json-jwt 1.13.0 → 1.14.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e18796342211bf21448b9bb5b43749894717bc0a270ae7e1679efbbaa387fc4b
4
- data.tar.gz: 19b56b26f69a78d2b3ac842865571b973426006b371674ebb6f19cfaf9156385
3
+ metadata.gz: 91fcaee7ac6b72ca2ac913dedf96d5720c979428de6dce8c92dfd20dc692090b
4
+ data.tar.gz: 874d9dc15ae88e8378329786239ff8474bb6d79ff4ca83302734eed8e920d497
5
5
  SHA512:
6
- metadata.gz: 90e611ff8e6f87f4b4008c15839008b0eaea3abf498e1d40dcfb875c99c7212d558d38ea5e93f74e3dcbfb4c0f05d29d712b8e64152179ccd02602b6ec79c8ca
7
- data.tar.gz: 82eb46ca549465d81027f9953f2cde953a582a7912e534a828b1114c78e1f469c9e03c9ebfb6b6609bddf11e1686defe10134fe287ed2b5768e05b8a3b53babf
6
+ metadata.gz: 5d6bf57a02244d0661ee1a57abdbac9d549db17f25d4f65685d3055b51ad8a20c5f48fb9c50bd069d152192d8c25dd76b44cac65c72d1d66d7f6009d1399ed5d
7
+ data.tar.gz: db006e919ed6ee3f5fa87bce489011ec49d87e39e734fe81e1e72dbb8863ab8fe1d30892f960868f1e45176d97950abb2bc847b20b29321bab3912fa8083ca86
@@ -0,0 +1,3 @@
1
+ # These are supported funding model platforms
2
+
3
+ github: nov
data/.gitmodules CHANGED
@@ -1,3 +1,3 @@
1
1
  [submodule "spec/helpers/json-jwt-nimbus"]
2
2
  path = spec/helpers/json-jwt-nimbus
3
- url = git://github.com/nov/json-jwt-nimbus.git
3
+ url = https://github.com/nov/json-jwt-nimbus.git
data/.travis.yml CHANGED
@@ -5,7 +5,8 @@ before_install:
5
5
  rvm:
6
6
  - 2.5.8
7
7
  - 2.6.6
8
- - 2.7.1
8
+ - 2.7.2
9
+ - 3.0.2
9
10
 
10
11
  jdk:
11
12
  - openjdk11
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.13.0
1
+ 1.14.0
data/lib/json/jwk.rb CHANGED
@@ -101,22 +101,29 @@ module JSON
101
101
  OpenSSL::BN.new Base64.urlsafe_decode64(self[key]), 2
102
102
  end
103
103
  end
104
- key = OpenSSL::PKey::RSA.new
105
- if key.respond_to? :set_key
106
- key.set_key n, e, d
107
- key.set_factors p, q if p && q
108
- key.set_crt_params dp, dq, qi if dp && dq && qi
109
- else
110
- key.e = e
111
- key.n = n
112
- key.d = d if d
113
- key.p = p if p
114
- key.q = q if q
115
- key.dmp1 = dp if dp
116
- key.dmq1 = dq if dq
117
- key.iqmp = qi if qi
104
+
105
+ # Public key
106
+ data_sequence = OpenSSL::ASN1::Sequence([
107
+ OpenSSL::ASN1::Integer(n),
108
+ OpenSSL::ASN1::Integer(e),
109
+ ])
110
+
111
+ if d && p && q && dp && dq && qi
112
+ data_sequence = OpenSSL::ASN1::Sequence([
113
+ OpenSSL::ASN1::Integer(0),
114
+ OpenSSL::ASN1::Integer(n),
115
+ OpenSSL::ASN1::Integer(e),
116
+ OpenSSL::ASN1::Integer(d),
117
+ OpenSSL::ASN1::Integer(p),
118
+ OpenSSL::ASN1::Integer(q),
119
+ OpenSSL::ASN1::Integer(dp),
120
+ OpenSSL::ASN1::Integer(dq),
121
+ OpenSSL::ASN1::Integer(qi),
122
+ ])
118
123
  end
119
- key
124
+
125
+ asn1 = OpenSSL::ASN1::Sequence(data_sequence)
126
+ OpenSSL::PKey::RSA.new(asn1.to_der)
120
127
  end
121
128
 
122
129
  def to_ec_key
@@ -137,13 +144,32 @@ module JSON
137
144
  Base64.urlsafe_decode64(self[key])
138
145
  end
139
146
  end
140
- key = OpenSSL::PKey::EC.new curve_name
141
- key.private_key = OpenSSL::BN.new(d, 2) if d
142
- key.public_key = OpenSSL::PKey::EC::Point.new(
147
+
148
+ point = OpenSSL::PKey::EC::Point.new(
143
149
  OpenSSL::PKey::EC::Group.new(curve_name),
144
150
  OpenSSL::BN.new(['04' + x.unpack('H*').first + y.unpack('H*').first].pack('H*'), 2)
145
151
  )
146
- key
152
+
153
+ # Public key
154
+ data_sequence = OpenSSL::ASN1::Sequence([
155
+ OpenSSL::ASN1::Sequence([
156
+ OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
157
+ OpenSSL::ASN1::ObjectId(curve_name)
158
+ ]),
159
+ OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
160
+ ])
161
+
162
+ if d
163
+ # Private key
164
+ data_sequence = OpenSSL::ASN1::Sequence([
165
+ OpenSSL::ASN1::Integer(1),
166
+ OpenSSL::ASN1::OctetString(OpenSSL::BN.new(d, 2).to_s(2)),
167
+ OpenSSL::ASN1::ObjectId(curve_name, 0, :EXPLICIT),
168
+ OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed), 1, :EXPLICIT)
169
+ ])
170
+ end
171
+
172
+ OpenSSL::PKey::EC.new(data_sequence.to_der)
147
173
  end
148
174
  end
149
175
  end
data/lib/json/jws.rb CHANGED
@@ -156,8 +156,8 @@ module JSON
156
156
  when 512
157
157
  :secp521r1
158
158
  end
159
- key.group = OpenSSL::PKey::EC::Group.new group_name.to_s
160
- key.check_key
159
+ newkey = OpenSSL::PKey::EC.generate(group_name.to_s)
160
+ newkey.check_key
161
161
  end
162
162
 
163
163
  def raw_to_asn1(signature, public_key)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.13.0
4
+ version: 1.14.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-31 00:00:00.000000000 Z
11
+ date: 2022-07-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -116,6 +116,7 @@ executables: []
116
116
  extensions: []
117
117
  extra_rdoc_files: []
118
118
  files:
119
+ - ".github/FUNDING.yml"
119
120
  - ".gitignore"
120
121
  - ".gitmodules"
121
122
  - ".rspec"
@@ -137,7 +138,7 @@ homepage: https://github.com/nov/json-jwt
137
138
  licenses:
138
139
  - MIT
139
140
  metadata: {}
140
- post_install_message:
141
+ post_install_message:
141
142
  rdoc_options: []
142
143
  require_paths:
143
144
  - lib
@@ -152,8 +153,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
152
153
  - !ruby/object:Gem::Version
153
154
  version: '0'
154
155
  requirements: []
155
- rubygems_version: 3.0.3
156
- signing_key:
156
+ rubygems_version: 3.1.6
157
+ signing_key:
157
158
  specification_version: 4
158
159
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
159
160
  JSON Web Key) in Ruby