json-jwt 1.10.0 → 1.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0f805fa120c4c633a6be48aab961f504aa3e7d5f68aee05f13585e3751201c67
-  data.tar.gz: bb26869e462704b7ca5ae9109cd07749b76fc6ee53fc99a6db70238dbfa51c77
+  metadata.gz: e18796342211bf21448b9bb5b43749894717bc0a270ae7e1679efbbaa387fc4b
+  data.tar.gz: 19b56b26f69a78d2b3ac842865571b973426006b371674ebb6f19cfaf9156385
 SHA512:
-  metadata.gz: f2673b42a974d7b9d003f48cf17ef15580d948ef5f06ea8d4c7f46e56249d3849e342720974fcca3a979014cfc898753a541ce851099459f559568f3523f5100
-  data.tar.gz: 749aa5e6eadb127674086f77e05e691a162dddfa4cb2d3b4132a1c96649f7a8001b506169dc45112fca117afa67ca16549b090b2ad70fd7275cae2583db735ee
+  metadata.gz: 90e611ff8e6f87f4b4008c15839008b0eaea3abf498e1d40dcfb875c99c7212d558d38ea5e93f74e3dcbfb4c0f05d29d712b8e64152179ccd02602b6ec79c8ca
+  data.tar.gz: 82eb46ca549465d81027f9953f2cde953a582a7912e534a828b1114c78e1f469c9e03c9ebfb6b6609bddf11e1686defe10134fe287ed2b5768e05b8a3b53babf

data/.travis.yml

@@ -3,9 +3,9 @@ before_install:
   - git submodule update --init --recursive
 
 rvm:
-  - 2.3.7
-  - 2.4.4
-  - 2.5.1
+  - 2.5.8
+  - 2.6.6
+  - 2.7.1
 
 jdk:
-  - oraclejdk8
+  - openjdk11

data/VERSION

@@ -1 +1 @@
-1.10.0
+1.13.0

data/json-jwt.gemspec

@@ -7,11 +7,12 @@ Gem::Specification.new do |gem|
   gem.summary     = %q{JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby}
   gem.description = %q{JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby}
   gem.license     = 'MIT'
-  gem.files         = `git ls-files`.split("\n")
-  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.files         = `git ls-files`.split("\n").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
   gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   gem.require_paths = ['lib']
-  gem.required_ruby_version = '>= 2.3'
+  gem.required_ruby_version = '>= 2.4'
   gem.add_runtime_dependency 'activesupport', '>= 4.2'
   gem.add_runtime_dependency 'bindata'
   gem.add_runtime_dependency 'aes_key_wrap'

data/lib/json/jose.rb

@@ -7,9 +7,11 @@ module JSON
     included do
       extend ClassMethods
       register_header_keys :alg, :jku, :jwk, :x5u, :x5t, :x5c, :kid, :typ, :cty, :crit
+
+      # NOTE: not used anymore in this gem, but keeping in case developers are calling it.
       alias_method :algorithm, :alg
 
-      attr_accessor :header
+      attr_writer :header
       def header
         @header ||= {}
       end
@@ -26,7 +28,7 @@ module JSON
       when JSON::JWK::Set
         key.detect do |jwk|
           jwk[:kid] && jwk[:kid] == kid
-        end.try(:to_key) or raise JWK::Set::KidNotFound
+        end&.to_key or raise JWK::Set::KidNotFound
       else
         key
       end

data/lib/json/jwe.rb

@@ -14,9 +14,10 @@ module JSON
 
     attr_accessor(
       :public_key_or_secret, :private_key_or_secret,
-      :plain_text, :cipher_text, :authentication_tag, :iv, :auth_data,
-      :content_encryption_key, :jwe_encrypted_key, :encryption_key, :mac_key
+      :plain_text, :cipher_text, :iv, :auth_data,
+      :content_encryption_key, :encryption_key, :mac_key
     )
+    attr_writer :jwe_encrypted_key, :authentication_tag
 
     register_header_keys :enc, :epk, :zip, :apu, :apv
     alias_method :encryption_method, :enc
@@ -98,15 +99,15 @@ module JSON
     # common
 
     def gcm?
-      [:A128GCM, :A256GCM].include? encryption_method.try(:to_sym)
+      [:A128GCM, :A256GCM].include? encryption_method&.to_sym
     end
 
     def cbc?
-      [:'A128CBC-HS256', :'A256CBC-HS512'].include? encryption_method.try(:to_sym)
+      [:'A128CBC-HS256', :'A256CBC-HS512'].include? encryption_method&.to_sym
     end
 
     def dir?
-      :dir == algorithm.try(:to_sym)
+      :dir == alg&.to_sym
     end
 
     def cipher
@@ -115,7 +116,7 @@ module JSON
     end
 
     def cipher_name
-      case encryption_method.try(:to_sym)
+      case encryption_method&.to_sym
       when :A128GCM
         'aes-128-gcm'
       when :A256GCM
@@ -130,7 +131,7 @@ module JSON
     end
 
     def sha_size
-      case encryption_method.try(:to_sym)
+      case encryption_method&.to_sym
       when :'A128CBC-HS256'
         256
       when :'A256CBC-HS512'
@@ -158,7 +159,7 @@ module JSON
     # encryption
 
     def jwe_encrypted_key
-      @jwe_encrypted_key ||= case algorithm.try(:to_sym)
+      @jwe_encrypted_key ||= case alg&.to_sym
       when :RSA1_5
         public_key_or_secret.public_encrypt content_encryption_key
       when :'RSA-OAEP'
@@ -210,7 +211,7 @@ module JSON
 
     def decrypt_content_encryption_key
       fake_content_encryption_key = generate_content_encryption_key # NOTE: do this always not to make timing difference
-      case algorithm.try(:to_sym)
+      case alg&.to_sym
       when :RSA1_5
         private_key_or_secret.private_decrypt jwe_encrypted_key
       when :'RSA-OAEP'
@@ -253,7 +254,7 @@ module JSON
           raise InvalidFormat.new("Invalid JWE Format. JWE should include #{NUM_OF_SEGMENTS} segments.")
         end
         jwe = new
-        _header_json_, jwe.jwe_encrypted_key, jwe.iv, jwe.cipher_text, jwe.authentication_tag = input.split('.').collect do |segment|
+        _header_json_, jwe.jwe_encrypted_key, jwe.iv, jwe.cipher_text, jwe.authentication_tag = input.split('.', NUM_OF_SEGMENTS).collect do |segment|
           begin
             Base64.urlsafe_decode64 segment
           rescue ArgumentError

data/lib/json/jwk.rb

@@ -50,24 +50,16 @@ module JSON
       end
     end
 
-    private
-
     def rsa?
-      self[:kty].try(:to_sym) == :RSA
+      self[:kty]&.to_sym == :RSA
     end
 
     def ec?
-      self[:kty].try(:to_sym) == :EC
+      self[:kty]&.to_sym == :EC
     end
 
     def oct?
-      self[:kty].try(:to_sym) == :oct
-    end
-
-    def calculate_default_kid
-      self[:kid] = thumbprint
-    rescue
-      # ignore
+      self[:kty]&.to_sym == :oct
     end
 
     def normalize
@@ -95,6 +87,14 @@ module JSON
       end
     end
 
+    private
+
+    def calculate_default_kid
+      self[:kid] = thumbprint
+    rescue
+      # ignore
+    end
+
     def to_rsa_key
       e, n, d, p, q, dp, dq, qi = [:e, :n, :d, :p, :q, :dp, :dq, :qi].collect do |key|
         if self[key]
@@ -120,13 +120,15 @@ module JSON
     end
 
     def to_ec_key
-      curve_name = case self[:crv].try(:to_sym)
+      curve_name = case self[:crv]&.to_sym
       when :'P-256'
         'prime256v1'
       when :'P-384'
         'secp384r1'
       when :'P-521'
         'secp521r1'
+      when :secp256k1
+        'secp256k1'
       else
         raise UnknownAlgorithm.new('Unknown EC Curve')
       end

data/lib/json/jwk/jwkizable.rb

@@ -44,6 +44,8 @@ module JSON
             :'P-384'
           when 'secp521r1'
             :'P-521'
+          when 'secp256k1'
+            :secp256k1
           else
             raise UnknownAlgorithm.new('Unknown EC Curve')
           end

data/lib/json/jws.rb

@@ -6,23 +6,23 @@ module JSON
 
     NUM_OF_SEGMENTS = 3
 
-    attr_accessor :signature_base_string
+    attr_writer :signature_base_string
 
     def initialize(jwt)
       update jwt
     end
 
     def sign!(private_key_or_secret)
-      self.alg = autodetected_algorithm_from(private_key_or_secret) if algorithm == :autodetect
+      self.alg = autodetected_algorithm_from(private_key_or_secret) if alg == :autodetect
       self.signature = sign signature_base_string, private_key_or_secret
       self
     end
 
     def verify!(public_key_or_secret, algorithms = nil)
-      if alg.try(:to_sym) == :none
+      if alg&.to_sym == :none
         raise UnexpectedAlgorithm if public_key_or_secret
         signature == '' or raise VerificationFailed
-      elsif algorithms.blank? || Array(algorithms).include?(alg.try(:to_sym))
+      elsif algorithms.blank? || Array(algorithms).include?(alg&.to_sym)
         public_key_or_secret && valid?(public_key_or_secret) or
         raise VerificationFailed
       else
@@ -43,31 +43,23 @@ module JSON
     private
 
     def digest
-      OpenSSL::Digest.new "SHA#{algorithm.to_s[2, 3]}"
+      OpenSSL::Digest.new "SHA#{alg.to_s[2, 3]}"
     end
 
     def hmac?
-      [:HS256, :HS384, :HS512].include? algorithm.try(:to_sym)
+      [:HS256, :HS384, :HS512].include? alg&.to_sym
     end
 
     def rsa?
-      [:RS256, :RS384, :RS512].include? algorithm.try(:to_sym)
+      [:RS256, :RS384, :RS512].include? alg&.to_sym
     end
 
     def rsa_pss?
-      if [:PS256, :PS384, :PS512].include? algorithm.try(:to_sym)
-        if OpenSSL::VERSION < '2.1.0'
-          raise "#{alg} isn't supported. OpenSSL gem v2.1.0+ is required to use #{alg}."
-        else
-          true
-        end
-      else
-        false
-      end
+      [:PS256, :PS384, :PS512].include? alg&.to_sym
     end
 
     def ecdsa?
-      [:ES256, :ES384, :ES512].include? algorithm.try(:to_sym)
+      [:ES256, :ES384, :ES512, :ES256K].include? alg&.to_sym
     end
 
     def autodetected_algorithm_from(private_key_or_secret)
@@ -85,6 +77,8 @@ module JSON
           :ES384
         when 'secp521r1'
           :ES512
+        when 'secp256k1'
+          :ES256K
         else
           raise UnknownAlgorithm.new('Unknown EC Curve')
         end
@@ -118,8 +112,7 @@ module JSON
         private_key = private_key_or_secret
         verify_ecdsa_group! private_key
         asn1_to_raw(
-          private_key.dsa_sign_asn1(digest.digest signature_base_string),
-          # private_key.sign(digest, signature_base_string), # NOTE: this causes `undefined method `private?'` error in ruby 2.3
+          private_key.sign(digest, signature_base_string),
           private_key
         )
       else
@@ -152,7 +145,12 @@ module JSON
     def verify_ecdsa_group!(key)
       group_name = case digest.digest_length * 8
       when 256
-        :prime256v1
+        case key.group.curve_name
+        when 'secp256k1'
+          :secp256k1
+        else
+          :prime256v1
+        end
       when 384
         :secp384r1
       when 512
@@ -179,7 +177,7 @@ module JSON
         unless input.count('.') + 1 == NUM_OF_SEGMENTS
           raise InvalidFormat.new("Invalid JWS Format. JWS should include #{NUM_OF_SEGMENTS} segments.")
         end
-        header, claims, signature = input.split('.', JWS::NUM_OF_SEGMENTS).collect do |segment|
+        header, claims, signature = input.split('.', NUM_OF_SEGMENTS).collect do |segment|
           Base64.urlsafe_decode64 segment.to_s
         end
         header = JSON.parse(header).with_indifferent_access
@@ -191,7 +189,7 @@ module JSON
         jws = new claims
         jws.header = header
         jws.signature = signature
-        jws.signature_base_string = input.split('.')[0, JWS::NUM_OF_SEGMENTS - 1].join('.')
+        jws.signature_base_string = input.split('.')[0, NUM_OF_SEGMENTS - 1].join('.')
         jws.verify! public_key_or_secret, algorithms unless public_key_or_secret == :skip_verification
         jws
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.10.0
+  version: 1.13.0
 platform: ruby
 authors:
 - nov matake
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-12-14 00:00:00.000000000 Z
+date: 2020-05-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -133,27 +133,6 @@ files:
 - lib/json/jwk/set.rb
 - lib/json/jws.rb
 - lib/json/jwt.rb
-- spec/fixtures/ecdsa/256/private_key.pem
-- spec/fixtures/ecdsa/256/public_key.pem
-- spec/fixtures/ecdsa/384/private_key.pem
-- spec/fixtures/ecdsa/384/public_key.pem
-- spec/fixtures/ecdsa/512/private_key.pem
-- spec/fixtures/ecdsa/512/public_key.pem
-- spec/fixtures/rsa/private_key.der
-- spec/fixtures/rsa/private_key.pem
-- spec/fixtures/rsa/public_key.pem
-- spec/helpers/nimbus_spec_helper.rb
-- spec/helpers/sign_key_fixture_helper.rb
-- spec/interop/with_jsrsasign_spec.rb
-- spec/interop/with_nimbus_jose_spec.rb
-- spec/interop/with_rfc_example_spec.rb
-- spec/json/jwe_spec.rb
-- spec/json/jwk/jwkizable_spec.rb
-- spec/json/jwk/set_spec.rb
-- spec/json/jwk_spec.rb
-- spec/json/jws_spec.rb
-- spec/json/jwt_spec.rb
-- spec/spec_helper.rb
 homepage: https://github.com/nov/json-jwt
 licenses:
 - MIT
@@ -166,38 +145,16 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.3'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
   JSON Web Key) in Ruby
-test_files:
-- spec/fixtures/ecdsa/256/private_key.pem
-- spec/fixtures/ecdsa/256/public_key.pem
-- spec/fixtures/ecdsa/384/private_key.pem
-- spec/fixtures/ecdsa/384/public_key.pem
-- spec/fixtures/ecdsa/512/private_key.pem
-- spec/fixtures/ecdsa/512/public_key.pem
-- spec/fixtures/rsa/private_key.der
-- spec/fixtures/rsa/private_key.pem
-- spec/fixtures/rsa/public_key.pem
-- spec/helpers/nimbus_spec_helper.rb
-- spec/helpers/sign_key_fixture_helper.rb
-- spec/interop/with_jsrsasign_spec.rb
-- spec/interop/with_nimbus_jose_spec.rb
-- spec/interop/with_rfc_example_spec.rb
-- spec/json/jwe_spec.rb
-- spec/json/jwk/jwkizable_spec.rb
-- spec/json/jwk/set_spec.rb
-- spec/json/jwk_spec.rb
-- spec/json/jws_spec.rb
-- spec/json/jwt_spec.rb
-- spec/spec_helper.rb
+test_files: []

data/spec/fixtures/ecdsa/256/private_key.pem

@@ -1,5 +0,0 @@
------BEGIN EC PRIVATE KEY-----
-MHcCAQEEIHo5LvIgMVpOlEKjjZiE5n+xYtTxLm4Eumx7FRMgICyDoAoGCCqGSM49
-AwEHoUQDQgAEsaPyrO4Lh9kh2FxrF9y1QVmZznWnRRJwpr12UHqzrVYwzPhb3POq
-WsmGqv4nKum+WdogjJlAToN+uA+TEwDDUw==
------END EC PRIVATE KEY-----

data/spec/fixtures/ecdsa/256/public_key.pem

@@ -1,4 +0,0 @@
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsaPyrO4Lh9kh2FxrF9y1QVmZznWn
-RRJwpr12UHqzrVYwzPhb3POqWsmGqv4nKum+WdogjJlAToN+uA+TEwDDUw==
------END PUBLIC KEY-----

data/spec/fixtures/ecdsa/384/private_key.pem

@@ -1,6 +0,0 @@
------BEGIN EC PRIVATE KEY-----
-MIGkAgEBBDB1NRLzYeQa7oRUwWrnQFZOBVqzlyJ9n654/PFjCLJh/A/uGWeECoM2
-1hXEvp80pqGgBwYFK4EEACKhZANiAASmXMCnIWcrurOGDlechlsWPaFmgfZV2Xj5
-EWbsOew0wb23Kqul+rZHKN8oAFtwVG2LEHN9+GTd9xuZ6KkYuS9AE0LN42bpAveE
-5RMfogUHM4vRjsewZOik1NOykuOWK9s=
------END EC PRIVATE KEY-----

data/spec/fixtures/ecdsa/384/public_key.pem

@@ -1,5 +0,0 @@
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEplzApyFnK7qzhg5XnIZbFj2hZoH2Vdl4
-+RFm7DnsNMG9tyqrpfq2RyjfKABbcFRtixBzffhk3fcbmeipGLkvQBNCzeNm6QL3
-hOUTH6IFBzOL0Y7HsGTopNTTspLjlivb
------END PUBLIC KEY-----

data/spec/fixtures/ecdsa/512/private_key.pem

@@ -1,7 +0,0 @@
------BEGIN EC PRIVATE KEY-----
-MIHcAgEBBEIBBpwKqvGEZGpE3wX1fDzJjrrM4uXr16WKsijjqjRP8tHdnvr5p2fO
-zrPVyDVbiQDulOhSh9aouunuwmbudKjWvZagBwYFK4EEACOhgYkDgYYABAHDAg/m
-tGuq5xPU7wtJjqhfwxl0YOWN4k2+HhzcE5tpA+oro8fTP3/HfxRh69DoaasxJ+K2
-D2GaLhrGyDxIC9Kv/wFC2BHfJfm1fwSNvPWns4Ui2dUQxdpbYAzxMvWO2LamGuHC
-XKYss1QzKV1sAaenI4Ok1yDZKFa1V2YTeNOIobuCNg==
------END EC PRIVATE KEY-----