json-jwt 1.0.2 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/lib/json/jwe.rb +29 -29
  4. data/lib/json/jwk.rb +42 -10
  5. data/lib/json/jws.rb +3 -3
  6. data/lib/json/jwt.rb +1 -1
  7. data/spec/interop/with_rfc_example_spec.rb +20 -0
  8. data/spec/json/jwk_spec.rb +14 -2
  9. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1b179f22e49515e37f1fb1a7a76ae0e4259619ec
4
- data.tar.gz: 01bc05a740c8d7d9429f451061123108c9556188
3
+ metadata.gz: f114f8c73a49561c455f752c90361378e34691ff
4
+ data.tar.gz: 65e2c0a8b3f0054e81b28dd3d45bc3bd7d4354ba
5
5
  SHA512:
6
- metadata.gz: 507b4a7403d63f14eb41e4d0ca4a9d7a043cefc6b8b82c8dc080666f9a793fa57e545cbc9c160fce7dffb48b530ad0feda54b54407f98829bb3176ded8be0490
7
- data.tar.gz: becb5f896d13528a28a74d8d38bffa3eda0c6cf10a7c0e1e62ac00f37415637482eaa38a052ef75def9736498ff9c7bb4561664368fb13f0c8000cb0b1245907
6
+ metadata.gz: 47bda5992fac3eebb1403df68ed0f4914ba0ecd61a0c0b4d3d100cef9856a485c0e18f82ebded2774111e2e50ca3fddbe61eb54f198d1ce50fcbd84a1fea9281
7
+ data.tar.gz: da1a37510a59a5910e9e5a39fd0961c72d062dfa4fe57a6b37e4f07339aa86cd2859b0c0065b4ed5dcad56ddc4cdcaa2827b29d19939854e5492fcfae3bd36f6
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.0.2
1
+ 1.0.3
data/lib/json/jwe.rb CHANGED
@@ -72,15 +72,15 @@ module JSON
72
72
  end
73
73
 
74
74
  def gcm?
75
- [:A128GCM, :A256GCM].collect(&:to_s).include? encryption_method.to_s
75
+ [:A128GCM, :A256GCM].include? encryption_method.try(:to_sym)
76
76
  end
77
77
 
78
78
  def cbc?
79
- [:'A128CBC-HS256', :'A256CBC-HS512'].collect(&:to_s).include? encryption_method.to_s
79
+ [:'A128CBC-HS256', :'A256CBC-HS512'].include? encryption_method.try(:to_sym)
80
80
  end
81
81
 
82
82
  def dir?
83
- :dir.to_s == algorithm.to_s
83
+ :dir == algorithm.try(:to_sym)
84
84
  end
85
85
 
86
86
  def cipher
@@ -92,14 +92,14 @@ module JSON
92
92
  end
93
93
 
94
94
  def cipher_name
95
- case encryption_method.to_s
96
- when :A128GCM.to_s
95
+ case encryption_method.try(:to_sym)
96
+ when :A128GCM
97
97
  'aes-128-gcm'
98
- when :A256GCM.to_s
98
+ when :A256GCM
99
99
  'aes-256-gcm'
100
- when :'A128CBC-HS256'.to_s
100
+ when :'A128CBC-HS256'
101
101
  'aes-128-cbc'
102
- when :'A256CBC-HS512'.to_s
102
+ when :'A256CBC-HS512'
103
103
  'aes-256-cbc'
104
104
  else
105
105
  raise UnexpectedAlgorithm.new('Unknown Encryption Algorithm')
@@ -107,10 +107,10 @@ module JSON
107
107
  end
108
108
 
109
109
  def sha_size
110
- case encryption_method.to_s
111
- when :'A128CBC-HS256'.to_s
110
+ case encryption_method.try(:to_sym)
111
+ when :'A128CBC-HS256'
112
112
  256
113
- when :'A256CBC-HS512'.to_s
113
+ when :'A256CBC-HS512'
114
114
  512
115
115
  else
116
116
  raise UnexpectedAlgorithm.new('Unknown Hash Size')
@@ -135,22 +135,22 @@ module JSON
135
135
  # encryption
136
136
 
137
137
  def jwe_encrypted_key
138
- @jwe_encrypted_key ||= case algorithm.to_s
139
- when :RSA1_5.to_s
138
+ @jwe_encrypted_key ||= case algorithm.try(:to_sym)
139
+ when :RSA1_5
140
140
  public_key_or_secret.public_encrypt content_encryption_key
141
- when :'RSA-OAEP'.to_s
141
+ when :'RSA-OAEP'
142
142
  public_key_or_secret.public_encrypt content_encryption_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
143
- when :A128KW.to_s
143
+ when :A128KW
144
144
  raise NotImplementedError.new('A128KW not supported yet')
145
- when :A256KW.to_s
145
+ when :A256KW
146
146
  raise NotImplementedError.new('A256KW not supported yet')
147
- when :dir.to_s
147
+ when :dir
148
148
  ''
149
- when :'ECDH-ES'.to_s
149
+ when :'ECDH-ES'
150
150
  raise NotImplementedError.new('ECDH-ES not supported yet')
151
- when :'ECDH-ES+A128KW'.to_s
151
+ when :'ECDH-ES+A128KW'
152
152
  raise NotImplementedError.new('ECDH-ES+A128KW not supported yet')
153
- when :'ECDH-ES+A256KW'.to_s
153
+ when :'ECDH-ES+A256KW'
154
154
  raise NotImplementedError.new('ECDH-ES+A256KW not supported yet')
155
155
  else
156
156
  raise UnexpectedAlgorithm.new('Unknown Encryption Algorithm')
@@ -223,22 +223,22 @@ module JSON
223
223
  end
224
224
 
225
225
  def decrypt_content_encryption_key
226
- case algorithm.to_s
227
- when :RSA1_5.to_s
226
+ case algorithm.try(:to_sym)
227
+ when :RSA1_5
228
228
  private_key_or_secret.private_decrypt jwe_encrypted_key
229
- when :'RSA-OAEP'.to_s
229
+ when :'RSA-OAEP'
230
230
  private_key_or_secret.private_decrypt jwe_encrypted_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
231
- when :A128KW.to_s
231
+ when :A128KW
232
232
  raise NotImplementedError.new('A128KW not supported yet')
233
- when :A256KW.to_s
233
+ when :A256KW
234
234
  raise NotImplementedError.new('A256KW not supported yet')
235
- when :dir.to_s
235
+ when :dir
236
236
  private_key_or_secret
237
- when :'ECDH-ES'.to_s
237
+ when :'ECDH-ES'
238
238
  raise NotImplementedError.new('ECDH-ES not supported yet')
239
- when :'ECDH-ES+A128KW'.to_s
239
+ when :'ECDH-ES+A128KW'
240
240
  raise NotImplementedError.new('ECDH-ES+A128KW not supported yet')
241
- when :'ECDH-ES+A256KW'.to_s
241
+ when :'ECDH-ES+A256KW'
242
242
  raise NotImplementedError.new('ECDH-ES+A256KW not supported yet')
243
243
  else
244
244
  raise UnexpectedAlgorithm.new('Unknown Encryption Algorithm')
data/lib/json/jwk.rb CHANGED
@@ -10,6 +10,18 @@ module JSON
10
10
  'application/jwk+json'
11
11
  end
12
12
 
13
+ def thumbprint(digest = OpenSSL::Digest::SHA256.new)
14
+ digest = case digest
15
+ when OpenSSL::Digest
16
+ digest
17
+ when String, Symbol
18
+ OpenSSL::Digest.new digest.to_s
19
+ else
20
+ raise UnknownAlgorithm.new('Unknown Digest Algorithm')
21
+ end
22
+ UrlSafeBase64.encode64 digest.digest(normalize.to_json)
23
+ end
24
+
13
25
  private
14
26
 
15
27
  def ecdsa_coodinates(ecdsa_key)
@@ -17,7 +29,7 @@ module JSON
17
29
  hex = ecdsa_key.public_key.to_bn.to_s(16)
18
30
  data_len = hex.length - 2
19
31
  type = hex[0,2]
20
- hex_x = hex[2, data_len/2]
32
+ hex_x = hex[2, data_len/2]
21
33
  hex_y = hex[2+data_len/2, data_len/2]
22
34
  @ecdsa_coodinates = {
23
35
  x: [hex_x].pack("H*"),
@@ -43,19 +55,39 @@ module JSON
43
55
  y: UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:y].to_s),
44
56
  }
45
57
  else
46
- raise UnknownAlgorithm.new('Unknown Algorithm')
58
+ raise UnknownAlgorithm.new('Unknown Key Type')
47
59
  end
48
60
  hash.merge(options)
49
61
  end
50
62
 
63
+ def normalize
64
+ case self[:kty].try(:to_sym)
65
+ when :RSA
66
+ {
67
+ e: self[:e],
68
+ kty: self[:kty],
69
+ n: self[:n]
70
+ }
71
+ when :EC
72
+ {
73
+ crv: self[:crv],
74
+ kty: self[:kty],
75
+ x: self[:x],
76
+ y: self[:y]
77
+ }
78
+ else
79
+ raise UnknownAlgorithm.new('Unknown Key Type')
80
+ end
81
+ end
82
+
51
83
  class << self
52
84
  def ecdsa_curve_name_for(curve_identifier)
53
- case curve_identifier.to_s
54
- when 'P-256'
85
+ case curve_identifier.try(:to_sym)
86
+ when :'P-256'
55
87
  'prime256v1'
56
- when 'P-384'
88
+ when :'P-384'
57
89
  'secp384r1'
58
- when 'P-521'
90
+ when :'P-521'
59
91
  'secp521r1'
60
92
  else
61
93
  raise UnknownAlgorithm.new('Unknown ECDSA Curve')
@@ -77,15 +109,15 @@ module JSON
77
109
 
78
110
  def decode(jwk)
79
111
  jwk = jwk.with_indifferent_access
80
- case jwk[:kty].to_s
81
- when 'RSA'
112
+ case jwk[:kty].try(:to_sym)
113
+ when :RSA
82
114
  e = OpenSSL::BN.new UrlSafeBase64.decode64(jwk[:e]), 2
83
115
  n = OpenSSL::BN.new UrlSafeBase64.decode64(jwk[:n]), 2
84
116
  key = OpenSSL::PKey::RSA.new
85
117
  key.e = e
86
118
  key.n = n
87
119
  key
88
- when 'EC'
120
+ when :EC
89
121
  if RUBY_VERSION >= '2.0.0'
90
122
  key = OpenSSL::PKey::EC.new ecdsa_curve_name_for(jwk[:crv])
91
123
  x, y = [jwk[:x], jwk[:y]].collect do |decoded|
@@ -97,7 +129,7 @@ module JSON
97
129
  raise UnknownAlgorithm.new('ECDSA JWK Decoding requires Ruby 2.0+')
98
130
  end
99
131
  else
100
- raise UnknownAlgorithm.new('Unknown Algorithm')
132
+ raise UnknownAlgorithm.new('Unknown Key Type')
101
133
  end
102
134
  end
103
135
 
data/lib/json/jws.rb CHANGED
@@ -28,15 +28,15 @@ module JSON
28
28
  end
29
29
 
30
30
  def hmac?
31
- [:HS256, :HS384, :HS512].collect(&:to_s).include? algorithm.to_s
31
+ [:HS256, :HS384, :HS512].include? algorithm.try(:to_sym)
32
32
  end
33
33
 
34
34
  def rsa?
35
- [:RS256, :RS384, :RS512].collect(&:to_s).include? algorithm.to_s
35
+ [:RS256, :RS384, :RS512].include? algorithm.try(:to_sym)
36
36
  end
37
37
 
38
38
  def ecdsa?
39
- [:ES256, :ES384, :ES512].collect(&:to_s).include? algorithm.to_s
39
+ [:ES256, :ES384, :ES512].include? algorithm.try(:to_sym)
40
40
  end
41
41
 
42
42
  def signature_base_string
data/lib/json/jwt.rb CHANGED
@@ -52,7 +52,7 @@ module JSON
52
52
  end
53
53
 
54
54
  def verify(signature_base_string, public_key_or_secret = nil)
55
- if alg.to_s == 'none'
55
+ if alg.try(:to_sym) == :none
56
56
  raise UnexpectedAlgorithm if public_key_or_secret
57
57
  signature == '' or raise VerificationFailed
58
58
  else
data/spec/interop/with_rfc_example_spec.rb ADDED
@@ -0,0 +1,20 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'interop' do
4
+ describe 'with RFC Example' do
5
+ describe 'JWK Thubmprint' do
6
+ subject { JSON::JWK.new public_key }
7
+
8
+ let(:public_key) do
9
+ JSON::JWK.decode(
10
+ kty: :RSA,
11
+ n: '0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw',
12
+ e: 'AQAB',
13
+ alg: :RSA256,
14
+ kid: '2011-04-29'
15
+ )
16
+ end
17
+ its(:thumbprint) { should == 'NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs' }
18
+ end
19
+ end
20
+ end
data/spec/json/jwk_spec.rb CHANGED
@@ -21,6 +21,18 @@ describe JSON::JWK do
21
21
  its(:kid) { jwk[:kid].should == '12345' }
22
22
  its(:use) { jwk[:use].should == :sig }
23
23
  end
24
+
25
+ describe '#thumbprint' do
26
+ context 'using default hash function' do
27
+ subject { jwk.thumbprint }
28
+ it { should == 'nuBTimkcSt_AuEsD8Yv3l8CoGV31bu_3gsRDGN1iVKA' }
29
+ end
30
+
31
+ context 'using SHA512 hash function' do
32
+ subject { jwk.thumbprint :SHA512 }
33
+ it { should == '6v7pXTnQLMiQgvJlPJUdhAUSuGLzgF8C1r3ABAMFet6bc53ea-Pq4ZGbGu3RoAFsNRT1-RhTzDqtqXuLU6NOtw' }
34
+ end
35
+ end
24
36
  end
25
37
 
26
38
  context 'when ECDSA public key given' do
@@ -60,12 +72,12 @@ describe JSON::JWK do
60
72
  end
61
73
  end
62
74
 
63
- describe 'unknown algorithm' do
75
+ describe 'unknown key type' do
64
76
  it do
65
77
  key = OpenSSL::PKey::DSA.generate 256
66
78
  expect do
67
79
  JSON::JWK.new key
68
- end.to raise_error JSON::JWK::UnknownAlgorithm, 'Unknown Algorithm'
80
+ end.to raise_error JSON::JWK::UnknownAlgorithm, 'Unknown Key Type'
69
81
  end
70
82
  end
71
83
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-07 00:00:00.000000000 Z
11
+ date: 2015-07-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: multi_json
@@ -173,6 +173,7 @@ files:
173
173
  - spec/helpers/sign_key_fixture_helper.rb
174
174
  - spec/interop/with_jsrsasign_spec.rb
175
175
  - spec/interop/with_nimbus_jose_spec.rb
176
+ - spec/interop/with_rfc_example_spec.rb
176
177
  - spec/json/jwe_spec.rb
177
178
  - spec/json/jwk/set_spec.rb
178
179
  - spec/json/jwk_spec.rb
@@ -218,6 +219,7 @@ test_files:
218
219
  - spec/helpers/sign_key_fixture_helper.rb
219
220
  - spec/interop/with_jsrsasign_spec.rb
220
221
  - spec/interop/with_nimbus_jose_spec.rb
222
+ - spec/interop/with_rfc_example_spec.rb
221
223
  - spec/json/jwe_spec.rb
222
224
  - spec/json/jwk/set_spec.rb
223
225
  - spec/json/jwk_spec.rb