json-jwt 1.6.3 → 1.6.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +4 -1
  3. data/VERSION +1 -1
  4. data/lib/json/jwe.rb +30 -57
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2d76ce03978dc2dcfb42f7061d0613fdf9d8dba2
4
- data.tar.gz: ad36d966f39107a7e9e7ecd0521780674d7b31b5
3
+ metadata.gz: c9eaaadc2d5b284f093def37ce0cd9011c9fa77f
4
+ data.tar.gz: b86f15824f4bd1c6bc7fd96b4dc8eb045f0b8e28
5
5
  SHA512:
6
- metadata.gz: f9fff9a8a5519bcec6cb67eb2153c2ca6f852191b18ddc98011e56fa228bcc94be9c1621fcef734402053d4755b83120e0b1a89b7396a0ea26396cdedda17f9d
7
- data.tar.gz: 258a78cfd221accbf30f91ff35c0b5774cc1f463a61311b5412bacb0425fb0bbf1887f900a39197bd2d83bd7210b40c215824dd5a71a4b508f2b91b5e6cbadb1
6
+ metadata.gz: f1a22bf9ba1a68f2d07abfb522b175ebb7d135a6e839484d50018c07f6bba4a69d7be7d3606314acb327a4cfc696f81d95ed35ab6aa7df7e351c975bf39eb71b
7
+ data.tar.gz: 9a56462a3090504d2fd4ad5f5b567f8d0ad2691438a419171b12e0f3d503e5a62fb526aeacce12cb8b561abdcfefbce84475d727faee095cff2054cd4cec8411
@@ -5,4 +5,7 @@ before_install:
5
5
  rvm:
6
6
  - 2.2.2 # NOTE: 2.2.1 or lower aren't supported by activesupport 5.0, CI isn't needed for such legacy versions.
7
7
  - 2.2.5
8
- - 2.3.1
8
+ - 2.3.1
9
+
10
+ jdk:
11
+ - oraclejdk8
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.6.3
1
+ 1.6.4
@@ -27,7 +27,12 @@ module JSON
27
27
  def encrypt!(public_key_or_secret)
28
28
  self.public_key_or_secret = with_jwk_support public_key_or_secret
29
29
  cipher.encrypt
30
- generate_cipher_keys!
30
+ self.content_encryption_key = generate_content_encryption_key
31
+ self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
32
+ cipher.key = encryption_key
33
+ self.iv = cipher.random_iv
34
+ self.auth_data = UrlSafeBase64.encode64 header.to_json
35
+ cipher.auth_data = auth_data if gcm?
31
36
  self.cipher_text = cipher.update(plain_text) + cipher.final
32
37
  self
33
38
  end
@@ -35,7 +40,14 @@ module JSON
35
40
  def decrypt!(private_key_or_secret)
36
41
  self.private_key_or_secret = with_jwk_support private_key_or_secret
37
42
  cipher.decrypt
38
- restore_cipher_keys!
43
+ self.content_encryption_key = decrypt_content_encryption_key
44
+ self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
45
+ cipher.key = encryption_key
46
+ cipher.iv = iv # NOTE: 'iv' has to be set after 'key' for GCM
47
+ if gcm?
48
+ cipher.auth_tag = authentication_tag
49
+ cipher.auth_data = auth_data
50
+ end
39
51
  self.plain_text = cipher.update(cipher_text) + cipher.final
40
52
  verify_cbc_authentication_tag! if cbc?
41
53
  self
@@ -98,7 +110,7 @@ module JSON
98
110
 
99
111
  def cipher
100
112
  @cipher ||= if gcm? && !gcm_supported?
101
- raise UnexpectedAlgorithm.new('AEC GCM requires Ruby 2.0+ and OpenSSL 1.0.1c+') if gcm? && !gcm_supported?
113
+ raise UnexpectedAlgorithm.new('AEC GCM requires Ruby 2.0+ and OpenSSL 1.0.1c+')
102
114
  else
103
115
  OpenSSL::Cipher.new cipher_name
104
116
  end
@@ -134,15 +146,15 @@ module JSON
134
146
  OpenSSL::Digest.new "SHA#{sha_size}"
135
147
  end
136
148
 
137
- def derive_encryption_and_mac_keys_cbc!
138
- self.mac_key, self.encryption_key = content_encryption_key.unpack("a#{content_encryption_key.length / 2}" * 2)
139
- self
140
- end
141
-
142
- def derive_encryption_and_mac_keys_gcm!
143
- self.encryption_key = content_encryption_key
144
- self.mac_key = :wont_be_used
145
- self
149
+ def derive_encryption_and_mac_keys
150
+ case
151
+ when gcm?
152
+ [:wont_be_used, content_encryption_key]
153
+ when cbc?
154
+ content_encryption_key.unpack(
155
+ "a#{content_encryption_key.length / 2}" * 2
156
+ )
157
+ end
146
158
  end
147
159
 
148
160
  # encryption
@@ -170,40 +182,15 @@ module JSON
170
182
  end
171
183
  end
172
184
 
173
- def generate_cipher_keys!
185
+ def generate_content_encryption_key
174
186
  case
175
- when gcm?
176
- generate_gcm_keys!
177
- when cbc?
178
- generate_cbc_keys!
179
- end
180
- cipher.key = encryption_key
181
- self.iv = cipher.random_iv
182
- self.auth_data = UrlSafeBase64.encode64 header.to_json
183
- if gcm?
184
- cipher.auth_data = self.auth_data
185
- end
186
- self
187
- end
188
-
189
- def generate_gcm_keys!
190
- self.content_encryption_key ||= if dir?
187
+ when dir?
191
188
  public_key_or_secret
192
- else
189
+ when gcm?
193
190
  cipher.random_key
194
- end
195
- derive_encryption_and_mac_keys_gcm!
196
- self
197
- end
198
-
199
- def generate_cbc_keys!
200
- self.content_encryption_key ||= if dir?
201
- public_key_or_secret
202
- else
191
+ when cbc?
203
192
  SecureRandom.random_bytes sha_size / 8
204
193
  end
205
- derive_encryption_and_mac_keys_cbc!
206
- self
207
194
  end
208
195
 
209
196
  def authentication_tag
@@ -246,22 +233,8 @@ module JSON
246
233
  else
247
234
  raise UnexpectedAlgorithm.new('Unknown Encryption Algorithm')
248
235
  end
249
- end
250
-
251
- def restore_cipher_keys!
252
- self.content_encryption_key = decrypt_content_encryption_key
253
- case
254
- when gcm?
255
- derive_encryption_and_mac_keys_gcm!
256
- when cbc?
257
- derive_encryption_and_mac_keys_cbc!
258
- end
259
- cipher.key = encryption_key
260
- cipher.iv = iv # NOTE: 'iv' has to be set after 'key' for GCM
261
- if gcm?
262
- cipher.auth_tag = authentication_tag
263
- cipher.auth_data = auth_data
264
- end
236
+ rescue OpenSSL::PKey::PKeyError
237
+ generate_content_encryption_key
265
238
  end
266
239
 
267
240
  def verify_cbc_authentication_tag!
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.3
4
+ version: 1.6.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-13 00:00:00.000000000 Z
11
+ date: 2016-08-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: multi_json