jwe 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d669663ec6b48136c82b078fa3d01c0d6c03a92a
-  data.tar.gz: 62ede4a2f3ea9044e727a27a28642ce183864b99
+  metadata.gz: fa8fe82eeb7d259a610ce7e6a89374a8d5cd7ff2
+  data.tar.gz: 0a1a8862400049ee407852f0e21cbb0cb6a8210b
 SHA512:
-  metadata.gz: 37054c453193a2e56d31d8269eeb29a3159646dbe073fd856abc4a3a567b843689e4cef436bb77e4c6e7b1059070399b1912725ebaa60bf4ccc6593179447d3f
-  data.tar.gz: e46636207448627d548d7804754b17d4d66962aef10b0d40193da75b0af2222c1d006971ab432e7e356c744b415cee2a12c3f29fea630f732d75c309e56a602f
+  metadata.gz: 40e851c53020b8c790080090ba7ca53e9e4264a5bcb990dd78598d2b0109ca5fe83e77fe2a3ae40c2ee5fcf75265e6074985f1038ef5ebd4003df8fa23fc5b59
+  data.tar.gz: f01772b4e6dc52ccded47081617c2890d21faf017b00ee285e525138e7d65765d9b2e38889b391159cf876e20328e81423afdf0123bcdd9497cc6581d4ad5478

data/.gitignore

@@ -8,4 +8,5 @@ bundle
 /.ruby-gemset
 /.ruby-version
 Gemfile.lock
+/coverage
 

data/.travis.yml

@@ -4,6 +4,7 @@ rvm:
   - 2.1.0
   - 2.2.0
   - 2.3.0
+  - 2.4.0
 addons:
   code_climate:
     repo_token: b5653aee7f7a47c0d70a89feb535648aa06575497b1eab9e16068c49bf4462c3

data/jwe.gemspec

@@ -15,7 +15,9 @@ Gem::Specification.new do |s|
   s.files = `git ls-files`.split("\n")
   s.require_paths = %w(lib)
 
+  s.required_ruby_version = '>= 2.0.0'
+
   s.add_development_dependency 'rspec'
   s.add_development_dependency 'rake'
-  s.add_development_dependency 'codeclimate-test-reporter'
+  s.add_development_dependency 'simplecov'
 end

data/lib/jwe/enc/aes_cbc_hs.rb

@@ -18,7 +18,7 @@ module JWE
         cipher.iv = iv
 
         ciphertext = cipher.update(cleartext) + cipher.final
-        length = [ciphertext.length * 8].pack('Q>') # 64bit big endian
+        length = [authenticated_data.length * 8].pack('Q>') # 64bit big endian
 
         to_sign = authenticated_data + iv + ciphertext + length
         signature = OpenSSL::HMAC.digest(OpenSSL::Digest.new(hash_name), mac_key, to_sign)
@@ -30,7 +30,7 @@ module JWE
       def decrypt(ciphertext, authenticated_data)
         raise JWE::BadCEK.new("The supplied key is invalid. Required length: #{key_length}") if cek.length != key_length
 
-        length = [ciphertext.length * 8].pack('Q>') # 64bit big endian
+        length = [authenticated_data.length * 8].pack('Q>') # 64bit big endian
         to_sign = authenticated_data + iv + ciphertext + length
         signature = OpenSSL::HMAC.digest(OpenSSL::Digest.new(hash_name), mac_key, to_sign)
         if signature[0...mac_key.length] != tag

data/lib/jwe/version.rb

@@ -1,3 +1,3 @@
 module JWE
-  VERSION = '0.1.1'.freeze
+  VERSION = '0.2.0'.freeze
 end

data/spec/jwe/enc_spec.rb

@@ -46,7 +46,7 @@ gcm = [
     class: JWE::Enc::A128cbcHs256,
     keylen: 32,
     helloworld: "\a\x02F\xA4m%\xDFH\xB4\xA4.\xBF:\xBF$\xE2".force_encoding('BINARY'),
-    tag: "\xD2\xC2\xA5M\xF1e\x00\xDB}\xDB\x15\x9F\xFF\x8A\x7F\x94".force_encoding('BINARY'),
+    tag: "\xDE$t\xBA\x8B\xEE\u001Df\x81\a\xC1\xBB\x98\xDFl\xF2".force_encoding('BINARY'),
     ivlen: 16,
     iv: "\x0" * 16
   },
@@ -54,7 +54,7 @@ gcm = [
     class: JWE::Enc::A192cbcHs384,
     keylen: 48,
     helloworld: "p\xFES\xF0\xB4\xCC]8\x1D\xDE\x8Dt\xE7tMh".force_encoding('BINARY'),
-    tag: "\xEA\xF4\xD73M\xC6\x1D\x13\x0E\x9E\xAE%L\xD3\x04#\x80:\xA8}\xD7\x16E{".force_encoding('BINARY'),
+    tag: "\xA8a\x04kRJ\x06`tp6\x8E\x9Ba\xE1e\xF6\xDA\"\x15\xEBk\xFDm".force_encoding('BINARY'),
     ivlen: 16,
     iv: "\x0" * 16
   },
@@ -62,7 +62,7 @@ gcm = [
     class: JWE::Enc::A256cbcHs512,
     keylen: 64,
     helloworld: "c\xFD\\\xB9Z\xB6\xE3\xB7\xEE\xA1\xD8\xDF\xB5\xB2\xF8\xEB".force_encoding('BINARY'),
-    tag: "\xD2W\xCAE\xBC\xE9\xC5\xCF\xD5\xE0\x88@j\xE4\xA1-\x16\xDA\x8F5(\x1D\x0E\x15.\xDC\x11\x12\x00`\xCER".force_encoding('BINARY'),
+    tag: "wC\xE3:\x91\x89W\x97\xBE\xB0\xBD\xEAo\xC66\x9F\xB82\xFDn\xA7.\u0014l\xFC2\xD7\xDFq\xB5[\xC6".force_encoding('BINARY'),
     ivlen: 16,
     iv: "\x0" * 16
   }

data/spec/jwe_spec.rb

@@ -21,8 +21,9 @@ describe JWE do
 
   describe 'when using dir alg method' do
     it 'roundtrips' do
-      encrypted = JWE.encrypt(plaintext, password, alg: 'dir')
-      result = JWE.decrypt(encrypted, password)
+      aes_password = SecureRandom.random_bytes(16)
+      encrypted = JWE.encrypt(plaintext, aes_password, alg: 'dir')
+      result = JWE.decrypt(encrypted, aes_password)
 
       expect(result).to eq plaintext
     end

data/spec/spec_helper.rb

@@ -1,5 +1,5 @@
-require 'codeclimate-test-reporter'
-CodeClimate::TestReporter.start
+require 'simplecov'
+SimpleCov.start
 
 require 'rspec'
 require 'jwe'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwe
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Francesco Boffa
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-12 00:00:00.000000000 Z
+date: 2017-04-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -39,7 +39,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -107,7 +107,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -115,7 +115,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.8
+rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
 summary: JSON Web Encryption implementation in Ruby