json-jwt 1.6.3 → 1.6.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2d76ce03978dc2dcfb42f7061d0613fdf9d8dba2
-  data.tar.gz: ad36d966f39107a7e9e7ecd0521780674d7b31b5
+  metadata.gz: c9eaaadc2d5b284f093def37ce0cd9011c9fa77f
+  data.tar.gz: b86f15824f4bd1c6bc7fd96b4dc8eb045f0b8e28
 SHA512:
-  metadata.gz: f9fff9a8a5519bcec6cb67eb2153c2ca6f852191b18ddc98011e56fa228bcc94be9c1621fcef734402053d4755b83120e0b1a89b7396a0ea26396cdedda17f9d
-  data.tar.gz: 258a78cfd221accbf30f91ff35c0b5774cc1f463a61311b5412bacb0425fb0bbf1887f900a39197bd2d83bd7210b40c215824dd5a71a4b508f2b91b5e6cbadb1
+  metadata.gz: f1a22bf9ba1a68f2d07abfb522b175ebb7d135a6e839484d50018c07f6bba4a69d7be7d3606314acb327a4cfc696f81d95ed35ab6aa7df7e351c975bf39eb71b
+  data.tar.gz: 9a56462a3090504d2fd4ad5f5b567f8d0ad2691438a419171b12e0f3d503e5a62fb526aeacce12cb8b561abdcfefbce84475d727faee095cff2054cd4cec8411

data/.travis.yml

@@ -5,4 +5,7 @@ before_install:
 rvm:
   - 2.2.2 # NOTE: 2.2.1 or lower aren't supported by activesupport 5.0, CI isn't needed for such legacy versions.
   - 2.2.5
-  - 2.3.1
+  - 2.3.1
+
+jdk:
+  - oraclejdk8

data/VERSION

@@ -1 +1 @@
-1.6.3
+1.6.4

data/lib/json/jwe.rb

@@ -27,7 +27,12 @@ module JSON
     def encrypt!(public_key_or_secret)
       self.public_key_or_secret = with_jwk_support public_key_or_secret
       cipher.encrypt
-      generate_cipher_keys!
+      self.content_encryption_key = generate_content_encryption_key
+      self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
+      cipher.key = encryption_key
+      self.iv = cipher.random_iv
+      self.auth_data = UrlSafeBase64.encode64 header.to_json
+      cipher.auth_data = auth_data if gcm?
       self.cipher_text = cipher.update(plain_text) + cipher.final
       self
     end
@@ -35,7 +40,14 @@ module JSON
     def decrypt!(private_key_or_secret)
       self.private_key_or_secret = with_jwk_support private_key_or_secret
       cipher.decrypt
-      restore_cipher_keys!
+      self.content_encryption_key = decrypt_content_encryption_key
+      self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
+      cipher.key = encryption_key
+      cipher.iv = iv # NOTE: 'iv' has to be set after 'key' for GCM
+      if gcm?
+        cipher.auth_tag = authentication_tag
+        cipher.auth_data = auth_data
+      end
       self.plain_text = cipher.update(cipher_text) + cipher.final
       verify_cbc_authentication_tag! if cbc?
       self
@@ -98,7 +110,7 @@ module JSON
 
     def cipher
       @cipher ||= if gcm? && !gcm_supported?
-        raise UnexpectedAlgorithm.new('AEC GCM requires Ruby 2.0+ and OpenSSL 1.0.1c+') if gcm? && !gcm_supported?
+        raise UnexpectedAlgorithm.new('AEC GCM requires Ruby 2.0+ and OpenSSL 1.0.1c+')
       else
         OpenSSL::Cipher.new cipher_name
       end
@@ -134,15 +146,15 @@ module JSON
       OpenSSL::Digest.new "SHA#{sha_size}"
     end
 
-    def derive_encryption_and_mac_keys_cbc!
-      self.mac_key, self.encryption_key = content_encryption_key.unpack("a#{content_encryption_key.length / 2}" * 2)
-      self
-    end
-
-    def derive_encryption_and_mac_keys_gcm!
-      self.encryption_key = content_encryption_key
-      self.mac_key = :wont_be_used
-      self
+    def derive_encryption_and_mac_keys
+      case
+      when gcm?
+        [:wont_be_used, content_encryption_key]
+      when cbc?
+        content_encryption_key.unpack(
+          "a#{content_encryption_key.length / 2}" * 2
+        )
+      end
     end
 
     # encryption
@@ -170,40 +182,15 @@ module JSON
       end
     end
 
-    def generate_cipher_keys!
+    def generate_content_encryption_key
       case
-      when gcm?
-        generate_gcm_keys!
-      when cbc?
-        generate_cbc_keys!
-      end
-      cipher.key = encryption_key
-      self.iv = cipher.random_iv
-      self.auth_data = UrlSafeBase64.encode64 header.to_json
-      if gcm?
-        cipher.auth_data = self.auth_data
-      end
-      self
-    end
-
-    def generate_gcm_keys!
-      self.content_encryption_key ||= if dir?
+      when dir?
         public_key_or_secret
-      else
+      when gcm?
         cipher.random_key
-      end
-      derive_encryption_and_mac_keys_gcm!
-      self
-    end
-
-    def generate_cbc_keys!
-      self.content_encryption_key ||= if dir?
-        public_key_or_secret
-      else
+      when cbc?
         SecureRandom.random_bytes sha_size / 8
       end
-      derive_encryption_and_mac_keys_cbc!
-      self
     end
 
     def authentication_tag
@@ -246,22 +233,8 @@ module JSON
       else
         raise UnexpectedAlgorithm.new('Unknown Encryption Algorithm')
       end
-    end
-
-    def restore_cipher_keys!
-      self.content_encryption_key = decrypt_content_encryption_key
-      case
-      when gcm?
-        derive_encryption_and_mac_keys_gcm!
-      when cbc?
-        derive_encryption_and_mac_keys_cbc!
-      end
-      cipher.key = encryption_key
-      cipher.iv = iv # NOTE: 'iv' has to be set after 'key' for GCM
-      if gcm?
-        cipher.auth_tag = authentication_tag
-        cipher.auth_data = auth_data
-      end
+    rescue OpenSSL::PKey::PKeyError
+      generate_content_encryption_key
     end
 
     def verify_cbc_authentication_tag!

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.6.3
+  version: 1.6.4
 platform: ruby
 authors:
 - nov matake
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-07-13 00:00:00.000000000 Z
+date: 2016-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: multi_json