jwt-eddsa 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.release-please-manifest.json +1 -1
- data/CHANGELOG.md +9 -0
- data/README.md +5 -3
- data/lib/jwt/eddsa/algo.rb +13 -10
- data/lib/jwt/eddsa/jwk/okp.rb +7 -8
- data/lib/jwt/eddsa/version.rb +1 -1
- data/lib/jwt/eddsa.rb +1 -0
- metadata +13 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3ae49f7f6ef6a2bb537a159116337a058c5c1f0c4624989391a9ead28792881b
|
|
4
|
+
data.tar.gz: 3205f4a5bb26b79e47e4cef4c37ee8615dfde8668276c865151a0efd308b1011
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4603a113307396cb3cde7c2cfb27abf349efe594b9445a446bb367d972a5fddf3d3f3c60d64082eb2ad4d8c7b17d1921a93853fe6a09f1570b9893adf52f885c
|
|
7
|
+
data.tar.gz: 79827ac9ab51c432b08ac6b605f72ef8e834f4b8fa1f432d1ce3248b2e8e455a7d824ec5a83182a2b014daa6d98734670830c655567c117c53715fd9aa54e743
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [0.7.0](https://github.com/anakinj/jwt-eddsa/compare/v0.6.0...v0.7.0) (2024-08-04)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Features
|
|
7
|
+
|
|
8
|
+
* Always set `alg` header to `EdDSA` ([#13](https://github.com/anakinj/jwt-eddsa/issues/13)) ([daaa740](https://github.com/anakinj/jwt-eddsa/commit/daaa740e653c9786c7ac9c5d086ad5ef9c432df7))
|
|
9
|
+
* Replace rbnacl with ed25519 ([#9](https://github.com/anakinj/jwt-eddsa/issues/9)) ([a0f8200](https://github.com/anakinj/jwt-eddsa/commit/a0f8200d1d81ce5807539a54e6fac29c4065ac97))
|
|
10
|
+
* Support the `ED25519` reference when pointing to the algorithm ([#12](https://github.com/anakinj/jwt-eddsa/issues/12)) ([982ecf3](https://github.com/anakinj/jwt-eddsa/commit/982ecf31b68bde8d06bb791de0717b51fb5084e8))
|
|
11
|
+
|
|
3
12
|
## [0.6.0](https://github.com/anakinj/jwt-eddsa/compare/v0.5.0...v0.6.0) (2024-08-02)
|
|
4
13
|
|
|
5
14
|
|
data/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# jwt-eddsa
|
|
2
2
|
|
|
3
3
|
[](https://badge.fury.io/rb/jwt-eddsa)
|
|
4
|
-
[](https://github.com/jwt
|
|
4
|
+
[](https://github.com/anakinj/jwt-eddsa/actions?query=branch%3Amain+workflow%3Atest)
|
|
5
5
|
|
|
6
6
|
A library extending the ruby-jwt gem with EdDSA algorithms. Based on [RFC 8037](https://datatracker.ietf.org/doc/html/rfc8037).
|
|
7
7
|
|
|
@@ -40,7 +40,9 @@ bundle exec rake
|
|
|
40
40
|
|
|
41
41
|
## Contributing
|
|
42
42
|
|
|
43
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/anakinj/jwt-eddsa. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/anakinj/jwt-eddsa/blob/
|
|
43
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/anakinj/jwt-eddsa. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/anakinj/jwt-eddsa/blob/main/CODE_OF_CONDUCT.md).
|
|
44
|
+
|
|
45
|
+
In this repository, pull request titles must follow the [Conventional Commit](https://www.conventionalcommits.org/) specification to ensure clear and consistent communication of changes.
|
|
44
46
|
|
|
45
47
|
## License
|
|
46
48
|
|
|
@@ -48,4 +50,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
|
48
50
|
|
|
49
51
|
## Code of Conduct
|
|
50
52
|
|
|
51
|
-
Everyone interacting in the jwt-eddsa project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/
|
|
53
|
+
Everyone interacting in the jwt-eddsa project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/anakinj/jwt-eddsa/blob/main/CODE_OF_CONDUCT.md).
|
data/lib/jwt/eddsa/algo.rb
CHANGED
|
@@ -4,30 +4,33 @@ module JWT
|
|
|
4
4
|
module EdDSA
|
|
5
5
|
# EdDSA algorithm implementation
|
|
6
6
|
module Algo
|
|
7
|
-
include JWT::JWA::
|
|
7
|
+
include JWT::JWA::SignatureAlgorithm
|
|
8
8
|
|
|
9
9
|
register_algorithm("EdDSA")
|
|
10
|
+
register_algorithm("ED25519")
|
|
10
11
|
|
|
11
12
|
class << self
|
|
12
|
-
def sign(
|
|
13
|
-
unless key.is_a?(
|
|
14
|
-
raise_sign_error!("Key given is a #{key.class} but needs to be a "
|
|
15
|
-
"RbNaCl::Signatures::Ed25519::SigningKey")
|
|
13
|
+
def sign(_alg, msg, key)
|
|
14
|
+
unless key.is_a?(Ed25519::SigningKey)
|
|
15
|
+
raise_sign_error!("Key given is a #{key.class} but needs to be a Ed25519::SigningKey")
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
key.sign(msg)
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
def verify(
|
|
22
|
-
unless public_key.is_a?(
|
|
23
|
-
raise_verify_error!("Key given is a #{public_key.class} but needs to be a "
|
|
24
|
-
"RbNaCl::Signatures::Ed25519::VerifyKey")
|
|
21
|
+
def verify(_alg, public_key, signing_input, signature)
|
|
22
|
+
unless public_key.is_a?(Ed25519::VerifyKey)
|
|
23
|
+
raise_verify_error!("Key given is a #{public_key.class} but needs to be a Ed25519::VerifyKey")
|
|
25
24
|
end
|
|
26
25
|
|
|
27
26
|
public_key.verify(signature, signing_input)
|
|
28
|
-
rescue
|
|
27
|
+
rescue Ed25519::VerifyError
|
|
29
28
|
false
|
|
30
29
|
end
|
|
30
|
+
|
|
31
|
+
def header(*)
|
|
32
|
+
{ "alg" => "EdDSA" }
|
|
33
|
+
end
|
|
31
34
|
end
|
|
32
35
|
end
|
|
33
36
|
end
|
data/lib/jwt/eddsa/jwk/okp.rb
CHANGED
|
@@ -6,8 +6,7 @@ module JWT
|
|
|
6
6
|
# https://datatracker.ietf.org/doc/html/rfc8037
|
|
7
7
|
class OKP < ::JWT::JWK::KeyBase
|
|
8
8
|
KTY = "OKP"
|
|
9
|
-
KTYS = [KTY, JWT::EdDSA::JWK::OKP,
|
|
10
|
-
RbNaCl::Signatures::Ed25519::VerifyKey].freeze
|
|
9
|
+
KTYS = [KTY, JWT::EdDSA::JWK::OKP, Ed25519::SigningKey, Ed25519::VerifyKey].freeze
|
|
11
10
|
OKP_PUBLIC_KEY_ELEMENTS = %i[kty n x].freeze
|
|
12
11
|
OKP_PRIVATE_KEY_ELEMENTS = %i[d].freeze
|
|
13
12
|
|
|
@@ -63,11 +62,11 @@ module JWT
|
|
|
63
62
|
case key
|
|
64
63
|
when JWT::JWK::KeyBase
|
|
65
64
|
key.export(include_private: true)
|
|
66
|
-
when
|
|
65
|
+
when Ed25519::SigningKey
|
|
67
66
|
@signing_key = key
|
|
68
67
|
@verify_key = key.verify_key
|
|
69
68
|
parse_okp_key_params(@verify_key, @signing_key)
|
|
70
|
-
when
|
|
69
|
+
when Ed25519::VerifyKey
|
|
71
70
|
@signing_key = nil
|
|
72
71
|
@verify_key = key
|
|
73
72
|
parse_okp_key_params(@verify_key)
|
|
@@ -75,8 +74,8 @@ module JWT
|
|
|
75
74
|
key.transform_keys(&:to_sym)
|
|
76
75
|
else
|
|
77
76
|
raise ArgumentError,
|
|
78
|
-
"key must be of type
|
|
79
|
-
"
|
|
77
|
+
"key must be of type Ed25519::SigningKey, " \
|
|
78
|
+
"Ed25519::VerifyKey " \
|
|
80
79
|
"or Hash with key parameters"
|
|
81
80
|
end
|
|
82
81
|
end
|
|
@@ -101,13 +100,13 @@ module JWT
|
|
|
101
100
|
end
|
|
102
101
|
|
|
103
102
|
def verify_key_from_parameters
|
|
104
|
-
|
|
103
|
+
Ed25519::VerifyKey.new(::Base64.urlsafe_decode64(self[:x]))
|
|
105
104
|
end
|
|
106
105
|
|
|
107
106
|
def signing_key_from_parameters
|
|
108
107
|
return nil unless self[:d]
|
|
109
108
|
|
|
110
|
-
|
|
109
|
+
Ed25519::SigningKey.new(::Base64.urlsafe_decode64(self[:d]))
|
|
111
110
|
end
|
|
112
111
|
|
|
113
112
|
class << self
|
data/lib/jwt/eddsa/version.rb
CHANGED
data/lib/jwt/eddsa.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt-eddsa
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Joakim Antman
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-08-
|
|
11
|
+
date: 2024-08-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: base64
|
|
@@ -25,33 +25,33 @@ dependencies:
|
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: '0'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
|
-
name:
|
|
28
|
+
name: ed25519
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
-
- - "
|
|
31
|
+
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version:
|
|
33
|
+
version: '0'
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
|
-
- - "
|
|
38
|
+
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version:
|
|
40
|
+
version: '0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
|
-
name:
|
|
42
|
+
name: jwt
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
|
-
- - "
|
|
45
|
+
- - ">"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version:
|
|
47
|
+
version: 2.8.2
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
|
-
- - "
|
|
52
|
+
- - ">"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version:
|
|
54
|
+
version: 2.8.2
|
|
55
55
|
description: Extends the ruby-jwt gem with EdDSA signing, verification and JWK importing/exporting
|
|
56
56
|
email:
|
|
57
57
|
- antmanj@gmail.com
|
|
@@ -79,7 +79,7 @@ licenses:
|
|
|
79
79
|
metadata:
|
|
80
80
|
homepage_uri: https://github.com/anakinj/jwt-eddsa
|
|
81
81
|
source_code_uri: https://github.com/anakinj/jwt-eddsa
|
|
82
|
-
changelog_uri: https://github.com/anakinj/jwt-eddsa/blob/v0.
|
|
82
|
+
changelog_uri: https://github.com/anakinj/jwt-eddsa/blob/v0.7.0/CHANGELOG.md
|
|
83
83
|
rubygems_mfa_required: 'true'
|
|
84
84
|
post_install_message:
|
|
85
85
|
rdoc_options: []
|