json-jwt 0.6.1 → 0.7.0.alpha
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/json-jwt.gemspec +2 -1
- data/lib/json/jwe.rb +1 -1
- data/lib/json/jwk.rb +36 -17
- data/lib/json/jws.rb +2 -2
- data/spec/fixtures/ecdsa/256/private_key.pem +3 -3
- data/spec/fixtures/ecdsa/256/public_key.pem +2 -2
- data/spec/json/jwk_spec.rb +12 -14
- data/spec/json/jwt_spec.rb +1 -1
- data/spec/spec_helper.rb +7 -0
- metadata +21 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: de4af966b0dc54f6caf14149295dbb7f8bccd856
|
|
4
|
+
data.tar.gz: 2a93fc7d1d35b3fc7319f31a2fed23392c0ed7d8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d7424823b6791844548cc154beaa9569672c1f7f439770d21f3effed0a3b9a7007de394c2bc2aee627907e97d2a080e48ff51d578a2a0f82ce34979aabcacf08
|
|
7
|
+
data.tar.gz: bbdd062cc11dfc58af47d27969ee42a1c940e7a1646a818458a69d8cbac25b869bd14123f63bf4326913c2b3af3db6b21c30b69d46203db82f91b507dcdffd6a
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.7.0.alpha
|
data/json-jwt.gemspec
CHANGED
|
@@ -18,5 +18,6 @@ Gem::Specification.new do |gem|
|
|
|
18
18
|
gem.add_runtime_dependency "securecompare"
|
|
19
19
|
gem.add_development_dependency "rake", ">= 0.8"
|
|
20
20
|
gem.add_development_dependency "simplecov"
|
|
21
|
-
gem.add_development_dependency "rspec"
|
|
21
|
+
gem.add_development_dependency "rspec"
|
|
22
|
+
gem.add_development_dependency 'rspec-its'
|
|
22
23
|
end
|
data/lib/json/jwe.rb
CHANGED
data/lib/json/jwk.rb
CHANGED
|
@@ -12,19 +12,6 @@ module JSON
|
|
|
12
12
|
|
|
13
13
|
private
|
|
14
14
|
|
|
15
|
-
def ecdsa_curve_name(ecdsa_key)
|
|
16
|
-
case ecdsa_key.group.curve_name
|
|
17
|
-
when 'secp256k1'
|
|
18
|
-
:'P-256'
|
|
19
|
-
when 'secp384r1'
|
|
20
|
-
:'P-384'
|
|
21
|
-
when 'secp521r1'
|
|
22
|
-
:'P-521'
|
|
23
|
-
else
|
|
24
|
-
raise UnknownAlgorithm.new('Unknown ECDSA Curve')
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
|
|
28
15
|
def ecdsa_coodinates(ecdsa_key)
|
|
29
16
|
unless @ecdsa_coodinates
|
|
30
17
|
hex = ecdsa_key.public_key.to_bn.to_s(16)
|
|
@@ -33,8 +20,8 @@ module JSON
|
|
|
33
20
|
hex_x = hex[2, data_len/2]
|
|
34
21
|
hex_y = hex[2+data_len/2, data_len/2]
|
|
35
22
|
@ecdsa_coodinates = {
|
|
36
|
-
:x => hex_x,
|
|
37
|
-
:y => hex_y
|
|
23
|
+
:x => [hex_x].pack("H*"),
|
|
24
|
+
:y => [hex_y].pack("H*")
|
|
38
25
|
}
|
|
39
26
|
end
|
|
40
27
|
@ecdsa_coodinates
|
|
@@ -51,7 +38,7 @@ module JSON
|
|
|
51
38
|
when OpenSSL::PKey::EC
|
|
52
39
|
{
|
|
53
40
|
:kty => :EC,
|
|
54
|
-
:crv =>
|
|
41
|
+
:crv => self.class.ecdsa_curve_identifier_for(public_key.group.curve_name),
|
|
55
42
|
:x => UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:x].to_s),
|
|
56
43
|
:y => UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:y].to_s),
|
|
57
44
|
}
|
|
@@ -62,6 +49,32 @@ module JSON
|
|
|
62
49
|
end
|
|
63
50
|
|
|
64
51
|
class << self
|
|
52
|
+
def ecdsa_curve_name_for(curve_identifier)
|
|
53
|
+
case curve_identifier.to_s
|
|
54
|
+
when 'P-256'
|
|
55
|
+
'prime256v1'
|
|
56
|
+
when 'P-384'
|
|
57
|
+
'secp384r1'
|
|
58
|
+
when 'P-521'
|
|
59
|
+
'secp521r1'
|
|
60
|
+
else
|
|
61
|
+
raise UnknownAlgorithm.new('Unknown ECDSA Curve')
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def ecdsa_curve_identifier_for(curve_name)
|
|
66
|
+
case curve_name
|
|
67
|
+
when 'prime256v1'
|
|
68
|
+
:'P-256'
|
|
69
|
+
when 'secp384r1'
|
|
70
|
+
:'P-384'
|
|
71
|
+
when 'secp521r1'
|
|
72
|
+
:'P-521'
|
|
73
|
+
else
|
|
74
|
+
raise UnknownAlgorithm.new('Unknown ECDSA Curve')
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
|
|
65
78
|
def decode(jwk)
|
|
66
79
|
jwk = jwk.with_indifferent_access
|
|
67
80
|
case jwk[:kty].to_s
|
|
@@ -73,7 +86,13 @@ module JSON
|
|
|
73
86
|
key.n = n
|
|
74
87
|
key
|
|
75
88
|
when 'EC'
|
|
76
|
-
|
|
89
|
+
key = OpenSSL::PKey::EC.new ecdsa_curve_name_for(jwk[:crv])
|
|
90
|
+
x, y = [jwk[:x], jwk[:y]].collect do |decoded|
|
|
91
|
+
UrlSafeBase64.decode64(decoded).unpack('H*').first
|
|
92
|
+
end
|
|
93
|
+
key_bn = OpenSSL::BN.new ['04', x, y].join, 16
|
|
94
|
+
key.public_key = OpenSSL::PKey::EC::Point.new key.group, key_bn
|
|
95
|
+
key
|
|
77
96
|
else
|
|
78
97
|
raise UnknownAlgorithm.new('Unknown Algorithm')
|
|
79
98
|
end
|
data/lib/json/jws.rb
CHANGED
|
@@ -24,7 +24,7 @@ module JSON
|
|
|
24
24
|
private
|
|
25
25
|
|
|
26
26
|
def digest
|
|
27
|
-
OpenSSL::Digest
|
|
27
|
+
OpenSSL::Digest.new "SHA#{algorithm.to_s[2, 3]}"
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def hmac?
|
|
@@ -84,7 +84,7 @@ module JSON
|
|
|
84
84
|
def verify_ecdsa_group!(key)
|
|
85
85
|
group_name = case digest.digest_length * 8
|
|
86
86
|
when 256
|
|
87
|
-
:
|
|
87
|
+
:prime256v1
|
|
88
88
|
when 384
|
|
89
89
|
:secp384r1
|
|
90
90
|
when 512
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
-----BEGIN EC PRIVATE KEY-----
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
2
|
+
MHcCAQEEIHo5LvIgMVpOlEKjjZiE5n+xYtTxLm4Eumx7FRMgICyDoAoGCCqGSM49
|
|
3
|
+
AwEHoUQDQgAEsaPyrO4Lh9kh2FxrF9y1QVmZznWnRRJwpr12UHqzrVYwzPhb3POq
|
|
4
|
+
WsmGqv4nKum+WdogjJlAToN+uA+TEwDDUw==
|
|
5
5
|
-----END EC PRIVATE KEY-----
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
-----BEGIN PUBLIC KEY-----
|
|
2
|
-
|
|
3
|
-
|
|
2
|
+
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsaPyrO4Lh9kh2FxrF9y1QVmZznWn
|
|
3
|
+
RRJwpr12UHqzrVYwzPhb3POqWsmGqv4nKum+WdogjJlAToN+uA+TEwDDUw==
|
|
4
4
|
-----END PUBLIC KEY-----
|
data/spec/json/jwk_spec.rb
CHANGED
|
@@ -27,16 +27,16 @@ describe JSON::JWK do
|
|
|
27
27
|
let(:expected_coodinates) do
|
|
28
28
|
{
|
|
29
29
|
256 => {
|
|
30
|
-
x: '
|
|
31
|
-
y: '
|
|
30
|
+
x: 'saPyrO4Lh9kh2FxrF9y1QVmZznWnRRJwpr12UHqzrVY',
|
|
31
|
+
y: 'MMz4W9zzqlrJhqr-JyrpvlnaIIyZQE6DfrgPkxMAw1M'
|
|
32
32
|
},
|
|
33
33
|
384 => {
|
|
34
|
-
x: '
|
|
35
|
-
y: '
|
|
34
|
+
x: 'plzApyFnK7qzhg5XnIZbFj2hZoH2Vdl4-RFm7DnsNMG9tyqrpfq2RyjfKABbcFRt',
|
|
35
|
+
y: 'ixBzffhk3fcbmeipGLkvQBNCzeNm6QL3hOUTH6IFBzOL0Y7HsGTopNTTspLjlivb'
|
|
36
36
|
},
|
|
37
37
|
512 => {
|
|
38
|
-
x: '
|
|
39
|
-
y: '
|
|
38
|
+
x: 'AcMCD-a0a6rnE9TvC0mOqF_DGXRg5Y3iTb4eHNwTm2kD6iujx9M_f8d_FGHr0OhpqzEn4rYPYZouGsbIPEgL0q__',
|
|
39
|
+
y: 'AULYEd8l-bV_BI289aezhSLZ1RDF2ltgDPEy9Y7YtqYa4cJcpiyzVDMpXWwBp6cjg6TXINkoVrVXZhN404ihu4I2'
|
|
40
40
|
}
|
|
41
41
|
}
|
|
42
42
|
end
|
|
@@ -121,14 +121,12 @@ NrqoxoakrPo1NI1u+ET8oWGmnjB/nJFAPwIDAQAB
|
|
|
121
121
|
|
|
122
122
|
context 'when ECDSA' do
|
|
123
123
|
it do
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
)
|
|
131
|
-
end.to raise_error NotImplementedError
|
|
124
|
+
JSON::JWK.decode(
|
|
125
|
+
kty: :EC,
|
|
126
|
+
crv: 'P-256',
|
|
127
|
+
x: 'MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4',
|
|
128
|
+
y: '4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM'
|
|
129
|
+
).should be_instance_of OpenSSL::PKey::EC
|
|
132
130
|
end
|
|
133
131
|
end
|
|
134
132
|
|
data/spec/json/jwt_spec.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
|
@@ -5,7 +5,14 @@ SimpleCov.start do
|
|
|
5
5
|
end
|
|
6
6
|
|
|
7
7
|
require 'rspec'
|
|
8
|
+
require 'rspec/its'
|
|
8
9
|
require 'json/jwt'
|
|
9
10
|
|
|
11
|
+
RSpec.configure do |config|
|
|
12
|
+
config.expect_with :rspec do |c|
|
|
13
|
+
c.syntax = [:should, :expect]
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
10
17
|
require 'helpers/sign_key_fixture_helper'
|
|
11
18
|
require 'helpers/nimbus_spec_helper'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0.alpha
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-07-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: multi_json
|
|
@@ -114,14 +114,28 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - ">="
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: '
|
|
117
|
+
version: '0'
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - ">="
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: '
|
|
124
|
+
version: '0'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: rspec-its
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - ">="
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '0'
|
|
132
|
+
type: :development
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - ">="
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '0'
|
|
125
139
|
description: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption
|
|
126
140
|
and JSON Web Key) in Ruby
|
|
127
141
|
email:
|
|
@@ -178,12 +192,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
178
192
|
version: '0'
|
|
179
193
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
180
194
|
requirements:
|
|
181
|
-
- - "
|
|
195
|
+
- - ">"
|
|
182
196
|
- !ruby/object:Gem::Version
|
|
183
|
-
version:
|
|
197
|
+
version: 1.3.1
|
|
184
198
|
requirements: []
|
|
185
199
|
rubyforge_project:
|
|
186
|
-
rubygems_version: 2.2.
|
|
200
|
+
rubygems_version: 2.2.2
|
|
187
201
|
signing_key:
|
|
188
202
|
specification_version: 4
|
|
189
203
|
summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
|