jwe 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: cb166f2f458cf97d14cdee1860f05aeaa53c5cfd
+  data.tar.gz: bd0dbea752a5d38424cd4b45b1f03e2fe85ae550
+SHA512:
+  metadata.gz: 775afd82c19c9501a6534c313cdd50bfda73397b8720d79d924efc3632d86de893b344d37e383d0755f5f5499f33166ae074f41803cc11008e924b8d592708df
+  data.tar.gz: ffb94097e58257985a0d6334628a2bfa42217e36020a060ea621c49313364067505241d2b163f76027311c5f4071152b11696d5a095de8a083e90cdcbbb14184

data/.codeclimate.yml

@@ -0,0 +1,13 @@
+engines:
+  duplication:
+    enabled: true
+    config:
+      languages:
+      - ruby
+
+ratings:
+  paths:
+    - lib/**
+
+exclude_paths:
+  - spec/**/*

data/.gitignore

@@ -0,0 +1,11 @@
+tmp
+*.gem
+.rvmrc
+bundle
+.bundle
+.rbenv-version
+.rbx
+/.ruby-gemset
+/.ruby-version
+Gemfile.lock
+

data/.rspec

@@ -0,0 +1,3 @@
+--color
+--format doc
+-r spec_helper

data/.rubocop.yml

@@ -0,0 +1,3 @@
+Metrics/LineLength:
+  Enabled: false
+

data/.travis.yml

@@ -0,0 +1,8 @@
+language: ruby
+rvm:
+  - 2.0.0
+  - 2.1.0
+  - 2.2.0
+addons:
+  code_climate:
+    repo_token: b5653aee7f7a47c0d70a89feb535648aa06575497b1eab9e16068c49bf4462c3

data/Gemfile

@@ -0,0 +1,4 @@
+# encoding: utf-8
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.md

@@ -0,0 +1,24 @@
+The MIT License (MIT)
+=====================
+
+* Copyright © 2016 Francesco Boffa
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+

data/Rakefile

@@ -0,0 +1,7 @@
+begin
+  require 'rspec/core/rake_task'
+  RSpec::Core::RakeTask.new(:spec)
+  task :default => :spec
+rescue LoadError
+end
+

data/jwe.gemspec

@@ -0,0 +1,21 @@
+lib = File.expand_path('../lib/', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'jwe/version'
+
+Gem::Specification.new do |s|
+  s.name        = 'jwe'
+  s.version     = JWE::VERSION
+  s.summary     = 'JSON Web Encryption implementation in Ruby'
+  s.description = 'A Ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard'
+  s.authors     = [ 'Francesco Boffa' ]
+  s.email       = 'fra.boffa@gmail.com'
+  s.homepage    = 'http://github.com/aomega08/jwe'
+  s.license     = 'MIT'
+
+  s.files = `git ls-files`.split("\n")
+  s.require_paths = %w(lib)
+
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'codeclimate-test-reporter'
+end

data/lib/jwe.rb

@@ -0,0 +1,64 @@
+require 'base64'
+require 'json'
+require 'openssl'
+require 'securerandom'
+
+require 'jwe/base64'
+require 'jwe/serialization/compact'
+require 'jwe/alg'
+require 'jwe/enc'
+require 'jwe/zip'
+
+module JWE
+  class DecodeError < Exception; end
+  class NotImplementedError < Exception; end
+  class BadCEK < Exception; end
+  class InvalidData < Exception; end
+
+  VALID_ALG = [ 'RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256', 'A128KW' 'A192KW', 'A256KW', 'dir', 'ECDH-ES', 'ECDH-ES+A128KW', 'ECDH-ES+A192KW', 'ECDH-ES+A256KW', 'A128GCMKW', 'A192GCMKW', 'A256GCMKW', 'PBES2-HS256+A128KW', 'PBES2-HS384+A192KW', 'PBES2-HS512+A256KW' ]
+  VALID_ENC = [ 'A128CBC-HS256', 'A192CBC-HS384', 'A256CBC-HS512', 'A128GCM', 'A192GCM', 'A256GCM' ]
+  VALID_ZIP = [ 'DEF' ]
+
+  def self.encrypt(payload, key, alg: 'RSA-OAEP', enc: 'A128GCM', zip: nil)
+    raise ArgumentError.new("\"#{alg}\" is not a valid alg method") unless VALID_ALG.include?(alg)
+    raise ArgumentError.new("\"#{enc}\" is not a valid enc method") unless VALID_ENC.include?(enc)
+    raise ArgumentError.new("\"#{zip}\" is not a valid zip method") unless zip.nil? || zip == '' || VALID_ZIP.include?(zip)
+
+    header = { alg: alg, enc: enc }
+    header[:zip] = zip if zip and zip != ''
+
+    cipher = Enc.for(enc).new
+    cipher.cek = key if alg == 'dir'
+
+    if zip and zip != ''
+      payload = Zip.for(zip).new.compress(payload)
+    end
+
+    ciphertext = cipher.encrypt(payload, Base64::jwe_encode(header.to_json))
+    encrypted_cek = Alg.for(alg).new(key).encrypt(cipher.cek)
+
+    Serialization::Compact.encode(header.to_json, encrypted_cek, cipher.iv, ciphertext, cipher.tag)
+  end
+
+  def self.decrypt(payload, key)
+    header, enc_key, iv, ciphertext, tag = Serialization::Compact.decode(payload)
+    header = JSON.parse(header)
+    base64header = payload.split('.').first
+
+    raise ArgumentError.new("\"#{header['alg']}\" is not a valid alg method") unless VALID_ALG.include?(header['alg'])
+    raise ArgumentError.new("\"#{header['enc']}\" is not a valid enc method") unless VALID_ENC.include?(header['enc'])
+    raise ArgumentError.new("\"#{header['zip']}\" is not a valid zip method") unless header['zip'].nil? || VALID_ZIP.include?(header['zip'])
+
+    cek = Alg.for(header['alg']).new(key).decrypt(enc_key)
+    cipher = Enc.for(header['enc']).new(cek, iv)
+    cipher.tag = tag
+
+    plaintext = cipher.decrypt(ciphertext, base64header)
+
+    if header['zip']
+      Zip.for(header['zip']).new.decompress(plaintext)
+    else
+      plaintext
+    end
+  end
+end

data/lib/jwe/alg.rb

@@ -0,0 +1,16 @@
+require 'jwe/alg/dir'
+require 'jwe/alg/rsa_oaep'
+require 'jwe/alg/rsa15'
+
+module JWE
+  module Alg
+    def self.for(alg)
+      klass = alg.gsub(/[-\+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize }
+      klass.gsub!(/_([a-z\d]*)/i) { $1.capitalize }
+      const_get(klass)
+
+    rescue NameError
+      raise NotImplementedError.new("Unsupported alg type: #{alg}")
+    end
+  end
+end

data/lib/jwe/alg/dir.rb

@@ -0,0 +1,19 @@
+module JWE
+  module Alg
+    class Dir
+      attr_accessor :key
+
+      def initialize(key)
+        self.key = key
+      end
+
+      def encrypt(cek)
+        ''
+      end
+
+      def decrypt(encrypted_cek)
+        key
+      end
+    end
+  end
+end

data/lib/jwe/alg/rsa15.rb

@@ -0,0 +1,19 @@
+module JWE
+  module Alg
+    class Rsa15
+      attr_accessor :key
+
+      def initialize(key)
+        self.key = key
+      end
+
+      def encrypt(cek)
+        key.public_encrypt(cek)
+      end
+
+      def decrypt(encrypted_cek)
+        key.private_decrypt(encrypted_cek)
+      end
+    end
+  end
+end

data/lib/jwe/alg/rsa_oaep.rb

@@ -0,0 +1,19 @@
+module JWE
+  module Alg
+    class RsaOaep
+      attr_accessor :key
+
+      def initialize(key)
+        self.key = key
+      end
+
+      def encrypt(cek)
+        key.public_encrypt(cek, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+      end
+
+      def decrypt(encrypted_cek)
+        key.private_decrypt(encrypted_cek, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+      end
+    end
+  end
+end

data/lib/jwe/base64.rb

@@ -0,0 +1,16 @@
+module JWE
+  module Base64
+    def self.jwe_encode(payload)
+      ::Base64.urlsafe_encode64(payload).gsub('=', '')
+    end
+
+    def self.jwe_decode(payload)
+      padlen = 4 - (payload.length % 4)
+      if padlen < 4
+        pad = "=" * padlen
+        payload += pad
+      end
+      ::Base64.urlsafe_decode64(payload)
+    end
+  end
+end

data/lib/jwe/enc.rb

@@ -0,0 +1,19 @@
+require 'jwe/enc/a128cbc_hs256'
+require 'jwe/enc/a192cbc_hs384'
+require 'jwe/enc/a256cbc_hs512'
+require 'jwe/enc/a128gcm'
+require 'jwe/enc/a192gcm'
+require 'jwe/enc/a256gcm'
+
+module JWE
+  module Enc
+    def self.for(enc)
+      klass = enc.gsub(/[-\+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize }
+      klass.gsub!(/_([a-z\d]*)/i) { $1.capitalize }
+      const_get(klass)
+
+    rescue NameError
+      raise NotImplementedError.new("Unsupported enc type: #{enc}")
+    end
+  end
+end

data/lib/jwe/enc/a128cbc_hs256.rb

@@ -0,0 +1,21 @@
+require 'jwe/enc/aes_cbc_hs'
+
+module JWE
+  module Enc
+    class A128cbcHs256
+      include AesCbcHs
+
+      def key_length
+        32
+      end
+
+      def cipher_name
+        'AES-128-CBC'
+      end
+
+      def hash_name
+        'sha256'
+      end
+    end
+  end
+end

data/lib/jwe/enc/a128gcm.rb

@@ -0,0 +1,17 @@
+require 'jwe/enc/aes_gcm'
+
+module JWE
+  module Enc
+    class A128gcm
+      include AesGcm
+
+      def key_length
+        16
+      end
+
+      def cipher_name
+        'aes-128-gcm'
+      end
+    end
+  end
+end

data/lib/jwe/enc/a192cbc_hs384.rb

@@ -0,0 +1,21 @@
+require 'jwe/enc/aes_cbc_hs'
+
+module JWE
+  module Enc
+    class A192cbcHs384
+      include AesCbcHs
+
+      def key_length
+        48
+      end
+
+      def cipher_name
+        'AES-192-CBC'
+      end
+
+      def hash_name
+        'sha384'
+      end
+    end
+  end
+end

data/lib/jwe/enc/a192gcm.rb

@@ -0,0 +1,17 @@
+require 'jwe/enc/aes_gcm'
+
+module JWE
+  module Enc
+    class A192gcm
+      include AesGcm
+
+      def key_length
+        24
+      end
+
+      def cipher_name
+        'aes-192-gcm'
+      end
+    end
+  end
+end

data/lib/jwe/enc/a256cbc_hs512.rb

@@ -0,0 +1,21 @@
+require 'jwe/enc/aes_cbc_hs'
+
+module JWE
+  module Enc
+    class A256cbcHs512
+      include AesCbcHs
+
+      def key_length
+        64
+      end
+
+      def cipher_name
+        'AES-256-CBC'
+      end
+
+      def hash_name
+        'sha512'
+      end
+    end
+  end
+end

data/lib/jwe/enc/a256gcm.rb

@@ -0,0 +1,17 @@
+require 'jwe/enc/aes_gcm'
+
+module JWE
+  module Enc
+    class A256gcm
+      include AesGcm
+
+      def key_length
+        32
+      end
+
+      def cipher_name
+        'aes-256-gcm'
+      end
+    end
+  end
+end

data/lib/jwe/enc/aes_cbc_hs.rb

@@ -0,0 +1,89 @@
+module JWE
+  module Enc
+    module AesCbcHs
+      attr_accessor :cek
+      attr_accessor :iv
+      attr_accessor :tag
+
+      def initialize(cek = nil, iv = nil)
+        self.iv = iv
+        self.cek = cek
+      end
+
+      def encrypt(cleartext, authenticated_data)
+        raise JWE::BadCEK.new("The supplied key is invalid. Required length: #{key_length}") if cek.length != key_length
+
+        cipher.encrypt
+        cipher.key = enc_key
+        cipher.iv = iv
+
+        ciphertext = cipher.update(cleartext) + cipher.final
+        length = [ciphertext.length * 8].pack('Q>') # 64bit big endian
+
+        to_sign = authenticated_data + iv + ciphertext + length
+        signature = OpenSSL::HMAC.digest(OpenSSL::Digest.new(hash_name), mac_key, to_sign)
+        self.tag = signature[0 ... mac_key.length]
+
+        ciphertext
+      end
+
+      def decrypt(ciphertext, authenticated_data)
+        raise JWE::BadCEK.new("The supplied key is invalid. Required length: #{key_length}") if cek.length != key_length
+
+        length = [ciphertext.length * 8].pack('Q>') # 64bit big endian
+        to_sign = authenticated_data + iv + ciphertext + length
+        signature = OpenSSL::HMAC.digest(OpenSSL::Digest.new(hash_name), mac_key, to_sign)
+        if signature[0 ... mac_key.length] != tag
+          raise JWE::InvalidData.new("Authentication tag verification failed")
+        end
+
+        cipher.decrypt
+        cipher.key = enc_key
+        cipher.iv = iv
+
+        cipher.update(ciphertext) + cipher.final
+      rescue OpenSSL::Cipher::CipherError
+        raise JWE::InvalidData.new("Invalid ciphertext or authentication tag")
+      end
+
+      def iv
+        @iv ||= SecureRandom.random_bytes(16)
+      end
+
+      def cek
+        @cek ||= SecureRandom.random_bytes(key_length)
+      end
+
+      def mac_key
+        cek[0 ... key_length / 2]
+      end
+
+      def enc_key
+        cek[key_length / 2 .. -1 ]
+      end
+
+      def cipher
+        @cipher ||= OpenSSL::Cipher.new(cipher_name)
+      rescue RuntimeError
+        raise JWE::NotImplementedError.new("The version of OpenSSL linked to your Ruby does not support the cipher #{cipher_name}.")
+      end
+
+      def tag
+        @tag || ""
+      end
+
+      def self.included(base)
+        base.extend(ClassMethods)
+      end
+
+      module ClassMethods
+        def available?
+          new.cipher
+          true
+        rescue JWE::NotImplementedError
+          false
+        end
+      end
+    end
+  end
+end

data/lib/jwe/enc/aes_gcm.rb

@@ -0,0 +1,73 @@
+module JWE
+  module Enc
+    module AesGcm
+      attr_accessor :cek
+      attr_accessor :iv
+      attr_accessor :tag
+
+      def initialize(cek = nil, iv = nil)
+        self.iv = iv
+        self.cek = cek
+      end
+
+      def encrypt(cleartext, authenticated_data)
+        raise JWE::BadCEK.new("The supplied key is too short. Required length: #{key_length}") if cek.length < key_length
+
+        cipher.encrypt
+        cipher.key = cek
+        cipher.iv = iv
+        cipher.auth_data = authenticated_data
+
+        ciphertext = cipher.update(cleartext) + cipher.final
+        self.tag = cipher.auth_tag
+
+        ciphertext
+      end
+
+      def decrypt(ciphertext, authenticated_data)
+        raise JWE::BadCEK.new("The supplied key is too short. Required length: #{key_length}") if cek.length < key_length
+
+        cipher.decrypt
+        cipher.key = cek
+        cipher.iv = iv
+        cipher.auth_tag = tag
+        cipher.auth_data = authenticated_data
+
+        cipher.update(ciphertext) + cipher.final
+      rescue OpenSSL::Cipher::CipherError
+        raise JWE::InvalidData.new("Invalid ciphertext or authentication tag")
+      end
+
+      def iv
+        @iv ||= SecureRandom.random_bytes(12)
+      end
+
+      def cek
+        @cek ||= SecureRandom.random_bytes(key_length)
+      end
+
+      def cipher
+        @cipher ||= OpenSSL::Cipher.new(cipher_name)
+      rescue RuntimeError
+        raise JWE::NotImplementedError.new("The version of OpenSSL linked to your Ruby does not support the cipher #{cipher_name}.")
+      end
+
+      def tag
+        @tag || ""
+      end
+
+      def self.included(base)
+        base.extend(ClassMethods)
+      end
+
+      module ClassMethods
+        def available?
+          new.cipher
+          true
+        rescue JWE::NotImplementedError
+          false
+        end
+      end
+    end
+  end
+end

data/lib/jwe/serialization/compact.rb

@@ -0,0 +1,18 @@
+module JWE
+  module Serialization
+    class Compact
+      def self.encode(header, encrypted_cek, iv, ciphertext, tag)
+        [ header, encrypted_cek, iv, ciphertext, tag ].map { |piece| JWE::Base64::jwe_encode(piece) }.join '.'
+      end
+
+      def self.decode(payload)
+        parts = payload.split('.')
+        raise JWE::DecodeError.new('Not enaugh or too many segments') unless parts.length == 5
+
+        parts.map do |part|
+          JWE::Base64.jwe_decode(part)
+        end
+      end
+    end
+  end
+end

data/lib/jwe/version.rb

@@ -0,0 +1,4 @@
+module JWE
+  VERSION = '0.1.0'
+end
+

data/lib/jwe/zip.rb

@@ -0,0 +1,14 @@
+require 'jwe/zip/def'
+
+module JWE
+  module Zip
+    def self.for(zip)
+      klass = zip.gsub(/[-\+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize }
+      klass.gsub!(/_([a-z\d]*)/i) { $1.capitalize }
+      const_get(klass)
+
+    rescue NameError
+      raise NotImplementedError.new("Unsupported zip type: #{zip}")
+    end
+  end
+end

data/lib/jwe/zip/def.rb

@@ -0,0 +1,15 @@
+require 'zlib'
+
+module JWE
+  module Zip
+    class Def
+      def compress(payload)
+        Zlib::Deflate.deflate(payload)
+      end
+
+      def decompress(payload)
+        Zlib::Inflate.inflate(payload)
+      end
+    end
+  end
+end

data/spec/jwe/alg_spec.rb

@@ -0,0 +1,66 @@
+require 'jwe/alg/dir'
+require 'jwe/alg/rsa_oaep'
+require 'jwe/alg/rsa15'
+require 'openssl'
+
+describe JWE::Alg do
+  describe '.for' do
+    it 'returns a class for the specified alg' do
+      expect(JWE::Alg.for('RSA-OAEP')).to eq JWE::Alg::RsaOaep
+    end
+
+    it 'raises an error for a not-implemented alg' do
+      expect { JWE::Alg.for('ERSA-4096-MAGIC') }.to raise_error(JWE::NotImplementedError)
+    end
+  end
+end
+
+describe JWE::Alg::Dir do
+  # The direct encryption method does not Encrypt the CEK.
+  # When building the final JWE object, the "Encrypted CEK" part is left blank
+
+  describe '#encrypt' do
+    it 'returns an empty string' do
+      expect(JWE::Alg::Dir.new('whatever').encrypt('any')).to eq ''
+    end
+  end
+
+  describe '#decrypt' do
+    it 'returns the original key' do
+      expect(JWE::Alg::Dir.new('whatever').decrypt('any')).to eq 'whatever'
+    end
+  end
+end
+
+key_path = File.dirname(__FILE__) + '/../keys/rsa.pem'
+key = OpenSSL::PKey::RSA.new File.read(key_path)
+
+describe JWE::Alg::RsaOaep do
+  let(:alg) { JWE::Alg::RsaOaep.new(key) }
+
+  describe '#encrypt' do
+    it 'returns an encrypted string' do
+      expect(alg.encrypt('random key')).to_not eq 'random key'
+    end
+  end
+
+  it 'decrypts the encrypted key to the original key' do
+    ciphertext = alg.encrypt('random key')
+    expect(alg.decrypt(ciphertext)).to eq 'random key'
+  end
+end
+
+describe JWE::Alg::Rsa15 do
+  let(:alg) { JWE::Alg::Rsa15.new(key) }
+
+  describe '#encrypt' do
+    it 'returns an encrypted string' do
+      expect(alg.encrypt('random key')).to_not eq 'random key'
+    end
+  end
+
+  it 'decrypts the encrypted key to the original key' do
+    ciphertext = alg.encrypt('random key')
+    expect(alg.decrypt(ciphertext)).to eq 'random key'
+  end
+end

data/spec/jwe/base64_spec.rb

@@ -0,0 +1,27 @@
+require 'jwe/base64'
+
+module JWE
+  describe Base64 do
+    describe '.jwe_encode' do
+      it 'encodes the payload using the urlsafe encoding' do
+        # "me?" encodes to "bWU/" in standard encoding
+        expect(Base64.jwe_encode("me?")).to_not include '/'
+      end
+
+      it 'strips the standard padding' do
+        expect(Base64.jwe_encode("a")).to_not end_with '='
+      end
+    end
+
+    describe '.jwe_decode' do
+      it 'decodes the payload using the urlsafe encoding' do
+        # "me?" encodes to "bWU/" in standard encoding
+        expect(Base64.jwe_decode("bWU_")).to eq "me?"
+      end
+
+      it 'fixes the padding' do
+        expect(Base64.jwe_decode("YQ")).to eq "a"
+      end
+    end
+  end
+end

data/spec/jwe/enc_spec.rb

@@ -0,0 +1,211 @@
+require 'jwe/enc/a128cbc_hs256'
+require 'jwe/enc/a192cbc_hs384'
+require 'jwe/enc/a256cbc_hs512'
+require 'jwe/enc/a128gcm'
+require 'jwe/enc/a192gcm'
+require 'jwe/enc/a256gcm'
+
+describe JWE::Enc do
+  describe '.for' do
+    it 'returns a class for the specified enc' do
+      expect(JWE::Enc.for('A128GCM')).to eq JWE::Enc::A128gcm
+    end
+
+    it 'raises an error for a not-implemented enc' do
+      expect { JWE::Enc.for('ERSA-4096-MAGIC') }.to raise_error(JWE::NotImplementedError)
+    end
+  end
+end
+
+gcm = [
+  {
+    class: JWE::Enc::A128gcm,
+    keylen: 16,
+    helloworld: "\"\xC6\xE4h\x8AI\x83\x90v\xAF\xE2\x11".force_encoding('BINARY'),
+    tag: "\x85|\xF7\xE1\x94\tVG\x84\xE1\xA8\x81\a\xF4\xC60".force_encoding('BINARY'),
+    ivlen: 12,
+    iv: "\x0" * 12
+  },
+  {
+    class: JWE::Enc::A192gcm,
+    keylen: 24,
+    helloworld: "\x9F\xA4\xEC\xCCa\x86\tRO\xD7\xE3\x8D".force_encoding('BINARY'),
+    tag: "\xF6\xC0\xB8\x91A\xB1\xF0}\xD4u\xD0_\xCD\xA7\x17'".force_encoding('BINARY'),
+    ivlen: 12,
+    iv: "\x0" * 12
+  },
+  {
+    class: JWE::Enc::A256gcm,
+    keylen: 32,
+    helloworld: "\xFDq\xDC\xDD\x87\x9DK\x97\x03G\x99\f".force_encoding('BINARY'),
+    tag: "\xC6\xF1\r\xDD\x14\x7Fqf,6\x0EK\x7F\x9D\x1D\t".force_encoding('BINARY'),
+    ivlen: 12,
+    iv: "\x0" * 12
+  },
+  {
+    class: JWE::Enc::A128cbcHs256,
+    keylen: 32,
+    helloworld: "\a\x02F\xA4m%\xDFH\xB4\xA4.\xBF:\xBF$\xE2".force_encoding('BINARY'),
+    tag: "\xD2\xC2\xA5M\xF1e\x00\xDB}\xDB\x15\x9F\xFF\x8A\x7F\x94".force_encoding('BINARY'),
+    ivlen: 16,
+    iv: "\x0" * 16
+  },
+  {
+    class: JWE::Enc::A192cbcHs384,
+    keylen: 48,
+    helloworld: "p\xFES\xF0\xB4\xCC]8\x1D\xDE\x8Dt\xE7tMh".force_encoding('BINARY'),
+    tag: "\xEA\xF4\xD73M\xC6\x1D\x13\x0E\x9E\xAE%L\xD3\x04#\x80:\xA8}\xD7\x16E{".force_encoding('BINARY'),
+    ivlen: 16,
+    iv: "\x0" * 16
+  },
+  {
+    class: JWE::Enc::A256cbcHs512,
+    keylen: 64,
+    helloworld: "c\xFD\\\xB9Z\xB6\xE3\xB7\xEE\xA1\xD8\xDF\xB5\xB2\xF8\xEB".force_encoding('BINARY'),
+    tag: "\xD2W\xCAE\xBC\xE9\xC5\xCF\xD5\xE0\x88@j\xE4\xA1-\x16\xDA\x8F5(\x1D\x0E\x15.\xDC\x11\x12\x00`\xCER".force_encoding('BINARY'),
+    ivlen: 16,
+    iv: "\x0" * 16
+  }
+]
+
+gcm.each do |group|
+  describe group[:class] do
+    let(:klass) { group[:class] }
+    let(:key) { 'a' * group[:keylen] }
+    let(:plaintext) { 'hello world!' }
+
+    describe '#encrypt' do
+      context 'when an invalid key is used' do
+        it 'raises an error' do
+          enc = klass.new('small')
+          expect { enc.encrypt('plain', 'auth') }.to raise_error(JWE::BadCEK)
+        end
+      end
+
+      context 'with a valid key' do
+        it 'returns the encrypted payload' do
+          enc = klass.new(key, group[:iv])
+          expect(enc.encrypt(plaintext, '').force_encoding('BINARY')).to eq group[:helloworld]
+        end
+
+        it 'sets an authentication tag' do
+          enc = klass.new(key, group[:iv])
+          enc.encrypt(plaintext, '')
+          expect(enc.tag).to eq group[:tag]
+        end
+      end
+    end
+
+    describe '#decrypt' do
+      context 'when an invalid key is used' do
+        it 'raises an error' do
+          enc = klass.new('small')
+          expect { enc.decrypt('plain', 'auth') }.to raise_error(JWE::BadCEK)
+        end
+      end
+
+      context 'with a valid key' do
+        context 'when a valid tag is authenticated' do
+          it 'returns the plaintext' do
+            enc = klass.new(key, group[:iv])
+            enc.tag = group[:tag]
+            expect(enc.decrypt(group[:helloworld], '')).to eq plaintext
+          end
+        end
+
+        context 'when the tag is not valid' do
+          it 'raises an error' do
+            enc = klass.new(key, group[:iv])
+            enc.tag = "random"
+            expect { enc.decrypt(group[:helloworld], '') }.to raise_error(JWE::InvalidData)
+          end
+        end
+
+        context 'when the tag is not set' do
+          it 'raises an error' do
+            enc = klass.new(key, group[:iv])
+            expect { enc.decrypt(group[:helloworld], '') }.to raise_error(JWE::InvalidData)
+          end
+        end
+
+        context 'when the ciphertext is not valid' do
+          it 'raises an error' do
+            enc = klass.new(key, group[:iv])
+            enc.tag = group[:tag]
+            expect { enc.decrypt("random", '') }.to raise_error(JWE::InvalidData)
+          end
+        end
+      end
+    end
+
+    describe '#cipher' do
+      context 'when the cipher is not supported by the OpenSSL lib' do
+        it 'raises an error' do
+          enc = klass.new
+          allow(enc).to receive(:cipher_name) { 'bad-cipher-128' }
+          expect { enc.cipher }.to raise_error(JWE::NotImplementedError)
+        end
+      end
+
+      context 'when the cipher is supported' do
+        it 'returns the cipher object' do
+          enc = klass.new
+          allow(enc).to receive(:cipher_name) { OpenSSL::Cipher.ciphers.first }
+          expect(enc.cipher).to be_an OpenSSL::Cipher
+        end
+      end
+    end
+
+    describe '#cek' do
+      context 'when a key is not specified in initialization' do
+        it "returns a randomly generated #{group[:keylen]}-bytes key" do
+          expect(klass.new.cek.length).to eq group[:keylen]
+        end
+      end
+
+      context 'when a cek is given' do
+        it 'returns the cek' do
+          expect(klass.new('cek').cek).to eq 'cek'
+        end
+      end
+    end
+
+    describe '#iv' do
+      context 'when an iv is not specified in initialization' do
+        it "returns a randomly generated #{group[:ivlen]}-bytes iv" do
+          expect(klass.new.iv.length).to eq group[:ivlen]
+        end
+      end
+
+      context 'when a iv is given' do
+        it 'returns the iv' do
+          expect(klass.new('cek', 'iv').iv).to eq 'iv'
+        end
+      end
+    end
+
+    describe '.available?' do
+      context 'when the cipher is not available' do
+        it 'is false' do
+          allow_any_instance_of(klass).to receive(:cipher) { raise JWE::NotImplementedError.new }
+          expect(klass.available?).to be_falsey
+        end
+      end
+
+      context 'when the cipher is available' do
+        it 'is true' do
+          allow_any_instance_of(klass).to receive(:cipher)
+          expect(klass.available?).to be_truthy
+        end
+      end
+    end
+
+    describe 'full roundtrip' do
+      it 'decrypts the ciphertext to the original plaintext' do
+        enc = klass.new
+        ciphertext = enc.encrypt(plaintext, '')
+        expect(enc.decrypt(ciphertext, '')).to eq plaintext
+      end
+    end
+  end
+end

data/spec/jwe/serialization_spec.rb

@@ -0,0 +1,18 @@
+describe JWE::Serialization::Compact do
+  describe '#encode' do
+    it 'returns components base64ed and joined with a dot' do
+      components = [ 'a', 'b', 'c', 'd', 'e' ]
+      expect(JWE::Serialization::Compact.encode(*components)).to eq 'YQ.Yg.Yw.ZA.ZQ'
+    end
+  end
+
+  describe '#decode' do
+    it 'returns an array with the 5 components' do
+      expect(JWE::Serialization::Compact.decode('YQ.Yg.Yw.ZA.ZQ')).to eq [ 'a', 'b', 'c', 'd', 'e' ]
+    end
+
+    it 'raises an error when passed a badly formatted payload' do
+      expect { JWE::Serialization::Compact.decode('YQ.YQ.Yg.Yw.ZA.ZQ') }.to raise_error(JWE::DecodeError)
+    end
+  end
+end

data/spec/jwe/zip_spec.rb

@@ -0,0 +1,21 @@
+require 'jwe/zip/def'
+
+describe JWE::Zip do
+  describe '.for' do
+    it 'returns a class for the specified zip' do
+      expect(JWE::Zip.for('DEF')).to eq JWE::Zip::Def
+    end
+
+    it 'raises an error for a not-implemented zip' do
+      expect { JWE::Zip.for('BZIP2+JPG') }.to raise_error(JWE::NotImplementedError)
+    end
+  end
+end
+
+describe JWE::Zip::Def do
+  it 'deflates and inflates to original payload' do
+    deflate = JWE::Zip::Def.new
+    deflated = deflate.compress("hello world")
+    expect(deflate.decompress(deflated)).to eq "hello world"
+  end
+end

data/spec/jwe_spec.rb

@@ -0,0 +1,60 @@
+describe JWE do
+  let(:plaintext) { "The true sign of intelligence is not knowledge but imagination." }
+  let(:rsa_key) { OpenSSL::PKey::RSA.new File.read(File.dirname(__FILE__) + '/keys/rsa.pem') }
+  let(:password) { SecureRandom.random_bytes(64) }
+
+  it 'roundtrips' do
+    encrypted = JWE.encrypt(plaintext, rsa_key)
+    result = JWE.decrypt(encrypted, rsa_key)
+
+    expect(result).to eq plaintext
+  end
+
+  describe 'when using DEF compression' do
+    it 'roundtrips' do
+      encrypted = JWE.encrypt(plaintext, rsa_key, zip: 'DEF')
+      result = JWE.decrypt(encrypted, rsa_key)
+
+      expect(result).to eq plaintext
+    end
+  end
+
+  describe 'when using dir alg method' do
+    it 'roundtrips' do
+      encrypted = JWE.encrypt(plaintext, password, alg: 'dir')
+      result = JWE.decrypt(encrypted, password)
+
+      expect(result).to eq plaintext
+    end
+  end
+
+  it 'raises when passed a bad alg' do
+    expect { JWE.encrypt(plaintext, rsa_key, alg: 'TEST') }.to raise_error(ArgumentError)
+  end
+
+  it 'raises when passed a bad enc' do
+    expect { JWE.encrypt(plaintext, rsa_key, enc: 'TEST') }.to raise_error(ArgumentError)
+  end
+
+  it 'raises when passed a bad zip' do
+    expect { JWE.encrypt(plaintext, rsa_key, zip: 'TEST') }.to raise_error(ArgumentError)
+  end
+
+  it 'raises when decoding a bad alg' do
+    hdr = { alg: 'TEST', enc: 'A128GCM' }
+    payload = JWE::Base64.jwe_encode(hdr.to_json) + ".QY.QY.QY.QY"
+    expect { JWE.decrypt(payload, rsa_key) }.to raise_error(ArgumentError)
+  end
+
+  it 'raises when decoding a bad enc' do
+    hdr = { alg: 'A192CBC-HS384', enc: 'TEST' }
+    payload = JWE::Base64.jwe_encode(hdr.to_json) + ".QY.QY.QY.QY"
+    expect { JWE.decrypt(payload, rsa_key) }.to raise_error(ArgumentError)
+  end
+
+  it 'raises when decoding a bad zip' do
+    hdr = { alg: 'A192CBC-HS384', enc: 'A128GCM', zip: 'TEST' }
+    payload = JWE::Base64.jwe_encode(hdr.to_json) + ".QY.QY.QY.QY"
+    expect { JWE.decrypt(payload, rsa_key) }.to raise_error(ArgumentError)
+  end
+end

data/spec/keys/rsa.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAsqm+NfpjE/i27FvgfOZmoQsC8WcokDRT7pJwK6fVL8nPs1KF
+0YYHgtQMtsgh2KR1Z+y6cFiiXfzbksMP7XWn5h3G9uZVzaUAz3LM07TUqSA+9dkx
+/QA9Q3VWP5iNBgo59E7LqkAKIE0wfx/rzH85VUCZLFBW5tjcaxzRWyCI9RcpPwmp
+LtmNqoOxdhoy4O7r1mNTrcjlh+l/4I/yavS0+TXeImvOJkIbhIJhhbjE+GDiLEH4
+GxE8j2SThs1nxJtboO1MMZr9hhoHL4Z5qRu6/t+ckO9ONYwUu8eDwQCOsluXsAoe
+CdprYk92M/bvfhtV/C37AUZ6iZUFCS0/FE/VrQIDAQABAoIBAGL+jKdqAmX5hJm4
+Ws25+Bm5eTr7Ns2YQP1K5J4703M0NkKdMgqjYhwKlLTedWqNzYP09mTzp5u+VIeg
+T336mDp4O1toyxg0GhvX90hCxSak+F3Op9UQweFT7aM1SsaS+gO1eUHvU+0L+Bgo
+PsZDpCfpsDWOmmg0twUepZ4BjAGIk8wBPA+cWi8Vmbvnwrwo1643LvtA3p76qUwJ
+EPllQMmEnJ6gUNxQVgqQt/QM0UKPtZ5FyOK3zPcztY5xVO3SJCVvcKkciDo2M7wp
+x9qkRrnBYmouNaQjZJZLHKngHr0DF16sw3ajk8qBZW3d2O72loiOxzAhMmnzm68f
+dDHGNd0CgYEA2JueNMglqYWwOBQipboSMrDprSVR2We19Ji3VS1nXV+tvLsMyspq
+YinH0SkW/xbLnpsOr9yC9jkW0KwFFqPK7TXnrXTVs3a4nAAaDyG8ciZQB2nKSRHt
+H8DrM4IvIa1wU+mxj/Kdkp1L8dD6LLoLpmMsnxpjcvATImuZd5KqInsCgYEA0yeR
+frrx8fOMo40WVVpinxxqycIHIBeI/jHeiwU8kGilQJcrWw3VxpoJriuLsNW2HWR+
+nYz3Th6/FrJv6qhzwTFkgoqRS2Tw7qP+4gxk75hUR0M2a5d4Z0fjltQHaoP+P0kj
+5iPgshDFDmRcMEPUFx+KtI+g59bTlo6U0gmJY/cCgYBiy/gJExE6lSOfMG/tL0WF
+oXOz6cW/Z7JycgWM8DypNi7EWnynMlP7mhrtp9Q5XWhaW1cDl4yUSc3CN/PKM8Mn
+FuMpFpUyWgAyB0nbhQOy/Q6bkwEU+vww84lT4RkmPzlwzLKUeZCtgtlU3oB9Tg5q
+QenkV+DsV9wiYvmItHitaQKBgFNbe4ScKIdrrkmimP55ABXwEfg0MLvqjppK9Z/M
+IWyg4xvskaEQhSQyC0BG0I6uz4Yq9hEcZUThvm4nYycv+QJ7jUI7kcBByRtsgmKa
+of40FJFNZ15yHYYoSyBv872I/gXdyd5Aq6OgGyrjU8F6BXBbc1Z0nQDpPf5hqz5/
+pU1hAoGAWLjOMTJCFoOOxtdZ39oJmSDN0hImu+KtYWAxa4BmBDimLxwa1Xn4qEsn
+THDodsfMJc7HxYfeyzFZoqjf7vm2Et9eI+/PjT1CQx3DTYxsjk+8BaMqG6p/49Qr
+//JbxdDS735BW/A5rU4TEiJfcV66lT7gI8lL8cFsV1rYPMJWkqc=
+-----END RSA PRIVATE KEY-----

data/spec/spec_helper.rb

@@ -0,0 +1,9 @@
+require 'codeclimate-test-reporter'
+CodeClimate::TestReporter.start
+
+require 'rspec'
+require 'jwe'
+
+RSpec.configure do |config|
+  config.order = 'random'
+end

metadata

@@ -0,0 +1,121 @@
+--- !ruby/object:Gem::Specification
+name: jwe
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Francesco Boffa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-01-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard
+email: fra.boffa@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".codeclimate.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- LICENSE.md
+- Rakefile
+- jwe.gemspec
+- lib/jwe.rb
+- lib/jwe/alg.rb
+- lib/jwe/alg/dir.rb
+- lib/jwe/alg/rsa15.rb
+- lib/jwe/alg/rsa_oaep.rb
+- lib/jwe/base64.rb
+- lib/jwe/enc.rb
+- lib/jwe/enc/a128cbc_hs256.rb
+- lib/jwe/enc/a128gcm.rb
+- lib/jwe/enc/a192cbc_hs384.rb
+- lib/jwe/enc/a192gcm.rb
+- lib/jwe/enc/a256cbc_hs512.rb
+- lib/jwe/enc/a256gcm.rb
+- lib/jwe/enc/aes_cbc_hs.rb
+- lib/jwe/enc/aes_gcm.rb
+- lib/jwe/serialization/compact.rb
+- lib/jwe/version.rb
+- lib/jwe/zip.rb
+- lib/jwe/zip/def.rb
+- spec/jwe/alg_spec.rb
+- spec/jwe/base64_spec.rb
+- spec/jwe/enc_spec.rb
+- spec/jwe/serialization_spec.rb
+- spec/jwe/zip_spec.rb
+- spec/jwe_spec.rb
+- spec/keys/rsa.pem
+- spec/spec_helper.rb
+homepage: http://github.com/aomega08/jwe
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5.1
+signing_key: 
+specification_version: 4
+summary: JSON Web Encryption implementation in Ruby
+test_files: []