jwe 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fa8fe82eeb7d259a610ce7e6a89374a8d5cd7ff2
-  data.tar.gz: 0a1a8862400049ee407852f0e21cbb0cb6a8210b
+  metadata.gz: 05c87a9be4e5864d4f31495bd609ff3d4abf1a68
+  data.tar.gz: dc5edbbac44a91be23673da3f5d0b2beb91a8245
 SHA512:
-  metadata.gz: 40e851c53020b8c790080090ba7ca53e9e4264a5bcb990dd78598d2b0109ca5fe83e77fe2a3ae40c2ee5fcf75265e6074985f1038ef5ebd4003df8fa23fc5b59
-  data.tar.gz: f01772b4e6dc52ccded47081617c2890d21faf017b00ee285e525138e7d65765d9b2e38889b391159cf876e20328e81423afdf0123bcdd9497cc6581d4ad5478
+  metadata.gz: a26d929b4124949bbac9137855a32b42a9ab9165c0025e405e924937e99c9222e88096a1d5e40c93360f4e491df4f43ebe80a4f6d9fe0bba8bc34b9d10a94d99
+  data.tar.gz: b3e9575add99b0ad449c083a3981d419aaeaf17748591f00e293fcb61e556257b2b371af2c13c7ce8f294cfe72ec39d0f5cac7d6f2b46dd2c2864045410962dc

data/README.md

@@ -84,9 +84,9 @@ Key management:
 * RSA1_5
 * RSA-OAEP (default)
 * ~~RSA-OAEP-256~~
-* ~~A128KW~~
-* ~~A192KW~~
-* ~~A256KW~~
+* A128KW
+* A192KW
+* A256KW
 * dir
 * ~~ECDH-ES~~
 * ~~ECDH-ES+A128KW~~

data/lib/jwe/alg.rb

@@ -1,3 +1,4 @@
+require 'jwe/alg/a128_kw'
 require 'jwe/alg/dir'
 require 'jwe/alg/rsa_oaep'
 require 'jwe/alg/rsa15'

data/lib/jwe/alg/a128_kw.rb

@@ -0,0 +1,13 @@
+require 'jwe/alg/aes_kw'
+
+module JWE
+  module Alg
+    class A128Kw
+      include AesKw
+
+      def cipher_name
+        'AES-128-ECB'
+      end
+    end
+  end
+end

data/lib/jwe/alg/a192_kw.rb

@@ -0,0 +1,13 @@
+require 'jwe/alg/aes_kw'
+
+module JWE
+  module Alg
+    class A192Kw
+      include AesKw
+
+      def cipher_name
+        'AES-192-ECB'
+      end
+    end
+  end
+end

data/lib/jwe/alg/a256_kw.rb

@@ -0,0 +1,13 @@
+require 'jwe/alg/aes_kw'
+
+module JWE
+  module Alg
+    class A256Kw
+      include AesKw
+
+      def cipher_name
+        'AES-256-ECB'
+      end
+    end
+  end
+end

data/lib/jwe/alg/aes_kw.rb

@@ -0,0 +1,84 @@
+module JWE
+  module Alg
+    module AesKw
+      attr_accessor :key
+      attr_accessor :iv
+
+      def initialize(key = nil, iv = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6")
+        self.iv = iv.force_encoding('ASCII-8BIT')
+        self.key = key.force_encoding('ASCII-8BIT')
+      end
+
+      def encrypt(cek)
+        a = iv
+        r = cek.scan(/.{8}/m)
+
+        6.times do |j|
+          r.length.times do |i|
+            b = encrypt_round(a + r[i])
+
+            a = b.chars.first(8).join
+            r[i] = b.chars.last(8).join
+
+            t = (r.length * j) + i + 1
+            a = xor(a, t)
+          end
+        end
+
+        ([a] + r).join
+      end
+
+      def decrypt(encrypted_cek)
+        c = encrypted_cek.scan(/.{8}/m)
+        a = c[0]
+
+        r = c[1..c.length]
+
+        5.downto(0) do |j|
+          r.length.downto(1) do |i|
+            t = (r.length * j) + i
+            a = xor(a, t)
+
+            b = decrypt_round(a + r[i - 1])
+
+            a = b.chars.first(8).join
+            r[i - 1] = b.chars.last(8).join
+          end
+        end
+
+        if a != iv
+          raise StandardError.new('The encrypted key has been tampered. Do not use this key.')
+        end
+
+        r.join
+      end
+
+      def cipher
+        @cipher ||= OpenSSL::Cipher.new(cipher_name)
+      rescue RuntimeError
+        raise JWE::NotImplementedError.new("The version of OpenSSL linked to your Ruby does not support the cipher #{cipher_name}.")
+      end
+
+      def encrypt_round(data)
+        cipher.encrypt
+        cipher.key = key
+        cipher.padding = 0
+        cipher.update(data) + cipher.final
+      end
+
+      def decrypt_round(data)
+        cipher.decrypt
+        cipher.key = key
+        cipher.padding = 0
+        cipher.update(data) + cipher.final
+      end
+
+      def xor(data, t)
+        t = ([0] * (data.length - 1)) + [t]
+        data = data.chars.map(&:ord)
+
+        data.zip(t).map { |a, b| (a ^ b).chr }.join
+      end
+    end
+  end
+end

data/lib/jwe/version.rb

@@ -1,3 +1,3 @@
 module JWE
-  VERSION = '0.2.0'.freeze
+  VERSION = '0.3.0'.freeze
 end

data/lib/jwe/zip/def.rb

@@ -4,11 +4,19 @@ module JWE
   module Zip
     class Def
       def compress(payload)
-        Zlib::Deflate.deflate(payload)
+        zlib = Zlib::Deflate.new(Zlib::DEFAULT_COMPRESSION, -Zlib::MAX_WBITS)
+        zlib.deflate(payload)
+        zlib.finish
       end
 
+      # Was using RFC 1950 instead of 1951.
       def decompress(payload)
         Zlib::Inflate.inflate(payload)
+
+      # Keeping compatibility for old encoded tokens
+      rescue Zlib::DataError
+        inflate = Zlib::Inflate.new(-Zlib::MAX_WBITS)
+        inflate.inflate(payload)
       end
     end
   end

data/spec/jwe/alg_spec.rb

@@ -1,6 +1,9 @@
 require 'jwe/alg/dir'
 require 'jwe/alg/rsa_oaep'
 require 'jwe/alg/rsa15'
+require 'jwe/alg/a128_kw'
+require 'jwe/alg/a192_kw'
+require 'jwe/alg/a256_kw'
 require 'openssl'
 
 describe JWE::Alg do
@@ -64,3 +67,34 @@ describe JWE::Alg::Rsa15 do
     expect(alg.decrypt(ciphertext)).to eq 'random key'
   end
 end
+
+[
+  JWE::Alg::A128Kw,
+  JWE::Alg::A192Kw,
+  JWE::Alg::A256Kw
+].each_with_index do |klass, i|
+  describe klass do
+    let(:kek) { SecureRandom.random_bytes(16 + i * 8) }
+    let(:cek) { SecureRandom.random_bytes(32) }
+    let(:alg) { klass.new(kek) }
+
+    describe '#encrypt' do
+      it 'returns an encrypted string' do
+        expect(alg.encrypt(cek)).to_not eq cek
+      end
+    end
+
+    it 'decrypts the encrypted key to the original key' do
+      ciphertext = alg.encrypt(cek)
+      expect(alg.decrypt(ciphertext)).to eq cek
+    end
+
+    it 'raises when trying to decrypt tampered keys' do
+      alg = klass.new(kek, "\xA7\xA7\xA7\xA7\xA6\xA6\xA6\xA6")
+      ciphertext = alg.encrypt(cek)
+
+      bad_alg = klass.new(kek, "\xA7\xA7\xA7\xA7\xA7\xA7\xA7\xA7")
+      expect { bad_alg.decrypt(ciphertext) }.to raise_error(StandardError)
+    end
+  end
+end

data/spec/jwe/zip_spec.rb

@@ -18,4 +18,10 @@ describe JWE::Zip::Def do
     deflated = deflate.compress('hello world')
     expect(deflate.decompress(deflated)).to eq 'hello world'
   end
+
+  it 'can deflate an RFC 1950 compressed message' do
+    deflated = Zlib::Deflate.deflate('hello world')
+    deflate = JWE::Zip::Def.new
+    expect(deflate.decompress(deflated)).to eq 'hello world'
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwe
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Francesco Boffa
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-02 00:00:00.000000000 Z
+date: 2017-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -70,6 +70,10 @@ files:
 - jwe.gemspec
 - lib/jwe.rb
 - lib/jwe/alg.rb
+- lib/jwe/alg/a128_kw.rb
+- lib/jwe/alg/a192_kw.rb
+- lib/jwe/alg/a256_kw.rb
+- lib/jwe/alg/aes_kw.rb
 - lib/jwe/alg/dir.rb
 - lib/jwe/alg/rsa15.rb
 - lib/jwe/alg/rsa_oaep.rb