json_jws 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -1
- data/README.md +4 -3
- data/bin/console +2 -2
- data/lib/json_jws/encode.rb +2 -1
- data/lib/json_jws/sign.rb +7 -8
- data/lib/json_jws/verify.rb +3 -6
- data/lib/json_jws/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bc12dffab2d9d1b13cc1003dc0f6deb4549ffd511c86e36b63023f6d066382ca
|
|
4
|
+
data.tar.gz: b0644940940bc59f00e03fcf9d3169f2c6631bff3b9a093f0e43d7dfc6814295
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d3c50fceefebe59efdff9be6045f980dc0ab5a1669dfbab5641b00961f6dafb898ee2bf03b83c122ef87647ac3e5fb0fb71a07ef6de055ebbd82f8a11d911728
|
|
7
|
+
data.tar.gz: 9d0f89068775d96728680fd68829e37c43a950ade35ed05ab4480b306efab63fb7d696369980de9431e3dbb6538f0c2dbac58a6831e5a6fa7468540156a7bb5f
|
data/.gitignore
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# JsonJws
|
|
2
2
|
|
|
3
|
-
JsonJws is a gem that provides support for JWS (JSON Web Signature) with JSON serialization, specifically designed to handle multiple signatures.
|
|
3
|
+
JsonJws is a Ruby gem that provides support for JWS (JSON Web Signature) with JSON serialization, specifically designed to handle multiple signatures.
|
|
4
4
|
|
|
5
5
|
## Installation
|
|
6
6
|
|
|
@@ -23,6 +23,7 @@ Or install it yourself as:
|
|
|
23
23
|
```ruby
|
|
24
24
|
require "jose"
|
|
25
25
|
require "openssl"
|
|
26
|
+
require 'json_jws'
|
|
26
27
|
|
|
27
28
|
# If you want to load key from private key string
|
|
28
29
|
# rsa_key_01 = OpenSSL::PKey::RSA.new(rsa_priv_01_str)
|
|
@@ -53,8 +54,8 @@ verify_result = JSON_JWS.verify(json_jws, [jwk])
|
|
|
53
54
|
print "verify_result: ", verify_result
|
|
54
55
|
|
|
55
56
|
puts "\n\nAdd another signature"
|
|
56
|
-
|
|
57
|
-
json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header
|
|
57
|
+
json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, { "alg" => "RS256", "extra" => "field" })
|
|
58
|
+
# json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header)
|
|
58
59
|
puts "json_jws_2: \n", json_jws_2
|
|
59
60
|
|
|
60
61
|
puts "\n\nVerify json jws 2"
|
data/bin/console
CHANGED
|
@@ -46,8 +46,8 @@ verify_result = JSON_JWS.verify(json_jws, [jwk])
|
|
|
46
46
|
print "verify_result: ", verify_result
|
|
47
47
|
|
|
48
48
|
puts "\n\nAdd another signature"
|
|
49
|
-
|
|
50
|
-
json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header
|
|
49
|
+
json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, { "alg" => "RS256", "extra" => "field" })
|
|
50
|
+
# json_jws_2 = JSON_JWS.add_signature(json_jws, jwk2, header)
|
|
51
51
|
puts "json_jws_2: \n", json_jws_2
|
|
52
52
|
|
|
53
53
|
puts "\n\nVerify json jws 2"
|
data/lib/json_jws/encode.rb
CHANGED
|
@@ -8,12 +8,13 @@ module JsonJws::Encode
|
|
|
8
8
|
protected_header = Base64.urlsafe_encode64(header.to_json)
|
|
9
9
|
payload = payload.to_json unless payload.is_a?(String)
|
|
10
10
|
|
|
11
|
+
protected_header, signature = build_signature(jwk, header, payload)
|
|
11
12
|
{
|
|
12
13
|
"payload" => Base64.urlsafe_encode64(payload),
|
|
13
14
|
"signatures" => [
|
|
14
15
|
{
|
|
15
16
|
"protected" => protected_header,
|
|
16
|
-
"signature" =>
|
|
17
|
+
"signature" => signature,
|
|
17
18
|
},
|
|
18
19
|
],
|
|
19
20
|
}
|
data/lib/json_jws/sign.rb
CHANGED
|
@@ -7,19 +7,18 @@ module JsonJws::Sign
|
|
|
7
7
|
payload = payload.to_json unless payload.is_a?(String)
|
|
8
8
|
raise "header must be a Hash" unless header.is_a?(Hash)
|
|
9
9
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
JOSE::JWS.sign(jwk, payload, header).to_hash["signature"]
|
|
10
|
+
jose_signed_map = JOSE::JWS.sign(jwk, payload, header)
|
|
11
|
+
jose_signed_map.to_hash.slice("protected", "signature").values
|
|
14
12
|
end
|
|
15
13
|
|
|
16
|
-
def add_signature(jws, jwk,
|
|
17
|
-
|
|
18
|
-
|
|
14
|
+
def add_signature(jws, jwk, protected_header)
|
|
15
|
+
encoded_protected_header = Base64.urlsafe_encode64(protected_header.to_json)
|
|
16
|
+
raw_payload = Base64.decode64(jws["payload"])
|
|
17
|
+
protected_header, signature = build_signature(jwk, protected_header, raw_payload)
|
|
19
18
|
|
|
20
19
|
jws["signatures"] << {
|
|
21
20
|
"protected" => protected_header,
|
|
22
|
-
"signature" =>
|
|
21
|
+
"signature" => signature,
|
|
23
22
|
}
|
|
24
23
|
|
|
25
24
|
jws
|
data/lib/json_jws/verify.rb
CHANGED
|
@@ -14,18 +14,15 @@ module JsonJws::Verify
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def verify(jws, jwks)
|
|
17
|
-
|
|
18
17
|
# verify payload is base64 encoded
|
|
19
|
-
|
|
20
|
-
Base64.urlsafe_decode64(jws["payload"])
|
|
21
|
-
rescue
|
|
22
|
-
return false
|
|
23
|
-
end
|
|
18
|
+
Base64.urlsafe_decode64(jws["payload"])
|
|
24
19
|
|
|
25
20
|
jws["signatures"].each_with_index do |signature, index|
|
|
26
21
|
return false unless verify_signature(jwks[index], jws["payload"], signature)
|
|
27
22
|
end
|
|
28
23
|
|
|
29
24
|
true
|
|
25
|
+
rescue
|
|
26
|
+
return false
|
|
30
27
|
end
|
|
31
28
|
end
|
data/lib/json_jws/version.rb
CHANGED