json-jwt 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- data/Gemfile.lock +8 -8
- data/VERSION +1 -1
- data/lib/json/jwk.rb +38 -1
- data/lib/json/jws.rb +19 -4
- data/spec/fixtures/ecdsa/256/private_key.pem +5 -0
- data/spec/fixtures/ecdsa/256/public_key.pem +4 -0
- data/spec/fixtures/ecdsa/384/private_key.pem +6 -0
- data/spec/fixtures/ecdsa/384/public_key.pem +5 -0
- data/spec/fixtures/ecdsa/512/private_key.pem +7 -0
- data/spec/fixtures/ecdsa/512/public_key.pem +6 -0
- data/spec/helpers/sign_key_fixture_helper.rb +24 -11
- data/spec/json/jwk_spec.rb +50 -6
- data/spec/json/jws_spec.rb +22 -12
- data/spec/json/jwt_spec.rb +8 -0
- metadata +14 -2
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
json-jwt (0.1.
|
|
4
|
+
json-jwt (0.1.5)
|
|
5
5
|
activesupport (>= 2.3)
|
|
6
6
|
i18n
|
|
7
7
|
json (>= 1.4.3)
|
|
@@ -24,14 +24,14 @@ GEM
|
|
|
24
24
|
json (1.7.3)
|
|
25
25
|
multi_json (1.3.6)
|
|
26
26
|
rake (0.9.2.2)
|
|
27
|
-
rspec (2.
|
|
28
|
-
rspec-core (~> 2.
|
|
29
|
-
rspec-expectations (~> 2.
|
|
30
|
-
rspec-mocks (~> 2.
|
|
31
|
-
rspec-core (2.
|
|
32
|
-
rspec-expectations (2.
|
|
27
|
+
rspec (2.11.0)
|
|
28
|
+
rspec-core (~> 2.11.0)
|
|
29
|
+
rspec-expectations (~> 2.11.0)
|
|
30
|
+
rspec-mocks (~> 2.11.0)
|
|
31
|
+
rspec-core (2.11.1)
|
|
32
|
+
rspec-expectations (2.11.1)
|
|
33
33
|
diff-lcs (~> 1.1.3)
|
|
34
|
-
rspec-mocks (2.
|
|
34
|
+
rspec-mocks (2.11.1)
|
|
35
35
|
url_safe_base64 (0.2.1)
|
|
36
36
|
yamler (0.1.0)
|
|
37
37
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.1.
|
|
1
|
+
0.1.6
|
data/lib/json/jwk.rb
CHANGED
|
@@ -1,11 +1,41 @@
|
|
|
1
1
|
module JSON
|
|
2
2
|
class JWK < Hash
|
|
3
|
+
class UnknownAlgorighm < JWT::Exception; end
|
|
4
|
+
|
|
3
5
|
def initialize(public_key, options = {})
|
|
4
6
|
replace encode(public_key, options)
|
|
5
7
|
end
|
|
6
8
|
|
|
7
9
|
private
|
|
8
10
|
|
|
11
|
+
def ecdsa_curve_name(ecdsa_key)
|
|
12
|
+
case ecdsa_key.group.curve_name
|
|
13
|
+
when 'secp256k1'
|
|
14
|
+
:'P-256'
|
|
15
|
+
when 'secp384r1'
|
|
16
|
+
:'P-384'
|
|
17
|
+
when 'secp521r1'
|
|
18
|
+
:'P-521'
|
|
19
|
+
else
|
|
20
|
+
raise UnknownAlgorighm.new('Unknown ECDSA Curve')
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def ecdsa_coodinates(ecdsa_key)
|
|
25
|
+
unless @ecdsa_coodinates
|
|
26
|
+
hex = ecdsa_key.public_key.to_bn.to_s(16)
|
|
27
|
+
data_len = hex.length - 2
|
|
28
|
+
type = hex[0,2]
|
|
29
|
+
hex_x = hex[2, data_len/2]
|
|
30
|
+
hex_y = hex[2+data_len/2, data_len/2]
|
|
31
|
+
@ecdsa_coodinates = {
|
|
32
|
+
:x => hex_x,
|
|
33
|
+
:y => hex_y
|
|
34
|
+
}
|
|
35
|
+
end
|
|
36
|
+
@ecdsa_coodinates
|
|
37
|
+
end
|
|
38
|
+
|
|
9
39
|
def encode(public_key, options = {})
|
|
10
40
|
hash = case public_key
|
|
11
41
|
when OpenSSL::PKey::RSA
|
|
@@ -14,8 +44,15 @@ module JSON
|
|
|
14
44
|
exp: UrlSafeBase64.encode64(public_key.e.to_s(2)),
|
|
15
45
|
mod: UrlSafeBase64.encode64(public_key.n.to_s(2))
|
|
16
46
|
}
|
|
47
|
+
when OpenSSL::PKey::EC
|
|
48
|
+
{
|
|
49
|
+
alg: :EC,
|
|
50
|
+
crv: ecdsa_curve_name(public_key),
|
|
51
|
+
x: UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:x].to_s),
|
|
52
|
+
y: UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:y].to_s)
|
|
53
|
+
}
|
|
17
54
|
else
|
|
18
|
-
raise
|
|
55
|
+
raise UnknownAlgorighm.new('Unknown Algorithm')
|
|
19
56
|
end
|
|
20
57
|
hash.merge(options)
|
|
21
58
|
end
|
data/lib/json/jws.rb
CHANGED
|
@@ -58,8 +58,9 @@ module JSON
|
|
|
58
58
|
private_key = private_key_or_secret
|
|
59
59
|
private_key.sign digest, signature_base_string
|
|
60
60
|
when ecdsa?
|
|
61
|
-
|
|
62
|
-
|
|
61
|
+
private_key = private_key_or_secret
|
|
62
|
+
verify_ecdsa_group! private_key
|
|
63
|
+
private_key.dsa_sign_asn1 digest.digest(signature_base_string)
|
|
63
64
|
else
|
|
64
65
|
raise InvalidFormat.new('Unknown Signature Algorithm')
|
|
65
66
|
end
|
|
@@ -74,13 +75,27 @@ module JSON
|
|
|
74
75
|
public_key = public_key_or_secret
|
|
75
76
|
public_key.verify digest, signature, signature_base_string
|
|
76
77
|
when ecdsa?
|
|
77
|
-
|
|
78
|
-
|
|
78
|
+
public_key = public_key_or_secret
|
|
79
|
+
verify_ecdsa_group! public_key
|
|
80
|
+
public_key.dsa_verify_asn1 digest.digest(signature_base_string), signature
|
|
79
81
|
else
|
|
80
82
|
raise InvalidFormat.new('Unknown Signature Algorithm')
|
|
81
83
|
end
|
|
82
84
|
end
|
|
83
85
|
|
|
86
|
+
def verify_ecdsa_group!(key)
|
|
87
|
+
group_name = case digest.digest_length * 8
|
|
88
|
+
when 256
|
|
89
|
+
'secp256k1'
|
|
90
|
+
when 384
|
|
91
|
+
'secp384r1'
|
|
92
|
+
when 512
|
|
93
|
+
'secp521r1'
|
|
94
|
+
end
|
|
95
|
+
key.group = OpenSSL::PKey::EC::Group.new group_name
|
|
96
|
+
key.check_key
|
|
97
|
+
end
|
|
98
|
+
|
|
84
99
|
def replace(hash_or_jwt)
|
|
85
100
|
super
|
|
86
101
|
if hash_or_jwt.is_a? JSON::JWT
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
-----BEGIN EC PRIVATE KEY-----
|
|
2
|
+
MIGkAgEBBDB1NRLzYeQa7oRUwWrnQFZOBVqzlyJ9n654/PFjCLJh/A/uGWeECoM2
|
|
3
|
+
1hXEvp80pqGgBwYFK4EEACKhZANiAASmXMCnIWcrurOGDlechlsWPaFmgfZV2Xj5
|
|
4
|
+
EWbsOew0wb23Kqul+rZHKN8oAFtwVG2LEHN9+GTd9xuZ6KkYuS9AE0LN42bpAveE
|
|
5
|
+
5RMfogUHM4vRjsewZOik1NOykuOWK9s=
|
|
6
|
+
-----END EC PRIVATE KEY-----
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
-----BEGIN EC PRIVATE KEY-----
|
|
2
|
+
MIHcAgEBBEIBBpwKqvGEZGpE3wX1fDzJjrrM4uXr16WKsijjqjRP8tHdnvr5p2fO
|
|
3
|
+
zrPVyDVbiQDulOhSh9aouunuwmbudKjWvZagBwYFK4EEACOhgYkDgYYABAHDAg/m
|
|
4
|
+
tGuq5xPU7wtJjqhfwxl0YOWN4k2+HhzcE5tpA+oro8fTP3/HfxRh69DoaasxJ+K2
|
|
5
|
+
D2GaLhrGyDxIC9Kv/wFC2BHfJfm1fwSNvPWns4Ui2dUQxdpbYAzxMvWO2LamGuHC
|
|
6
|
+
XKYss1QzKV1sAaenI4Ok1yDZKFa1V2YTeNOIobuCNg==
|
|
7
|
+
-----END EC PRIVATE KEY-----
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
-----BEGIN PUBLIC KEY-----
|
|
2
|
+
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBwwIP5rRrqucT1O8LSY6oX8MZdGDl
|
|
3
|
+
jeJNvh4c3BObaQPqK6PH0z9/x38UYevQ6GmrMSfitg9hmi4axsg8SAvSr/8BQtgR
|
|
4
|
+
3yX5tX8Ejbz1p7OFItnVEMXaW2AM8TL1jti2phrhwlymLLNUMyldbAGnpyODpNcg
|
|
5
|
+
2ShWtVdmE3jTiKG7gjY=
|
|
6
|
+
-----END PUBLIC KEY-----
|
|
@@ -7,23 +7,36 @@ module SignKeyFixtureHelper
|
|
|
7
7
|
File.new(
|
|
8
8
|
File.join(
|
|
9
9
|
File.dirname(__FILE__),
|
|
10
|
-
|
|
11
|
-
"#{file_name}.pem"
|
|
10
|
+
"../fixtures/#{file_name}.pem"
|
|
12
11
|
)
|
|
13
12
|
)
|
|
14
13
|
end
|
|
15
14
|
|
|
16
|
-
def private_key
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
15
|
+
def private_key(algorithm = :rsa, options = {})
|
|
16
|
+
case algorithm
|
|
17
|
+
when :rsa
|
|
18
|
+
OpenSSL::PKey::RSA.new(
|
|
19
|
+
pem_file("#{algorithm}/private_key"),
|
|
20
|
+
'pass-phrase'
|
|
21
|
+
)
|
|
22
|
+
when :ecdsa
|
|
23
|
+
OpenSSL::PKey::EC.new(
|
|
24
|
+
pem_file("#{algorithm}/#{options[:digest_length]}/private_key")
|
|
25
|
+
)
|
|
26
|
+
end
|
|
21
27
|
end
|
|
22
28
|
|
|
23
|
-
def public_key
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
29
|
+
def public_key(algorithm = :rsa, options = {})
|
|
30
|
+
case algorithm
|
|
31
|
+
when :rsa
|
|
32
|
+
OpenSSL::PKey::RSA.new(
|
|
33
|
+
pem_file("#{algorithm}/public_key")
|
|
34
|
+
)
|
|
35
|
+
when :ecdsa
|
|
36
|
+
OpenSSL::PKey::EC.new(
|
|
37
|
+
pem_file("#{algorithm}/#{options[:digest_length]}/public_key")
|
|
38
|
+
)
|
|
39
|
+
end
|
|
27
40
|
end
|
|
28
41
|
end
|
|
29
42
|
|
data/spec/json/jwk_spec.rb
CHANGED
|
@@ -1,20 +1,64 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe JSON::JWK do
|
|
4
|
-
let(:rsa_public_key) { public_key }
|
|
5
|
-
|
|
6
4
|
context 'when RSA public key given' do
|
|
7
|
-
let(:jwk) { JSON::JWK.new
|
|
5
|
+
let(:jwk) { JSON::JWK.new public_key }
|
|
8
6
|
it { jwk.should include :alg, :exp, :mod }
|
|
9
7
|
its(:alg) { jwk[:alg].should == :RSA }
|
|
10
|
-
its(:exp) { jwk[:exp].should == UrlSafeBase64.encode64(
|
|
11
|
-
its(:mod) { jwk[:mod].should == UrlSafeBase64.encode64(
|
|
8
|
+
its(:exp) { jwk[:exp].should == UrlSafeBase64.encode64(public_key.e.to_s(2)) }
|
|
9
|
+
its(:mod) { jwk[:mod].should == UrlSafeBase64.encode64(public_key.n.to_s(2)) }
|
|
12
10
|
|
|
13
11
|
context 'when kid/use options given' do
|
|
14
|
-
let(:jwk) { JSON::JWK.new
|
|
12
|
+
let(:jwk) { JSON::JWK.new public_key, :kid => '12345', :use => :sig }
|
|
15
13
|
it { jwk.should include :kid, :use }
|
|
16
14
|
its(:kid) { jwk[:kid].should == '12345' }
|
|
17
15
|
its(:use) { jwk[:use].should == :sig }
|
|
18
16
|
end
|
|
19
17
|
end
|
|
18
|
+
|
|
19
|
+
context 'when ECDSA public key given' do
|
|
20
|
+
let(:expected_coodinates) do
|
|
21
|
+
{
|
|
22
|
+
256 => {
|
|
23
|
+
:x => 'OTUyMUU1NjJFOEQ3NDA0MTRDOEEyQjk5RDQ2NkZERDVFNUYwQzUzMUFGNENBNkMxMTY2Q0NFQzUzQjVGRDMwRg',
|
|
24
|
+
:y => 'MDIwQTRENTQwN0ExQkJFNzQwNkJDNjIyMUI5NjUxQTY1NjY5Mjg4QUU1OEE1NjRDNjcwN0Q1RkQ5REM3MDlCNw'
|
|
25
|
+
},
|
|
26
|
+
384 => {
|
|
27
|
+
:x => 'QTY1Q0MwQTcyMTY3MkJCQUIzODYwRTU3OUM4NjVCMTYzREExNjY4MUY2NTVEOTc4RjkxMTY2RUMzOUVDMzRDMUJEQjcyQUFCQTVGQUI2NDcyOERGMjgwMDVCNzA1NDZE',
|
|
28
|
+
:y => 'OEIxMDczN0RGODY0RERGNzFCOTlFOEE5MThCOTJGNDAxMzQyQ0RFMzY2RTkwMkY3ODRFNTEzMUZBMjA1MDczMzhCRDE4RUM3QjA2NEU4QTRENEQzQjI5MkUzOTYyQkRC'
|
|
29
|
+
},
|
|
30
|
+
512 => {
|
|
31
|
+
:x => 'MDFDMzAyMEZFNkI0NkJBQUU3MTNENEVGMEI0OThFQTg1RkMzMTk3NDYwRTU4REUyNERCRTFFMUNEQzEzOUI2OTAzRUEyQkEzQzdEMzNGN0ZDNzdGMTQ2MUVCRDBFODY5QUIzMTI3RTJCNjBGNjE5QTJFMUFDNkM4M0M0ODBCRDJBRkZG',
|
|
32
|
+
:y => 'MDE0MkQ4MTFERjI1RjlCNTdGMDQ4REJDRjVBN0IzODUyMkQ5RDUxMEM1REE1QjYwMENGMTMyRjU4RUQ4QjZBNjFBRTFDMjVDQTYyQ0IzNTQzMzI5NUQ2QzAxQTdBNzIzODNBNEQ3MjBEOTI4NTZCNTU3NjYxMzc4RDM4OEExQkI4MjM2'
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
end
|
|
36
|
+
[256, 384, 512].each do |digest_length|
|
|
37
|
+
describe "EC#{digest_length}" do
|
|
38
|
+
let(:jwk) { JSON::JWK.new public_key(:ecdsa, :digest_length => digest_length) }
|
|
39
|
+
it { jwk.should include :alg, :crv, :x, :y }
|
|
40
|
+
its(:alg) { jwk[:alg].should == :EC }
|
|
41
|
+
its(:x) { jwk[:x].should == expected_coodinates[digest_length][:x] }
|
|
42
|
+
its(:y) { jwk[:y].should == expected_coodinates[digest_length][:y] }
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
describe 'unknown curve' do
|
|
47
|
+
it do
|
|
48
|
+
key = OpenSSL::PKey::EC.new('secp112r2').generate_key
|
|
49
|
+
expect do
|
|
50
|
+
JSON::JWK.new key
|
|
51
|
+
end.to raise_error JSON::JWK::UnknownAlgorighm, 'Unknown ECDSA Curve'
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
describe 'unknown algorithm' do
|
|
57
|
+
it do
|
|
58
|
+
key = OpenSSL::PKey::DSA.generate 256
|
|
59
|
+
expect do
|
|
60
|
+
JSON::JWK.new key
|
|
61
|
+
end.to raise_error JSON::JWK::UnknownAlgorighm, 'Unknown Algorithm'
|
|
62
|
+
end
|
|
63
|
+
end
|
|
20
64
|
end
|
data/spec/json/jws_spec.rb
CHANGED
|
@@ -24,10 +24,7 @@ describe JSON::JWS do
|
|
|
24
24
|
:HS512 => 'ce-GlHDaNwaHfmAFRGp3QPPKvrpruTug2hC1bf6yNlbuvkMwJw2jFZgq_4wmIPetRdiBy7XFq7rrtmw1Im7tmQ',
|
|
25
25
|
:RS256 => 'E5VELqAdla2Bx1axc9KFxO0EiCr0Mw6HPYX070qGQ8zA_XmyxGPUZLyyWU_6Cn399W-oYBWO2ynLlr8pqqjP3jXevyCeYeGRVN0HzLYiBebEugNnc3hevr7WV2UzfksWRA-Ux2bDv2sz9p_LGbL33wWNxGDvIlpDyZUul_a48nCipS0riBjkTLTSE8dfBxQTXEF5GEUUu99ot6aBLzUhc25nHXSXogXF6MHK-hAcE7f4v-vJ0lbPbHLVGUopIoxoqe4XjoBpzE5UvhrVl5LYbdjbyJhu5ZIA8GLsgwtUFh3dfdIechORoR3k5NSFSv8157bAEa8t4iwgWD2MSNSQnw',
|
|
26
26
|
:RS384 => 'lT5JbytGKgG9QrwkJuxgw7UjmN9tjkEQW9pVGR2XnKEdC0_wLNIzAmT-jTwyMDGBLUkWO7opDOP6Xy6_DOTg58k9PwVkyQzrLnmxJMEng2Q-aMqcitRSIvUk3DPy8kemp8yUPls9NzWmByM2GoUVHbDsR0r-tZN-g_9QYev32mvMhjMr30JI5S2xiRjc9m2GAaXMOQmNTovJgV4bgCp4UjruCrA0BD1JJwDqKYoR_YYr_ALcVjD_LUgy80udJvbi8MAYJVUf0QYtQDrX2wnT_-eiiWjD5XafLuXEQVDRh-v2MKAwdvtXMq5cZ08Zjl2SyHxJ3OqhEeWPvYGltxZh_A',
|
|
27
|
-
:RS512 => 'EHeGM2Mo3ghhUfSB99AlREehrbC6OPE-nYL_rwf88ysTnJ8L1QQ0UuCrXq4SpRutGLK_bYTK3ZALvFRPoOgK_g0QWmqv6qjQRU_QTxoq8y8APP-IgKKDuIiGH6daBV2rAPLDReqYNKsKjmTvZJo2c0a0e_WZkkj_ZwpgjTG3v0gW9lbDAzLJDz18eqtR4ZO7JTu_fyNrUrNk-w2_wpxSsn9sygIMp0lKE0_pt0b01fz3gjTDjlltU0cKSalUp4geaBDH7QRcexrolIctdQFbNKTXQxoigxD3NLNkKGH7f6A8KZdcOm8AnEjullcZs8_OWGnW43p1qrxoBRSivb9pqQ'
|
|
28
|
-
:ES256 => :TODO,
|
|
29
|
-
:ES384 => :TODO,
|
|
30
|
-
:ES512 => :TODO
|
|
27
|
+
:RS512 => 'EHeGM2Mo3ghhUfSB99AlREehrbC6OPE-nYL_rwf88ysTnJ8L1QQ0UuCrXq4SpRutGLK_bYTK3ZALvFRPoOgK_g0QWmqv6qjQRU_QTxoq8y8APP-IgKKDuIiGH6daBV2rAPLDReqYNKsKjmTvZJo2c0a0e_WZkkj_ZwpgjTG3v0gW9lbDAzLJDz18eqtR4ZO7JTu_fyNrUrNk-w2_wpxSsn9sygIMp0lKE0_pt0b01fz3gjTDjlltU0cKSalUp4geaBDH7QRcexrolIctdQFbNKTXQxoigxD3NLNkKGH7f6A8KZdcOm8AnEjullcZs8_OWGnW43p1qrxoBRSivb9pqQ'
|
|
31
28
|
}
|
|
32
29
|
}
|
|
33
30
|
|
|
@@ -68,16 +65,18 @@ describe JSON::JWS do
|
|
|
68
65
|
end
|
|
69
66
|
end
|
|
70
67
|
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
68
|
+
describe 'unknown algorithm' do
|
|
69
|
+
let(:alg) { :unknown }
|
|
70
|
+
it do
|
|
71
|
+
expect do
|
|
72
|
+
jws.sign! 'key'
|
|
73
|
+
end.to raise_error JSON::JWS::InvalidFormat
|
|
75
74
|
end
|
|
76
75
|
end
|
|
77
76
|
end
|
|
78
77
|
|
|
79
78
|
describe '#verify' do
|
|
80
|
-
shared_examples_for :
|
|
79
|
+
shared_examples_for :success_signature_verification do
|
|
81
80
|
it do
|
|
82
81
|
expect { decoded }.not_to raise_error
|
|
83
82
|
decoded.should be_a JSON::JWT
|
|
@@ -106,7 +105,7 @@ describe JSON::JWS do
|
|
|
106
105
|
let(:private_key_or_secret) { shared_secret }
|
|
107
106
|
let(:public_key_or_secret) { shared_secret }
|
|
108
107
|
let(:alg) { algorithm }
|
|
109
|
-
it_behaves_like :
|
|
108
|
+
it_behaves_like :success_signature_verification
|
|
110
109
|
end
|
|
111
110
|
end
|
|
112
111
|
|
|
@@ -115,14 +114,25 @@ describe JSON::JWS do
|
|
|
115
114
|
let(:private_key_or_secret) { private_key }
|
|
116
115
|
let(:public_key_or_secret) { public_key }
|
|
117
116
|
let(:alg) { algorithm }
|
|
118
|
-
it_behaves_like :
|
|
117
|
+
it_behaves_like :success_signature_verification
|
|
119
118
|
end
|
|
120
119
|
end
|
|
121
120
|
|
|
122
121
|
[:ES256, :ES384, :ES512].each do |algorithm|
|
|
123
122
|
describe algorithm do
|
|
123
|
+
let(:private_key_or_secret) { private_key(:ecdsa, :digest_length => algorithm.to_s[2,3].to_i) }
|
|
124
|
+
let(:public_key_or_secret) { public_key(:ecdsa, :digest_length => algorithm.to_s[2,3].to_i) }
|
|
124
125
|
let(:alg) { algorithm }
|
|
125
|
-
|
|
126
|
+
it_behaves_like :success_signature_verification
|
|
127
|
+
end
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
describe 'unknown algorithm' do
|
|
131
|
+
let(:alg) { :unknown }
|
|
132
|
+
it do
|
|
133
|
+
expect do
|
|
134
|
+
jws.verify 'signature_base_string', 'signature', 'key'
|
|
135
|
+
end.to raise_error JSON::JWS::InvalidFormat
|
|
126
136
|
end
|
|
127
137
|
end
|
|
128
138
|
end
|
data/spec/json/jwt_spec.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-07-
|
|
12
|
+
date: 2012-07-25 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: json
|
|
@@ -146,6 +146,12 @@ files:
|
|
|
146
146
|
- lib/json/jwk/set.rb
|
|
147
147
|
- lib/json/jws.rb
|
|
148
148
|
- lib/json/jwt.rb
|
|
149
|
+
- spec/fixtures/ecdsa/256/private_key.pem
|
|
150
|
+
- spec/fixtures/ecdsa/256/public_key.pem
|
|
151
|
+
- spec/fixtures/ecdsa/384/private_key.pem
|
|
152
|
+
- spec/fixtures/ecdsa/384/public_key.pem
|
|
153
|
+
- spec/fixtures/ecdsa/512/private_key.pem
|
|
154
|
+
- spec/fixtures/ecdsa/512/public_key.pem
|
|
149
155
|
- spec/fixtures/rsa/private_key.pem
|
|
150
156
|
- spec/fixtures/rsa/public_key.pem
|
|
151
157
|
- spec/helpers/sign_key_fixture_helper.rb
|
|
@@ -180,6 +186,12 @@ specification_version: 3
|
|
|
180
186
|
summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
|
|
181
187
|
JSON Web Key) in Ruby
|
|
182
188
|
test_files:
|
|
189
|
+
- spec/fixtures/ecdsa/256/private_key.pem
|
|
190
|
+
- spec/fixtures/ecdsa/256/public_key.pem
|
|
191
|
+
- spec/fixtures/ecdsa/384/private_key.pem
|
|
192
|
+
- spec/fixtures/ecdsa/384/public_key.pem
|
|
193
|
+
- spec/fixtures/ecdsa/512/private_key.pem
|
|
194
|
+
- spec/fixtures/ecdsa/512/public_key.pem
|
|
183
195
|
- spec/fixtures/rsa/private_key.pem
|
|
184
196
|
- spec/fixtures/rsa/public_key.pem
|
|
185
197
|
- spec/helpers/sign_key_fixture_helper.rb
|