json-jwt 0.6.1 → 0.7.0.alpha
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/json-jwt.gemspec +2 -1
- data/lib/json/jwe.rb +1 -1
- data/lib/json/jwk.rb +36 -17
- data/lib/json/jws.rb +2 -2
- data/spec/fixtures/ecdsa/256/private_key.pem +3 -3
- data/spec/fixtures/ecdsa/256/public_key.pem +2 -2
- data/spec/json/jwk_spec.rb +12 -14
- data/spec/json/jwt_spec.rb +1 -1
- data/spec/spec_helper.rb +7 -0
- metadata +21 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: de4af966b0dc54f6caf14149295dbb7f8bccd856
|
|
4
|
+
data.tar.gz: 2a93fc7d1d35b3fc7319f31a2fed23392c0ed7d8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d7424823b6791844548cc154beaa9569672c1f7f439770d21f3effed0a3b9a7007de394c2bc2aee627907e97d2a080e48ff51d578a2a0f82ce34979aabcacf08
|
|
7
|
+
data.tar.gz: bbdd062cc11dfc58af47d27969ee42a1c940e7a1646a818458a69d8cbac25b869bd14123f63bf4326913c2b3af3db6b21c30b69d46203db82f91b507dcdffd6a
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.7.0.alpha
|
data/json-jwt.gemspec
CHANGED
|
@@ -18,5 +18,6 @@ Gem::Specification.new do |gem|
|
|
|
18
18
|
gem.add_runtime_dependency "securecompare"
|
|
19
19
|
gem.add_development_dependency "rake", ">= 0.8"
|
|
20
20
|
gem.add_development_dependency "simplecov"
|
|
21
|
-
gem.add_development_dependency "rspec"
|
|
21
|
+
gem.add_development_dependency "rspec"
|
|
22
|
+
gem.add_development_dependency 'rspec-its'
|
|
22
23
|
end
|
data/lib/json/jwe.rb
CHANGED
data/lib/json/jwk.rb
CHANGED
|
@@ -12,19 +12,6 @@ module JSON
|
|
|
12
12
|
|
|
13
13
|
private
|
|
14
14
|
|
|
15
|
-
def ecdsa_curve_name(ecdsa_key)
|
|
16
|
-
case ecdsa_key.group.curve_name
|
|
17
|
-
when 'secp256k1'
|
|
18
|
-
:'P-256'
|
|
19
|
-
when 'secp384r1'
|
|
20
|
-
:'P-384'
|
|
21
|
-
when 'secp521r1'
|
|
22
|
-
:'P-521'
|
|
23
|
-
else
|
|
24
|
-
raise UnknownAlgorithm.new('Unknown ECDSA Curve')
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
|
|
28
15
|
def ecdsa_coodinates(ecdsa_key)
|
|
29
16
|
unless @ecdsa_coodinates
|
|
30
17
|
hex = ecdsa_key.public_key.to_bn.to_s(16)
|
|
@@ -33,8 +20,8 @@ module JSON
|
|
|
33
20
|
hex_x = hex[2, data_len/2]
|
|
34
21
|
hex_y = hex[2+data_len/2, data_len/2]
|
|
35
22
|
@ecdsa_coodinates = {
|
|
36
|
-
:x => hex_x,
|
|
37
|
-
:y => hex_y
|
|
23
|
+
:x => [hex_x].pack("H*"),
|
|
24
|
+
:y => [hex_y].pack("H*")
|
|
38
25
|
}
|
|
39
26
|
end
|
|
40
27
|
@ecdsa_coodinates
|
|
@@ -51,7 +38,7 @@ module JSON
|
|
|
51
38
|
when OpenSSL::PKey::EC
|
|
52
39
|
{
|
|
53
40
|
:kty => :EC,
|
|
54
|
-
:crv =>
|
|
41
|
+
:crv => self.class.ecdsa_curve_identifier_for(public_key.group.curve_name),
|
|
55
42
|
:x => UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:x].to_s),
|
|
56
43
|
:y => UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:y].to_s),
|
|
57
44
|
}
|
|
@@ -62,6 +49,32 @@ module JSON
|
|
|
62
49
|
end
|
|
63
50
|
|
|
64
51
|
class << self
|
|
52
|
+
def ecdsa_curve_name_for(curve_identifier)
|
|
53
|
+
case curve_identifier.to_s
|
|
54
|
+
when 'P-256'
|
|
55
|
+
'prime256v1'
|
|
56
|
+
when 'P-384'
|
|
57
|
+
'secp384r1'
|
|
58
|
+
when 'P-521'
|
|
59
|
+
'secp521r1'
|
|
60
|
+
else
|
|
61
|
+
raise UnknownAlgorithm.new('Unknown ECDSA Curve')
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def ecdsa_curve_identifier_for(curve_name)
|
|
66
|
+
case curve_name
|
|
67
|
+
when 'prime256v1'
|
|
68
|
+
:'P-256'
|
|
69
|
+
when 'secp384r1'
|
|
70
|
+
:'P-384'
|
|
71
|
+
when 'secp521r1'
|
|
72
|
+
:'P-521'
|
|
73
|
+
else
|
|
74
|
+
raise UnknownAlgorithm.new('Unknown ECDSA Curve')
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
|
|
65
78
|
def decode(jwk)
|
|
66
79
|
jwk = jwk.with_indifferent_access
|
|
67
80
|
case jwk[:kty].to_s
|
|
@@ -73,7 +86,13 @@ module JSON
|
|
|
73
86
|
key.n = n
|
|
74
87
|
key
|
|
75
88
|
when 'EC'
|
|
76
|
-
|
|
89
|
+
key = OpenSSL::PKey::EC.new ecdsa_curve_name_for(jwk[:crv])
|
|
90
|
+
x, y = [jwk[:x], jwk[:y]].collect do |decoded|
|
|
91
|
+
UrlSafeBase64.decode64(decoded).unpack('H*').first
|
|
92
|
+
end
|
|
93
|
+
key_bn = OpenSSL::BN.new ['04', x, y].join, 16
|
|
94
|
+
key.public_key = OpenSSL::PKey::EC::Point.new key.group, key_bn
|
|
95
|
+
key
|
|
77
96
|
else
|
|
78
97
|
raise UnknownAlgorithm.new('Unknown Algorithm')
|
|
79
98
|
end
|
data/lib/json/jws.rb
CHANGED
|
@@ -24,7 +24,7 @@ module JSON
|
|
|
24
24
|
private
|
|
25
25
|
|
|
26
26
|
def digest
|
|
27
|
-
OpenSSL::Digest
|
|
27
|
+
OpenSSL::Digest.new "SHA#{algorithm.to_s[2, 3]}"
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def hmac?
|
|
@@ -84,7 +84,7 @@ module JSON
|
|
|
84
84
|
def verify_ecdsa_group!(key)
|
|
85
85
|
group_name = case digest.digest_length * 8
|
|
86
86
|
when 256
|
|
87
|
-
:
|
|
87
|
+
:prime256v1
|
|
88
88
|
when 384
|
|
89
89
|
:secp384r1
|
|
90
90
|
when 512
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
-----BEGIN EC PRIVATE KEY-----
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
2
|
+
MHcCAQEEIHo5LvIgMVpOlEKjjZiE5n+xYtTxLm4Eumx7FRMgICyDoAoGCCqGSM49
|
|
3
|
+
AwEHoUQDQgAEsaPyrO4Lh9kh2FxrF9y1QVmZznWnRRJwpr12UHqzrVYwzPhb3POq
|
|
4
|
+
WsmGqv4nKum+WdogjJlAToN+uA+TEwDDUw==
|
|
5
5
|
-----END EC PRIVATE KEY-----
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
-----BEGIN PUBLIC KEY-----
|
|
2
|
-
|
|
3
|
-
|
|
2
|
+
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsaPyrO4Lh9kh2FxrF9y1QVmZznWn
|
|
3
|
+
RRJwpr12UHqzrVYwzPhb3POqWsmGqv4nKum+WdogjJlAToN+uA+TEwDDUw==
|
|
4
4
|
-----END PUBLIC KEY-----
|
data/spec/json/jwk_spec.rb
CHANGED
|
@@ -27,16 +27,16 @@ describe JSON::JWK do
|
|
|
27
27
|
let(:expected_coodinates) do
|
|
28
28
|
{
|
|
29
29
|
256 => {
|
|
30
|
-
x: '
|
|
31
|
-
y: '
|
|
30
|
+
x: 'saPyrO4Lh9kh2FxrF9y1QVmZznWnRRJwpr12UHqzrVY',
|
|
31
|
+
y: 'MMz4W9zzqlrJhqr-JyrpvlnaIIyZQE6DfrgPkxMAw1M'
|
|
32
32
|
},
|
|
33
33
|
384 => {
|
|
34
|
-
x: '
|
|
35
|
-
y: '
|
|
34
|
+
x: 'plzApyFnK7qzhg5XnIZbFj2hZoH2Vdl4-RFm7DnsNMG9tyqrpfq2RyjfKABbcFRt',
|
|
35
|
+
y: 'ixBzffhk3fcbmeipGLkvQBNCzeNm6QL3hOUTH6IFBzOL0Y7HsGTopNTTspLjlivb'
|
|
36
36
|
},
|
|
37
37
|
512 => {
|
|
38
|
-
x: '
|
|
39
|
-
y: '
|
|
38
|
+
x: 'AcMCD-a0a6rnE9TvC0mOqF_DGXRg5Y3iTb4eHNwTm2kD6iujx9M_f8d_FGHr0OhpqzEn4rYPYZouGsbIPEgL0q__',
|
|
39
|
+
y: 'AULYEd8l-bV_BI289aezhSLZ1RDF2ltgDPEy9Y7YtqYa4cJcpiyzVDMpXWwBp6cjg6TXINkoVrVXZhN404ihu4I2'
|
|
40
40
|
}
|
|
41
41
|
}
|
|
42
42
|
end
|
|
@@ -121,14 +121,12 @@ NrqoxoakrPo1NI1u+ET8oWGmnjB/nJFAPwIDAQAB
|
|
|
121
121
|
|
|
122
122
|
context 'when ECDSA' do
|
|
123
123
|
it do
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
)
|
|
131
|
-
end.to raise_error NotImplementedError
|
|
124
|
+
JSON::JWK.decode(
|
|
125
|
+
kty: :EC,
|
|
126
|
+
crv: 'P-256',
|
|
127
|
+
x: 'MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4',
|
|
128
|
+
y: '4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM'
|
|
129
|
+
).should be_instance_of OpenSSL::PKey::EC
|
|
132
130
|
end
|
|
133
131
|
end
|
|
134
132
|
|
data/spec/json/jwt_spec.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
|
@@ -5,7 +5,14 @@ SimpleCov.start do
|
|
|
5
5
|
end
|
|
6
6
|
|
|
7
7
|
require 'rspec'
|
|
8
|
+
require 'rspec/its'
|
|
8
9
|
require 'json/jwt'
|
|
9
10
|
|
|
11
|
+
RSpec.configure do |config|
|
|
12
|
+
config.expect_with :rspec do |c|
|
|
13
|
+
c.syntax = [:should, :expect]
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
10
17
|
require 'helpers/sign_key_fixture_helper'
|
|
11
18
|
require 'helpers/nimbus_spec_helper'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0.alpha
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-07-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: multi_json
|
|
@@ -114,14 +114,28 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - ">="
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: '
|
|
117
|
+
version: '0'
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - ">="
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: '
|
|
124
|
+
version: '0'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: rspec-its
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - ">="
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '0'
|
|
132
|
+
type: :development
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - ">="
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '0'
|
|
125
139
|
description: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption
|
|
126
140
|
and JSON Web Key) in Ruby
|
|
127
141
|
email:
|
|
@@ -178,12 +192,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
178
192
|
version: '0'
|
|
179
193
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
180
194
|
requirements:
|
|
181
|
-
- - "
|
|
195
|
+
- - ">"
|
|
182
196
|
- !ruby/object:Gem::Version
|
|
183
|
-
version:
|
|
197
|
+
version: 1.3.1
|
|
184
198
|
requirements: []
|
|
185
199
|
rubyforge_project:
|
|
186
|
-
rubygems_version: 2.2.
|
|
200
|
+
rubygems_version: 2.2.2
|
|
187
201
|
signing_key:
|
|
188
202
|
specification_version: 4
|
|
189
203
|
summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
|