALG.generate_key([:oct, bits.div(8)], algorithm, enc.algorithm)
+  end
+
+  def key_decrypt(key, enc, encrypted_key)
+    if iv.nil? or tag.nil?
+      raise ArgumentError, "missing required fields for decryption: 'iv' and 'tag'"
+    end
+    if key.is_a?(JOSE::JWK)
+      key = key.kty.derive_key
+    end
+    derived_key = key
+    aad = ''
+    cipher_text = encrypted_key
+    cipher_tag = tag
+    plain_text = JOSE.xchacha20poly1305_module().xchacha20poly1305_aead_decrypt(derived_key, iv, aad, cipher_text, cipher_tag)
+    return plain_text
+  end
+
+  def key_encrypt(key, enc, decrypted_key)
+    if key.is_a?(JOSE::JWK)
+      key = key.kty.derive_key
+    end
+    new_alg = JOSE::JWE::ALG_XC20P_KW.new(cipher_name, bits, iv || SecureRandom.random_bytes(24))
+    derived_key = key
+    aad = ''
+    plain_text = decrypted_key
+    cipher_text, new_alg.tag = JOSE.xchacha20poly1305_module().xchacha20poly1305_aead_encrypt(key, new_alg.iv, aad, plain_text)
+    return cipher_text, new_alg
+  end
+
+  def next_cek(key, enc)
+    return enc.next_cek, self
+  end
+
+  # API functions
+
+  def algorithm
+    case bits
+    when 256
+      'XC20PKW'
+    else
+      raise ArgumentError, "unhandled JOSE::JWE::ALG_XC20P_KW bits: #{bits.inspect}"
+    end
+  end
+
+end

data/lib/jose/jwe/enc.rb

@@ -6,3 +6,5 @@ end
 
 require 'jose/jwe/enc_aes_cbc_hmac'
 require 'jose/jwe/enc_aes_gcm'
+require 'jose/jwe/enc_c20p'
+require 'jose/jwe/enc_xc20p'

data/lib/jose/jwe/enc_c20p.rb

@@ -0,0 +1,62 @@
+class JOSE::JWE::ENC_C20P < Struct.new(:cipher_name, :bits, :cek_len, :iv_len)
+
+  # JOSE::JWE callbacks
+
+  def self.from_map(fields)
+    case fields['enc']
+    when 'C20P'
+      return new('chacha20-poly1305', 256, 32, 12), fields.delete('enc')
+    else
+      raise ArgumentError, "invalid 'enc' for JWE: #{fields['enc'].inspect}"
+    end
+  end
+
+  def to_map(fields)
+    return fields.put('enc', algorithm)
+  end
+
+  # JOSE::JWE::ENC callbacks
+
+  def algorithm
+    case cipher_name
+    when 'chacha20-poly1305'
+      return 'C20P'
+    else
+      raise ArgumentError, "unhandled JOSE::JWE::ENC_C20P cipher name: #{cipher_name.inspect}"
+    end
+  end
+
+  def block_decrypt(aad_cipher_text_cipher_tag, cek, iv)
+    aad, cipher_text, cipher_tag = aad_cipher_text_cipher_tag
+    cipher = OpenSSL::Cipher.new(cipher_name)
+    cipher.decrypt
+    cipher.key = cek
+    cipher.iv = iv
+    cipher.padding = 0
+    cipher.auth_data = aad
+    cipher.auth_tag = cipher_tag
+    plain_text = cipher.update(cipher_text) + cipher.final
+    return plain_text
+  end
+
+  def block_encrypt(aad_plain_text, cek, iv)
+    aad, plain_text = aad_plain_text
+    cipher = OpenSSL::Cipher.new(cipher_name)
+    cipher.encrypt
+    cipher.key = cek
+    cipher.iv = iv
+    cipher.padding = 0
+    cipher.auth_data = aad
+    cipher_text = cipher.update(plain_text) + cipher.final
+    return cipher_text, cipher.auth_tag
+  end
+
+  def next_cek
+    return SecureRandom.random_bytes(cek_len)
+  end
+
+  def next_iv
+    return SecureRandom.random_bytes(iv_len)
+  end
+
+end

data/lib/jose/jwe/enc_xc20p.rb

@@ -0,0 +1,49 @@
+class JOSE::JWE::ENC_XC20P < Struct.new(:cipher_name, :bits, :cek_len, :iv_len)
+
+  # JOSE::JWE callbacks
+
+  def self.from_map(fields)
+    case fields['enc']
+    when 'XC20P'
+      return new('xchacha20-poly1305', 256, 32, 24), fields.delete('enc')
+    else
+      raise ArgumentError, "invalid 'enc' for JWE: #{fields['enc'].inspect}"
+    end
+  end
+
+  def to_map(fields)
+    return fields.put('enc', algorithm)
+  end
+
+  # JOSE::JWE::ENC callbacks
+
+  def algorithm
+    case cipher_name
+    when 'xchacha20-poly1305'
+      return 'XC20P'
+    else
+      raise ArgumentError, "unhandled JOSE::JWE::ENC_XC20P cipher name: #{cipher_name.inspect}"
+    end
+  end
+
+  def block_decrypt(aad_cipher_text_cipher_tag, cek, iv)
+    aad, cipher_text, cipher_tag = aad_cipher_text_cipher_tag
+    plain_text = JOSE.xchacha20poly1305_module().xchacha20poly1305_aead_decrypt(cek, iv, aad, cipher_text, cipher_tag)
+    return plain_text
+  end
+
+  def block_encrypt(aad_plain_text, cek, iv)
+    aad, plain_text = aad_plain_text
+    cipher_text, cipher_tag = JOSE.xchacha20poly1305_module().xchacha20poly1305_aead_encrypt(cek, iv, aad, plain_text)
+    return cipher_text, cipher_tag
+  end
+
+  def next_cek
+    return SecureRandom.random_bytes(cek_len)
+  end
+
+  def next_iv
+    return SecureRandom.random_bytes(iv_len)
+  end
+
+end

data/lib/jose/jwe.rb

@@ -1076,6 +1076,8 @@ module JOSE
           JOSE::JWE::ALG_AES_KW
         when 'A128GCMKW', 'A192GCMKW', 'A256GCMKW'
           JOSE::JWE::ALG_AES_GCM_KW
+        when 'C20PKW'
+          JOSE::JWE::ALG_C20P_KW
         when 'dir'
           JOSE::JWE::ALG_dir
         when 'ECDH-ES', 'ECDH-ES+A128KW', 'ECDH-ES+A192KW', 'ECDH-ES+A256KW'
@@ -1084,6 +1086,8 @@ module JOSE
           JOSE::JWE::ALG_PBES2
         when 'RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256'
           JOSE::JWE::ALG_RSA
+        when 'XC20PKW'
+          JOSE::JWE::ALG_XC20P_KW
         else
           raise ArgumentError, "unknown 'alg': #{jwe.fields['alg'].inspect}"
         end
@@ -1095,6 +1099,10 @@ module JOSE
           JOSE::JWE::ENC_AES_CBC_HMAC
         when 'A128GCM', 'A192GCM', 'A256GCM'
           JOSE::JWE::ENC_AES_GCM
+        when 'C20P'
+          JOSE::JWE::ENC_C20P
+        when 'XC20P'
+          JOSE::JWE::ENC_XC20P
         else
           raise ArgumentError, "unknown 'enc': #{jwe.fields['enc'].inspect}"
         end

data/lib/jose/jwk/kty_ec.rb

@@ -14,16 +14,31 @@ class JOSE::JWK::KTY_EC < Struct.new(:key)
       else
         raise ArgumentError, "invalid 'EC' JWK"
       end
-      ec = OpenSSL::PKey::EC.new(crv)
+
       x = JOSE.urlsafe_decode64(fields['x'])
       y = JOSE.urlsafe_decode64(fields['y'])
-      ec.public_key = OpenSSL::PKey::EC::Point.new(
+      point    = OpenSSL::PKey::EC::Point.new(
         OpenSSL::PKey::EC::Group.new(crv),
         OpenSSL::BN.new([0x04, x, y].pack('Ca*a*'), 2)
       )
-      if fields['d'].is_a?(String)
-        ec.private_key = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2)
+
+      sequence = if fields['d'].is_a?(String)
+        OpenSSL::ASN1::Sequence([
+          OpenSSL::ASN1::Integer(1),
+          OpenSSL::ASN1::OctetString(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2).to_s(2)),
+          OpenSSL::ASN1::ObjectId(crv, 0, :EXPLICIT),
+          OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed), 1, :EXPLICIT)
+        ])
+      else
+        OpenSSL::ASN1::Sequence([
+          OpenSSL::ASN1::Sequence([
+            OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
+            OpenSSL::ASN1::ObjectId(crv)
+          ]),
+          OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
+        ])
       end
+      ec = OpenSSL::PKey::EC.new(sequence.to_der)
       return JOSE::JWK::KTY_EC.new(JOSE::JWK::PKeyProxy.new(ec)), fields.except('kty', 'crv', 'd', 'x', 'y')
     else
       raise ArgumentError, "invalid 'EC' JWK"
@@ -132,7 +147,7 @@ class JOSE::JWK::KTY_EC < Struct.new(:key)
       curve_name
     end
     if curve_name.is_a?(String)
-      return from_key(OpenSSL::PKey::EC.new(curve_name).generate_key)
+      return from_key(OpenSSL::PKey::EC.generate(curve_name))
     else
       raise ArgumentError, "'curve_name' must be a String"
     end

data/lib/jose/jwk/kty_rsa.rb

@@ -8,36 +8,32 @@ class JOSE::JWK::KTY_RSA < Struct.new(:key)
         raise ArgumentError, "multi-prime RSA keys are not supported"
       elsif fields['d'].is_a?(String)
         if fields['dp'].is_a?(String) and fields['dq'].is_a?(String) and fields['p'].is_a?(String) and fields['q'].is_a?(String) and fields['qi'].is_a?(String)
-          rsa      = OpenSSL::PKey::RSA.new
-          rsa.set_key(
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2),
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2),
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2)
-          )
-          rsa.set_factors(
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['p']), 2),
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['q']), 2)
-          )
-          rsa.set_crt_params(
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['dp']), 2),
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['dq']), 2),
-            OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['qi']), 2)
-          )
+          asn1_sequence = OpenSSL::ASN1::Sequence.new([
+            OpenSSL::ASN1::Integer.new(0),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['p']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['q']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['dp']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['dq']), 2)),
+            OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['qi']), 2))
+          ])
+          rsa = OpenSSL::PKey::RSA.new(asn1_sequence.to_der)
           return JOSE::JWK::KTY_RSA.new(JOSE::JWK::PKeyProxy.new(rsa)), fields.except('kty', 'd', 'dp', 'dq', 'e', 'n', 'p', 'q', 'qi')
         else
-          d   = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2)
-          e   = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2)
-          n   = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2)
+          d = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['d']), 2)
+          e = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2)
+          n = OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2)
           rsa = convert_sfm_to_crt(d, e, n)
           return JOSE::JWK::KTY_RSA.new(JOSE::JWK::PKeyProxy.new(rsa)), fields.except('kty', 'd', 'dp', 'dq', 'e', 'n', 'p', 'q', 'qi')
         end
       else
-        rsa   = OpenSSL::PKey::RSA.new
-        rsa.set_key(
-          OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2),
-          OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2),
-          nil
-        )
+        asn1_sequence = OpenSSL::ASN1::Sequence.new([
+          OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['n']), 2)),
+          OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(JOSE.urlsafe_decode64(fields['e']), 2))
+        ])
+        rsa = OpenSSL::PKey::RSA.new(OpenSSL::PKey::RSA.new(asn1_sequence.to_der))
         return JOSE::JWK::KTY_RSA.new(JOSE::JWK::PKeyProxy.new(rsa)), fields.except('kty', 'e', 'n')
       end
     else
@@ -140,7 +136,8 @@ class JOSE::JWK::KTY_RSA < Struct.new(:key)
       end
     end
     if modulus_size.is_a?(Integer) and (exponent_size.nil? or exponent_size.is_a?(Integer))
-      return from_key(OpenSSL::PKey::RSA.generate(modulus_size, exponent_size))
+      return from_key(OpenSSL::PKey::RSA.generate(modulus_size)) if exponent_size.nil?
+      return from_key(OpenSSL::PKey::RSA.generate(modulus_size, exponent_size)) if exponent_size.is_a?(Integer)
     else
       raise ArgumentError, "'modulus_size' must be an Integer and 'exponent_size' must be nil or an Integer"
     end
@@ -160,7 +157,12 @@ class JOSE::JWK::KTY_RSA < Struct.new(:key)
     when :rsa_pkcs1_padding
       return key.sign(digest_type.new, message)
     when :rsa_pkcs1_pss_padding
-      return JOSE::JWA::PKCS1.rsassa_pss_sign(digest_type, message, key)
+      if key.respond_to?(:sign_pss)
+        digest_name = digest_type.new.name
+        return key.sign_pss(digest_name, message, salt_length: :digest, mgf1_hash: digest_name)
+      else
+        return JOSE::JWA::PKCS1.rsassa_pss_sign(digest_type, message, key)
+      end
     else
       raise ArgumentError, "unsupported RSA padding: #{padding.inspect}"
     end
@@ -189,7 +191,12 @@ class JOSE::JWK::KTY_RSA < Struct.new(:key)
     when :rsa_pkcs1_padding
       return key.verify(digest_type.new, signature, message)
     when :rsa_pkcs1_pss_padding
-      return JOSE::JWA::PKCS1.rsassa_pss_verify(digest_type, message, signature, key)
+      if key.respond_to?(:verify_pss)
+        digest_name = digest_type.new.name
+        return key.verify_pss(digest_name, signature, message, salt_length: :digest, mgf1_hash: digest_name)
+      else
+        return JOSE::JWA::PKCS1.rsassa_pss_verify(digest_type, message, signature, key)
+      end
     else
       raise ArgumentError, "unsupported RSA padding: #{padding.inspect}"
     end
@@ -230,11 +237,18 @@ private
     dq = d % (q - 1)
     qi = q.mod_inverse(p)
 
-    rsa = OpenSSL::PKey::RSA.new
-    rsa.set_key(n, e, d)
-    rsa.set_factors(p, q)
-    rsa.set_crt_params(dp, dq, qi)
-
+    asn1_sequence = OpenSSL::ASN1::Sequence.new([
+      OpenSSL::ASN1::Integer.new(0),
+      OpenSSL::ASN1::Integer.new(n),
+      OpenSSL::ASN1::Integer.new(e),
+      OpenSSL::ASN1::Integer.new(d),
+      OpenSSL::ASN1::Integer.new(p),
+      OpenSSL::ASN1::Integer.new(q),
+      OpenSSL::ASN1::Integer.new(dp),
+      OpenSSL::ASN1::Integer.new(dq),
+      OpenSSL::ASN1::Integer.new(qi)
+    ])
+    rsa = OpenSSL::PKey::RSA.new(asn1_sequence.to_der)
     return rsa
   end
 

data/lib/jose/jwk/openssh_key.rb

@@ -190,7 +190,6 @@ private
 
   def parse_publickeys(body, n, pks = [])
     return pks, body if n == 0
-    pos = body.pos
     if pk_len = body.read(4) and pk_len.bytesize == 4
       pk_len, = pk_len.unpack('N')
       if pk = body.read(pk_len) and pk.bytesize == pk_len

data/lib/jose/jwk/set.rb

@@ -1,7 +1,7 @@
-require 'hamster/vector'
+require 'immutable/vector'
 
-# Immutable Set structure based on `Hamster::Vector`.
-class JOSE::JWK::Set < Hamster::Vector
+# Immutable Set structure based on `Immutable::Vector`.
+class JOSE::JWK::Set < Immutable::Vector
 
   def self.from_map(fields)
     if fields['keys'].is_a?(Array)

data/lib/jose/jwk.rb

@@ -481,7 +481,7 @@ module JOSE
     # Converts a private {JOSE::JWK JOSE::JWK} into a public {JOSE::JWK JOSE::JWK}.
     #
     #     !!!ruby
-    #     jwk_rsa = JOSE::JWK.generate_key([:rsa, 256]).to_map
+    #     jwk_rsa = JOSE::JWK.generate_key([:rsa, 1024]).to_map
     #     # => JOSE::Map[
     #     #  "dq" => "Iv_BghpjRyv8hk4AgsX_3w",
     #     #  "e" => "AQAB",

data/lib/jose/version.rb

@@ -1,3 +1,3 @@
 module JOSE
-  VERSION = "1.1.3"
+  VERSION = "1.2.0"
 end