RubyGems - json_jws - Versions diffs - 0.1.0 → 0.2.0 - Mend

json_jws 0.1.0 → 0.2.0

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 75190e7f455b3a3e23b3cb46fda2b1fadc1c6022eb3f238e0450bb905802c150
-  data.tar.gz: c6001ebf7c25dab46c957595cc9ccc6c7a068192a45a62b7002e51cce23cd046
+  metadata.gz: bc12dffab2d9d1b13cc1003dc0f6deb4549ffd511c86e36b63023f6d066382ca
+  data.tar.gz: b0644940940bc59f00e03fcf9d3169f2c6631bff3b9a093f0e43d7dfc6814295
 SHA512:
-  metadata.gz: 1c17c3f02e45b08123c4b6adc2c6fec00922a411a2bf0f7cac76ba2e3f2cd6187185dc36d096346bc536b3ed630cf6c1b4feac7c6a084767f92b38753263d310
-  data.tar.gz: 333f1d48315720b6c4a007925749fff90f431c08950d76613aa2b0fdb6575295fd28df64b7045d29bc5021f32327efa7fac87c3c8b20827371aecd1254230e45
+  metadata.gz: d3c50fceefebe59efdff9be6045f980dc0ab5a1669dfbab5641b00961f6dafb898ee2bf03b83c122ef87647ac3e5fb0fb71a07ef6de055ebbd82f8a11d911728
+  data.tar.gz: 9d0f89068775d96728680fd68829e37c43a950ade35ed05ab4480b306efab63fb7d696369980de9431e3dbb6538f0c2dbac58a6831e5a6fa7468540156a7bb5f

data/.gitignore CHANGED Viewed

@@ -7,4 +7,6 @@
 /spec/reports/
 /tmp/
-json_jws-*
+json_jws-*
+/bin/build
+.byebug_history

data/README.md CHANGED Viewed

@@ -1,6 +1,6 @@
 # JsonJws
-JsonJws is a gem that provides support for JWS (JSON Web Signature) with JSON serialization, specifically designed to handle multiple signatures.
+JsonJws is a Ruby gem that provides support for JWS (JSON Web Signature) with JSON serialization, specifically designed to handle multiple signatures.
 ## Installation
@@ -23,6 +23,7 @@ Or install it yourself as:
 ```ruby
 require "jose"
 require "openssl"
+require 'json_jws'
 # If you want to load key from private key string
 # rsa_key_01 = OpenSSL::PKey::RSA.new(rsa_priv_01_str)
@@ -53,8 +54,8 @@ verify_result = JSON_JWS.verify(json_jws, [jwk])
 print "verify_result: ", verify_result
 puts "\n\nAdd another signature"
-# json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, { "alg" => "RS256", "extra" => "field" }, payload)
-json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header, payload)
+json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, { "alg" => "RS256", "extra" => "field" })
+# json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header)
 puts "json_jws_2: \n", json_jws_2
 puts "\n\nVerify json jws 2"

data/bin/console CHANGED Viewed

@@ -46,8 +46,8 @@ verify_result = JSON_JWS.verify(json_jws, [jwk])
 print "verify_result: ", verify_result
 puts "\n\nAdd another signature"
-# json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, { "alg" => "RS256", "extra" => "field" }, payload)
-json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header, payload)
+json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, { "alg" => "RS256", "extra" => "field" })
+# json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header)
 puts "json_jws_2: \n", json_jws_2
 puts "\n\nVerify json jws 2"

data/lib/json_jws/encode.rb CHANGED Viewed

@@ -8,12 +8,13 @@ module JsonJws::Encode
     protected_header = Base64.urlsafe_encode64(header.to_json)
     payload = payload.to_json unless payload.is_a?(String)
+    protected_header, signature = build_signature(jwk, header, payload)
     {
       "payload" => Base64.urlsafe_encode64(payload),
       "signatures" => [
         {
           "protected" => protected_header,
-          "signature" => build_signature(jwk, header, payload),
+          "signature" => signature,
         },
       ],
     }

data/lib/json_jws/sign.rb CHANGED Viewed

@@ -7,19 +7,18 @@ module JsonJws::Sign
     payload = payload.to_json unless payload.is_a?(String)
     raise "header must be a Hash" unless header.is_a?(Hash)
-    encoded_payload = Base64.urlsafe_encode64(payload)
-    encoded_header = Base64.urlsafe_encode64(header.to_json)
-    JOSE::JWS.sign(jwk, payload, header).to_hash["signature"]
+    jose_signed_map = JOSE::JWS.sign(jwk, payload, header)
+    jose_signed_map.to_hash.slice("protected", "signature").values
   end
-  def add_signature(jws, jwk, header, payload)
-    protected_header = Base64.urlsafe_encode64(header.to_json)
-    payload = payload.to_json unless payload.is_a?(String)
+  def add_signature(jws, jwk, protected_header)
+    encoded_protected_header = Base64.urlsafe_encode64(protected_header.to_json)
+    raw_payload = Base64.decode64(jws["payload"])
+    protected_header, signature = build_signature(jwk, protected_header, raw_payload)
     jws["signatures"] << {
       "protected" => protected_header,
-      "signature" => build_signature(jwk, header, payload),
+      "signature" => signature,
     }
     jws

data/lib/json_jws/verify.rb CHANGED Viewed

@@ -14,18 +14,15 @@ module JsonJws::Verify
   end
   def verify(jws, jwks)
     # verify payload is base64 encoded
-    begin
-      Base64.urlsafe_decode64(jws["payload"])
-    rescue
-      return false
-    end
+    Base64.urlsafe_decode64(jws["payload"])
     jws["signatures"].each_with_index do |signature, index|
       return false unless verify_signature(jwks[index], jws["payload"], signature)
     end
     true
+  rescue
+    return false
   end
 end

data/lib/json_jws/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module JsonJws
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: json_jws
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Thien Tran