json-jwt 1.9.1 → 1.9.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/json-jwt.gemspec +1 -0
  4. data/lib/json/jwe.rb +5 -8
  5. data/spec/json/jwe_spec.rb +18 -2
  6. metadata +17 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 366867063d5d6443dc46c34adadd1a3fd4a7b574
4
- data.tar.gz: 8295a9c7c3620e1cb32d47e4b27f2e6fbf947790
3
+ metadata.gz: 02a8f8276126a037916b981d30fc38e200f9e378
4
+ data.tar.gz: de0acf0db5b5f400b2c8ba49d0e549d718b74568
5
5
  SHA512:
6
- metadata.gz: 5ce3939943d51965ca03d2dd34c6c40623b2d337ca6b8206dcc90ae29cf0e450c205bd66191ad6bc29f70edcf3567d92ad30cc96ee20dec3b737bbae134960b4
7
- data.tar.gz: 7fdd1b34b2535b3fd905e46badd0d2cee536a071eb434bc145179c07772019823bff4fc2fc22eefebb40479570439e430cab9ad1e26849775cbfc45de2952bbb
6
+ metadata.gz: 18b298765ff484588a80e5fefbe9c349e4df237f5d3548f0359884a2b252a67b60116e476df67427655c74d8c0ae160049007df360b6597337c91995af366b65
7
+ data.tar.gz: 0e25eebdad2529441d1fb90a93482f354b79533715b191fb812f5d019d6e8d3b41abb59c103c8563df93441d5336f591a0ff724d69fb31a5ed6bfc16aecae5a2
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.9.1
1
+ 1.9.2
data/json-jwt.gemspec CHANGED
@@ -15,6 +15,7 @@ Gem::Specification.new do |gem|
15
15
  gem.add_runtime_dependency 'activesupport'
16
16
  gem.add_runtime_dependency 'bindata'
17
17
  gem.add_runtime_dependency 'securecompare'
18
+ gem.add_runtime_dependency 'aes_key_wrap'
18
19
  gem.add_development_dependency 'rake'
19
20
  gem.add_development_dependency 'simplecov'
20
21
  gem.add_development_dependency 'rspec'
data/lib/json/jwe.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  require 'securerandom'
2
2
  require 'bindata'
3
+ require 'aes_key_wrap'
3
4
 
4
5
  module JSON
5
6
  class JWE
@@ -160,10 +161,8 @@ module JSON
160
161
  public_key_or_secret.public_encrypt content_encryption_key
161
162
  when :'RSA-OAEP'
162
163
  public_key_or_secret.public_encrypt content_encryption_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
163
- when :A128KW
164
- raise NotImplementedError.new('A128KW not supported yet')
165
- when :A256KW
166
- raise NotImplementedError.new('A256KW not supported yet')
164
+ when :A128KW, :A256KW
165
+ AESKeyWrap.wrap content_encryption_key, public_key_or_secret
167
166
  when :dir
168
167
  ''
169
168
  when :'ECDH-ES'
@@ -214,10 +213,8 @@ module JSON
214
213
  private_key_or_secret.private_decrypt jwe_encrypted_key
215
214
  when :'RSA-OAEP'
216
215
  private_key_or_secret.private_decrypt jwe_encrypted_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
217
- when :A128KW
218
- raise NotImplementedError.new('A128KW not supported yet')
219
- when :A256KW
220
- raise NotImplementedError.new('A256KW not supported yet')
216
+ when :A128KW, :A256KW
217
+ AESKeyWrap.unwrap jwe_encrypted_key, private_key_or_secret
221
218
  when :dir
222
219
  private_key_or_secret
223
220
  when :'ECDH-ES'
data/spec/json/jwe_spec.rb CHANGED
@@ -73,6 +73,14 @@ describe JSON::JWE do
73
73
  it :TODO
74
74
  end
75
75
 
76
+ context 'when alg=A128KW' do
77
+ it :TODO
78
+ end
79
+
80
+ context 'when alg=A256KW' do
81
+ it :TODO
82
+ end
83
+
76
84
  context 'when unknonw/unsupported algorithm given' do
77
85
  let(:key) { public_key }
78
86
  let(:alg) { :RSA1_5 }
@@ -89,7 +97,7 @@ describe JSON::JWE do
89
97
  it_behaves_like :unexpected_algorithm_for_encryption
90
98
  end
91
99
 
92
- [:A128KW, :A256KW, :'ECDH-ES', :'ECDH-ES+A128KW', :'ECDH-ES+A256KW'].each do |alg|
100
+ [:'ECDH-ES', :'ECDH-ES+A128KW', :'ECDH-ES+A256KW'].each do |alg|
93
101
  context "when alg=#{alg}" do
94
102
  let(:alg) { alg }
95
103
  it_behaves_like :unsupported_algorithm_for_encryption
@@ -284,6 +292,14 @@ describe JSON::JWE do
284
292
  end
285
293
  end
286
294
 
295
+ context 'when alg=A128KW' do
296
+ it :TODO
297
+ end
298
+
299
+ context 'when alg=A256KW' do
300
+ it :TODO
301
+ end
302
+
287
303
  context 'when unknonw/unsupported algorithm given' do
288
304
  let(:input) { 'header.key.iv.cipher_text.auth_tag' }
289
305
  let(:key) { public_key }
@@ -300,7 +316,7 @@ describe JSON::JWE do
300
316
  it_behaves_like :unexpected_algorithm_for_decryption
301
317
  end
302
318
 
303
- [:A128KW, :A256KW, :'ECDH-ES', :'ECDH-ES+A128KW', :'ECDH-ES+A256KW'].each do |alg|
319
+ [:'ECDH-ES', :'ECDH-ES+A128KW', :'ECDH-ES+A256KW'].each do |alg|
304
320
  context "when alg=#{alg}" do
305
321
  let(:alg) { alg }
306
322
  it_behaves_like :unsupported_algorithm_for_decryption
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.1
4
+ version: 1.9.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-23 00:00:00.000000000 Z
11
+ date: 2018-02-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: url_safe_base64
@@ -66,6 +66,20 @@ dependencies:
66
66
  - - ">="
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: aes_key_wrap
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
69
83
  - !ruby/object:Gem::Dependency
70
84
  name: rake
71
85
  requirement: !ruby/object:Gem::Requirement
@@ -188,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
188
202
  version: '0'
189
203
  requirements: []
190
204
  rubyforge_project:
191
- rubygems_version: 2.6.11
205
+ rubygems_version: 2.6.13
192
206
  signing_key:
193
207
  specification_version: 4
194
208
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and