json-jwt 1.6.5 → 1.7.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/lib/json/jwe.rb +1 -1
  4. data/lib/json/jwk.rb +5 -2
  5. data/lib/json/jwk/jwkizable.rb +5 -2
  6. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d7e756e4a3637cbcd2c1b84e74793ab3c1d4e4cc
4
- data.tar.gz: 272c01171561942b5cfb9dbecc0dcfa62d72741b
3
+ metadata.gz: 61b4b282f2a259c3a3dcf3fcc9f371adde084cf9
4
+ data.tar.gz: 4517f92ccc885139f9f99f18c6a6adeef3fa1e0a
5
5
  SHA512:
6
- metadata.gz: f37bdefb9acc1ad253ea9599c320f7cbd13c00e636806ea0b44d33a177d25b4248857834c23a8f9b53fd97b78a1793200f0242c12175ebded3f6d0e765596a8f
7
- data.tar.gz: 03dccfe00452b6c1b67737e89be965db978bdb0c3ee26d5f7a67ab9429a6e05aacdb5aa6277d9b6f2b54a36581b6787ad774ab47d99227d65b69251ed516a08e
6
+ metadata.gz: a44298a97fc02194b067f54b221f9955290de4dcad2e61b5a8d563c5988cf271c58b4a24089ea81e374063eddd0ff03898f1b2d7f96cec057061a525abe3b42e
7
+ data.tar.gz: 6b82141707ff644ed163b0de42d2efc784a5dddba3f789077e184b1a840d3f22a26d6d9b3cd33b75b2d600887471842f92cbadc3c2933927b78f617ee3b7539b
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.6.5
1
+ 1.7.0
data/lib/json/jwe.rb CHANGED
@@ -30,7 +30,7 @@ module JSON
30
30
  self.content_encryption_key = generate_content_encryption_key
31
31
  self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
32
32
  cipher.key = encryption_key
33
- self.iv = cipher.random_iv
33
+ self.iv = cipher.random_iv # NOTE: 'iv' has to be set after 'key' for GCM
34
34
  self.auth_data = UrlSafeBase64.encode64 header.to_json
35
35
  cipher.auth_data = auth_data if gcm?
36
36
  self.cipher_text = cipher.update(plain_text) + cipher.final
data/lib/json/jwk.rb CHANGED
@@ -90,7 +90,7 @@ module JSON
90
90
  end
91
91
 
92
92
  def to_rsa_key
93
- e, n, d, p, q = [:e, :n, :d, :p, :q].collect do |key|
93
+ e, n, d, p, q, dp, dq, qi = [:e, :n, :d, :p, :q, :dp, :dq, :qi].collect do |key|
94
94
  if self[key]
95
95
  OpenSSL::BN.new UrlSafeBase64.decode64(self[key]), 2
96
96
  end
@@ -101,6 +101,9 @@ module JSON
101
101
  key.d = d if d
102
102
  key.p = p if p
103
103
  key.q = q if q
104
+ key.dmp1 = dp if dp
105
+ key.dmq1 = dq if dq
106
+ key.iqmp = qi if qi
104
107
  key
105
108
  end
106
109
 
@@ -129,4 +132,4 @@ module JSON
129
132
  key
130
133
  end
131
134
  end
132
- end
135
+ end
data/lib/json/jwk/jwkizable.rb CHANGED
@@ -12,7 +12,10 @@ module JSON
12
12
  params.merge!(
13
13
  d: UrlSafeBase64.encode64(d.to_s(2)),
14
14
  p: UrlSafeBase64.encode64(p.to_s(2)),
15
- q: UrlSafeBase64.encode64(q.to_s(2))
15
+ q: UrlSafeBase64.encode64(q.to_s(2)),
16
+ dp: UrlSafeBase64.encode64(dmp1.to_s(2)),
17
+ dq: UrlSafeBase64.encode64(dmq1.to_s(2)),
18
+ qi: UrlSafeBase64.encode64(iqmp.to_s(2)),
16
19
  )
17
20
  end
18
21
  JWK.new params
@@ -66,4 +69,4 @@ module JSON
66
69
  end
67
70
 
68
71
  OpenSSL::PKey::RSA.send :include, JSON::JWK::JWKizable::RSA
69
- OpenSSL::PKey::EC.send :include, JSON::JWK::JWKizable::EC
72
+ OpenSSL::PKey::EC.send :include, JSON::JWK::JWKizable::EC
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.5
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-08-30 00:00:00.000000000 Z
11
+ date: 2016-12-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: multi_json
@@ -202,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
202
202
  version: '0'
203
203
  requirements: []
204
204
  rubyforge_project:
205
- rubygems_version: 2.5.1
205
+ rubygems_version: 2.5.2
206
206
  signing_key:
207
207
  specification_version: 4
208
208
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and