jwt 2.5.0 → 2.7.1

data/lib/jwt/jwk/hmac.rb

@@ -4,15 +4,27 @@ module JWT
   module JWK
     class HMAC < KeyBase
       KTY  = 'oct'
-      KTYS = [KTY, String].freeze
+      KTYS = [KTY, String, JWT::JWK::HMAC].freeze
+      HMAC_PUBLIC_KEY_ELEMENTS = %i[kty].freeze
+      HMAC_PRIVATE_KEY_ELEMENTS = %i[k].freeze
+      HMAC_KEY_ELEMENTS = (HMAC_PRIVATE_KEY_ELEMENTS + HMAC_PUBLIC_KEY_ELEMENTS).freeze
 
-      attr_reader :signing_key
+      def initialize(key, params = nil, options = {})
+        params ||= {}
 
-      def initialize(signing_key, options = {})
-        raise ArgumentError, 'signing_key must be of type String' unless signing_key.is_a?(String)
+        # For backwards compatibility when kid was a String
+        params = { kid: params } if params.is_a?(String)
 
-        @signing_key = signing_key
-        super(options)
+        key_params = extract_key_params(key)
+
+        params = params.transform_keys(&:to_sym)
+        check_jwk(key_params, params)
+
+        super(options, key_params.merge(params))
+      end
+
+      def keypair
+        secret
       end
 
       def private?
@@ -23,43 +35,67 @@ module JWT
         nil
       end
 
-      # See https://tools.ietf.org/html/rfc7517#appendix-A.3
-      def export(options = {})
-        exported_hash = {
-          kty: KTY,
-          kid: kid
-        }
+      def verify_key
+        secret
+      end
 
-        return exported_hash unless private? && options[:include_private] == true
+      def signing_key
+        secret
+      end
 
-        exported_hash.merge(
-          k: signing_key
-        )
+      # See https://tools.ietf.org/html/rfc7517#appendix-A.3
+      def export(options = {})
+        exported = parameters.clone
+        exported.reject! { |k, _| HMAC_PRIVATE_KEY_ELEMENTS.include? k } unless private? && options[:include_private] == true
+        exported
       end
 
       def members
-        {
-          kty: KTY,
-          k: signing_key
-        }
+        HMAC_KEY_ELEMENTS.each_with_object({}) { |i, h| h[i] = self[i] }
       end
 
-      alias keypair signing_key # for backwards compatibility
-
       def key_digest
         sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::UTF8String.new(signing_key),
                                             OpenSSL::ASN1::UTF8String.new(KTY)])
         OpenSSL::Digest::SHA256.hexdigest(sequence.to_der)
       end
 
-      class << self
-        def import(jwk_data)
-          jwk_k = jwk_data[:k] || jwk_data['k']
-          jwk_kid = jwk_data[:kid] || jwk_data['kid']
+      def []=(key, value)
+        if HMAC_KEY_ELEMENTS.include?(key.to_sym)
+          raise ArgumentError, 'cannot overwrite cryptographic key attributes'
+        end
+
+        super(key, value)
+      end
+
+      private
+
+      def secret
+        self[:k]
+      end
 
-          raise JWT::JWKError, 'Key format is invalid for HMAC' unless jwk_k
+      def extract_key_params(key)
+        case key
+        when JWT::JWK::HMAC
+          key.export(include_private: true)
+        when String # Accept String key as input
+          { kty: KTY, k: key }
+        when Hash
+          key.transform_keys(&:to_sym)
+        else
+          raise ArgumentError, 'key must be of type String or Hash with key parameters'
+        end
+      end
+
+      def check_jwk(keypair, params)
+        raise ArgumentError, 'cannot overwrite cryptographic key attributes' unless (HMAC_KEY_ELEMENTS & params.keys).empty?
+        raise JWT::JWKError, "Incorrect 'kty' value: #{keypair[:kty]}, expected #{KTY}" unless keypair[:kty] == KTY
+        raise JWT::JWKError, 'Key format is invalid for HMAC' unless keypair[:k]
+      end
 
-          new(jwk_k, kid: jwk_kid)
+      class << self
+        def import(jwk_data)
+          new(jwk_data)
         end
       end
     end

data/lib/jwt/jwk/key_base.rb

@@ -8,28 +8,48 @@ module JWT
         ::JWT::JWK.classes << klass
       end
 
-      def initialize(options)
+      def initialize(options, params = {})
         options ||= {}
 
-        if options.is_a?(String) # For backwards compatibility when kid was a String
-          options = { kid: options }
-        end
+        @parameters = params.transform_keys(&:to_sym) # Uniform interface
 
-        @kid           = options[:kid]
-        @kid_generator = options[:kid_generator] || ::JWT.configuration.jwk.kid_generator
+        # For backwards compatibility, kid_generator may be specified in the parameters
+        options[:kid_generator] ||= @parameters.delete(:kid_generator)
+
+        # Make sure the key has a kid
+        kid_generator = options[:kid_generator] || ::JWT.configuration.jwk.kid_generator
+        self[:kid] ||= kid_generator.new(self).generate
       end
 
       def kid
-        @kid ||= generate_kid
+        self[:kid]
       end
 
-      private
+      def hash
+        self[:kid].hash
+      end
+
+      def [](key)
+        @parameters[key.to_sym]
+      end
+
+      def []=(key, value)
+        @parameters[key.to_sym] = value
+      end
+
+      def ==(other)
+        self[:kid] == other[:kid]
+      end
 
-      attr_reader :kid_generator
+      alias eql? ==
 
-      def generate_kid
-        kid_generator.new(self).generate
+      def <=>(other)
+        self[:kid] <=> other[:kid]
       end
+
+      private
+
+      attr_reader :parameters
     end
   end
 end

data/lib/jwt/jwk/key_finder.rb

@@ -4,58 +4,42 @@ module JWT
   module JWK
     class KeyFinder
       def initialize(options)
+        @allow_nil_kid = options[:allow_nil_kid]
         jwks_or_loader = options[:jwks]
-        @jwks          = jwks_or_loader if jwks_or_loader.is_a?(Hash)
-        @jwk_loader    = jwks_or_loader if jwks_or_loader.respond_to?(:call)
+
+        @jwks_loader = if jwks_or_loader.respond_to?(:call)
+          jwks_or_loader
+        else
+          ->(_options) { jwks_or_loader }
+        end
       end
 
       def key_for(kid)
-        raise ::JWT::DecodeError, 'No key id (kid) found from token headers' unless kid
+        raise ::JWT::DecodeError, 'No key id (kid) found from token headers' unless kid || @allow_nil_kid
+        raise ::JWT::DecodeError, 'Invalid type for kid header parameter' unless kid.nil? || kid.is_a?(String)
 
         jwk = resolve_key(kid)
 
-        raise ::JWT::DecodeError, 'No keys found in jwks' if jwks_keys.empty?
+        raise ::JWT::DecodeError, 'No keys found in jwks' unless @jwks.any?
         raise ::JWT::DecodeError, "Could not find public key for kid #{kid}" unless jwk
 
-        ::JWT::JWK.import(jwk).keypair
+        jwk.verify_key
       end
 
       private
 
       def resolve_key(kid)
-        jwk = find_key(kid)
-
-        return jwk if jwk
-
-        if reloadable?
-          load_keys(invalidate: true, kid_not_found: true, kid: kid) # invalidate for backwards compatibility
-          return find_key(kid)
-        end
-
-        nil
-      end
+        key_matcher = ->(key) { (kid.nil? && @allow_nil_kid) || key[:kid] == kid }
 
-      def jwks
-        return @jwks if @jwks
+        # First try without invalidation to facilitate application caching
+        @jwks ||= JWT::JWK::Set.new(@jwks_loader.call(kid: kid))
+        jwk = @jwks.find { |key| key_matcher.call(key) }
 
-        load_keys
-        @jwks
-      end
-
-      def load_keys(opts = {})
-        @jwks = @jwk_loader.call(opts)
-      end
-
-      def jwks_keys
-        Array(jwks[:keys] || jwks['keys'])
-      end
-
-      def find_key(kid)
-        jwks_keys.find { |key| (key[:kid] || key['kid']) == kid }
-      end
+        return jwk if jwk
 
-      def reloadable?
-        @jwk_loader
+        # Second try, invalidate for backwards compatibility
+        @jwks = JWT::JWK::Set.new(@jwks_loader.call(invalidate: true, kid_not_found: true, kid: kid))
+        @jwks.find { |key| key_matcher.call(key) }
       end
     end
   end

data/lib/jwt/jwk/okp_rbnacl.rb

@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+
+module JWT
+  module JWK
+    class OKPRbNaCl < KeyBase
+      KTY  = 'OKP'
+      KTYS = [KTY, JWT::JWK::OKPRbNaCl, RbNaCl::Signatures::Ed25519::SigningKey, RbNaCl::Signatures::Ed25519::VerifyKey].freeze
+      OKP_PUBLIC_KEY_ELEMENTS = %i[kty n x].freeze
+      OKP_PRIVATE_KEY_ELEMENTS = %i[d].freeze
+
+      def initialize(key, params = nil, options = {})
+        params ||= {}
+
+        # For backwards compatibility when kid was a String
+        params = { kid: params } if params.is_a?(String)
+
+        key_params = extract_key_params(key)
+
+        params = params.transform_keys(&:to_sym)
+        check_jwk_params!(key_params, params)
+        super(options, key_params.merge(params))
+      end
+
+      def verify_key
+        return @verify_key if defined?(@verify_key)
+
+        @verify_key = verify_key_from_parameters
+      end
+
+      def signing_key
+        return @signing_key if defined?(@signing_key)
+
+        @signing_key = signing_key_from_parameters
+      end
+
+      def key_digest
+        Thumbprint.new(self).to_s
+      end
+
+      def private?
+        !signing_key.nil?
+      end
+
+      def members
+        OKP_PUBLIC_KEY_ELEMENTS.each_with_object({}) { |i, h| h[i] = self[i] }
+      end
+
+      def export(options = {})
+        exported = parameters.clone
+        exported.reject! { |k, _| OKP_PRIVATE_KEY_ELEMENTS.include?(k) } unless private? && options[:include_private] == true
+        exported
+      end
+
+      private
+
+      def extract_key_params(key)
+        case key
+        when JWT::JWK::KeyBase
+          key.export(include_private: true)
+        when RbNaCl::Signatures::Ed25519::SigningKey
+          @signing_key = key
+          @verify_key = key.verify_key
+          parse_okp_key_params(@verify_key, @signing_key)
+        when RbNaCl::Signatures::Ed25519::VerifyKey
+          @signing_key = nil
+          @verify_key = key
+          parse_okp_key_params(@verify_key)
+        when Hash
+          key.transform_keys(&:to_sym)
+        else
+          raise ArgumentError, 'key must be of type RbNaCl::Signatures::Ed25519::SigningKey, RbNaCl::Signatures::Ed25519::VerifyKey or Hash with key parameters'
+        end
+      end
+
+      def check_jwk_params!(key_params, _given_params)
+        raise JWT::JWKError, "Incorrect 'kty' value: #{key_params[:kty]}, expected #{KTY}" unless key_params[:kty] == KTY
+      end
+
+      def parse_okp_key_params(verify_key, signing_key = nil)
+        params = {
+          kty: KTY,
+          crv: 'Ed25519',
+          x: ::JWT::Base64.url_encode(verify_key.to_bytes)
+        }
+
+        if signing_key
+          params[:d] = ::JWT::Base64.url_encode(signing_key.to_bytes)
+        end
+
+        params
+      end
+
+      def verify_key_from_parameters
+        RbNaCl::Signatures::Ed25519::VerifyKey.new(::JWT::Base64.url_decode(self[:x]))
+      end
+
+      def signing_key_from_parameters
+        return nil unless self[:d]
+
+        RbNaCl::Signatures::Ed25519::SigningKey.new(::JWT::Base64.url_decode(self[:d]))
+      end
+
+      class << self
+        def import(jwk_data)
+          new(jwk_data)
+        end
+      end
+    end
+  end
+end

data/lib/jwt/jwk/rsa.rb

@@ -2,44 +2,59 @@
 
 module JWT
   module JWK
-    class RSA < KeyBase
+    class RSA < KeyBase # rubocop:disable Metrics/ClassLength
       BINARY = 2
       KTY    = 'RSA'
-      KTYS   = [KTY, OpenSSL::PKey::RSA].freeze
-      RSA_KEY_ELEMENTS = %i[n e d p q dp dq qi].freeze
+      KTYS   = [KTY, OpenSSL::PKey::RSA, JWT::JWK::RSA].freeze
+      RSA_PUBLIC_KEY_ELEMENTS  = %i[kty n e].freeze
+      RSA_PRIVATE_KEY_ELEMENTS = %i[d p q dp dq qi].freeze
+      RSA_KEY_ELEMENTS = (RSA_PRIVATE_KEY_ELEMENTS + RSA_PUBLIC_KEY_ELEMENTS).freeze
 
-      attr_reader :keypair
+      RSA_OPT_PARAMS    = %i[p q dp dq qi].freeze
+      RSA_ASN1_SEQUENCE = (%i[n e d] + RSA_OPT_PARAMS).freeze # https://www.rfc-editor.org/rfc/rfc3447#appendix-A.1.2
 
-      def initialize(keypair, options = {})
-        raise ArgumentError, 'keypair must be of type OpenSSL::PKey::RSA' unless keypair.is_a?(OpenSSL::PKey::RSA)
+      def initialize(key, params = nil, options = {})
+        params ||= {}
 
-        @keypair = keypair
+        # For backwards compatibility when kid was a String
+        params = { kid: params } if params.is_a?(String)
 
-        super(options)
+        key_params = extract_key_params(key)
+
+        params = params.transform_keys(&:to_sym)
+        check_jwk_params!(key_params, params)
+
+        super(options, key_params.merge(params))
+      end
+
+      def keypair
+        rsa_key
       end
 
       def private?
-        keypair.private?
+        rsa_key.private?
       end
 
       def public_key
-        keypair.public_key
+        rsa_key.public_key
       end
 
-      def export(options = {})
-        exported_hash = members.merge(kid: kid)
+      def signing_key
+        rsa_key if private?
+      end
 
-        return exported_hash unless private? && options[:include_private] == true
+      def verify_key
+        rsa_key.public_key
+      end
 
-        append_private_parts(exported_hash)
+      def export(options = {})
+        exported = parameters.clone
+        exported.reject! { |k, _| RSA_PRIVATE_KEY_ELEMENTS.include? k } unless private? && options[:include_private] == true
+        exported
       end
 
       def members
-        {
-          kty: KTY,
-          n: encode_open_ssl_bn(public_key.n),
-          e: encode_open_ssl_bn(public_key.e)
-        }
+        RSA_PUBLIC_KEY_ELEMENTS.each_with_object({}) { |i, h| h[i] = self[i] }
       end
 
       def key_digest
@@ -48,89 +63,139 @@ module JWT
         OpenSSL::Digest::SHA256.hexdigest(sequence.to_der)
       end
 
+      def []=(key, value)
+        if RSA_KEY_ELEMENTS.include?(key.to_sym)
+          raise ArgumentError, 'cannot overwrite cryptographic key attributes'
+        end
+
+        super(key, value)
+      end
+
       private
 
-      def append_private_parts(the_hash)
-        the_hash.merge(
-          d: encode_open_ssl_bn(keypair.d),
-          p: encode_open_ssl_bn(keypair.p),
-          q: encode_open_ssl_bn(keypair.q),
-          dp: encode_open_ssl_bn(keypair.dmp1),
-          dq: encode_open_ssl_bn(keypair.dmq1),
-          qi: encode_open_ssl_bn(keypair.iqmp)
-        )
+      def rsa_key
+        @rsa_key ||= self.class.create_rsa_key(jwk_attributes(*(RSA_KEY_ELEMENTS - [:kty])))
+      end
+
+      def extract_key_params(key)
+        case key
+        when JWT::JWK::RSA
+          key.export(include_private: true)
+        when OpenSSL::PKey::RSA # Accept OpenSSL key as input
+          @rsa_key = key # Preserve the object to avoid recreation
+          parse_rsa_key(key)
+        when Hash
+          key.transform_keys(&:to_sym)
+        else
+          raise ArgumentError, 'key must be of type OpenSSL::PKey::RSA or Hash with key parameters'
+        end
+      end
+
+      def check_jwk_params!(key_params, params)
+        raise ArgumentError, 'cannot overwrite cryptographic key attributes' unless (RSA_KEY_ELEMENTS & params.keys).empty?
+        raise JWT::JWKError, "Incorrect 'kty' value: #{key_params[:kty]}, expected #{KTY}" unless key_params[:kty] == KTY
+        raise JWT::JWKError, 'Key format is invalid for RSA' unless key_params[:n] && key_params[:e]
+      end
+
+      def parse_rsa_key(key)
+        {
+          kty: KTY,
+          n: encode_open_ssl_bn(key.n),
+          e: encode_open_ssl_bn(key.e),
+          d: encode_open_ssl_bn(key.d),
+          p: encode_open_ssl_bn(key.p),
+          q: encode_open_ssl_bn(key.q),
+          dp: encode_open_ssl_bn(key.dmp1),
+          dq: encode_open_ssl_bn(key.dmq1),
+          qi: encode_open_ssl_bn(key.iqmp)
+        }.compact
+      end
+
+      def jwk_attributes(*attributes)
+        attributes.each_with_object({}) do |attribute, hash|
+          hash[attribute] = decode_open_ssl_bn(self[attribute])
+        end
       end
 
       def encode_open_ssl_bn(key_part)
+        return unless key_part
+
         ::JWT::Base64.url_encode(key_part.to_s(BINARY))
       end
 
+      def decode_open_ssl_bn(jwk_data)
+        self.class.decode_open_ssl_bn(jwk_data)
+      end
+
       class << self
         def import(jwk_data)
-          pkey_params = jwk_attributes(jwk_data, *RSA_KEY_ELEMENTS) do |value|
-            decode_open_ssl_bn(value)
-          end
-          new(rsa_pkey(pkey_params), kid: jwk_attributes(jwk_data, :kid)[:kid])
+          new(jwk_data)
         end
 
-        private
+        def decode_open_ssl_bn(jwk_data)
+          return nil unless jwk_data
 
-        def jwk_attributes(jwk_data, *attributes)
-          attributes.each_with_object({}) do |attribute, hash|
-            value = jwk_data[attribute] || jwk_data[attribute.to_s]
-            value = yield(value) if block_given?
-            hash[attribute] = value
-          end
+          OpenSSL::BN.new(::JWT::Base64.url_decode(jwk_data), BINARY)
         end
 
-        def rsa_pkey(rsa_parameters)
-          raise JWT::JWKError, 'Key format is invalid for RSA' unless rsa_parameters[:n] && rsa_parameters[:e]
+        def create_rsa_key_using_der(rsa_parameters)
+          validate_rsa_parameters!(rsa_parameters)
 
-          create_rsa_key(rsa_parameters)
-        end
-
-        if ::JWT.openssl_3?
-          ASN1_SEQUENCE = %i[n e d p q dp dq qi].freeze
-          def create_rsa_key(rsa_parameters)
-            sequence = ASN1_SEQUENCE.each_with_object([]) do |key, arr|
-              next if rsa_parameters[key].nil?
+          sequence = RSA_ASN1_SEQUENCE.each_with_object([]) do |key, arr|
+            next if rsa_parameters[key].nil?
 
-              arr << OpenSSL::ASN1::Integer.new(rsa_parameters[key])
-            end
+            arr << OpenSSL::ASN1::Integer.new(rsa_parameters[key])
+          end
 
-            if sequence.size > 2 # For a private key
-              sequence.unshift(OpenSSL::ASN1::Integer.new(0))
-            end
+          if sequence.size > 2 # Append "two-prime" version for private key
+            sequence.unshift(OpenSSL::ASN1::Integer.new(0))
 
-            OpenSSL::PKey::RSA.new(OpenSSL::ASN1::Sequence(sequence).to_der)
+            raise JWT::JWKError, 'Creating a RSA key with a private key requires the CRT parameters to be defined' if sequence.size < RSA_ASN1_SEQUENCE.size
           end
-        elsif OpenSSL::PKey::RSA.new.respond_to?(:set_key)
-          def create_rsa_key(rsa_parameters)
-            OpenSSL::PKey::RSA.new.tap do |rsa_key|
-              rsa_key.set_key(rsa_parameters[:n], rsa_parameters[:e], rsa_parameters[:d])
-              rsa_key.set_factors(rsa_parameters[:p], rsa_parameters[:q]) if rsa_parameters[:p] && rsa_parameters[:q]
-              rsa_key.set_crt_params(rsa_parameters[:dp], rsa_parameters[:dq], rsa_parameters[:qi]) if rsa_parameters[:dp] && rsa_parameters[:dq] && rsa_parameters[:qi]
-            end
+
+          OpenSSL::PKey::RSA.new(OpenSSL::ASN1::Sequence(sequence).to_der)
+        end
+
+        def create_rsa_key_using_sets(rsa_parameters)
+          validate_rsa_parameters!(rsa_parameters)
+
+          OpenSSL::PKey::RSA.new.tap do |rsa_key|
+            rsa_key.set_key(rsa_parameters[:n], rsa_parameters[:e], rsa_parameters[:d])
+            rsa_key.set_factors(rsa_parameters[:p], rsa_parameters[:q]) if rsa_parameters[:p] && rsa_parameters[:q]
+            rsa_key.set_crt_params(rsa_parameters[:dp], rsa_parameters[:dq], rsa_parameters[:qi]) if rsa_parameters[:dp] && rsa_parameters[:dq] && rsa_parameters[:qi]
           end
-        else
-          def create_rsa_key(rsa_parameters) # rubocop:disable Metrics/AbcSize
-            OpenSSL::PKey::RSA.new.tap do |rsa_key|
-              rsa_key.n = rsa_parameters[:n]
-              rsa_key.e = rsa_parameters[:e]
-              rsa_key.d = rsa_parameters[:d] if rsa_parameters[:d]
-              rsa_key.p = rsa_parameters[:p] if rsa_parameters[:p]
-              rsa_key.q = rsa_parameters[:q] if rsa_parameters[:q]
-              rsa_key.dmp1 = rsa_parameters[:dp] if rsa_parameters[:dp]
-              rsa_key.dmq1 = rsa_parameters[:dq] if rsa_parameters[:dq]
-              rsa_key.iqmp = rsa_parameters[:qi] if rsa_parameters[:qi]
-            end
+        end
+
+        def create_rsa_key_using_accessors(rsa_parameters) # rubocop:disable Metrics/AbcSize
+          validate_rsa_parameters!(rsa_parameters)
+
+          OpenSSL::PKey::RSA.new.tap do |rsa_key|
+            rsa_key.n = rsa_parameters[:n]
+            rsa_key.e = rsa_parameters[:e]
+            rsa_key.d = rsa_parameters[:d] if rsa_parameters[:d]
+            rsa_key.p = rsa_parameters[:p] if rsa_parameters[:p]
+            rsa_key.q = rsa_parameters[:q] if rsa_parameters[:q]
+            rsa_key.dmp1 = rsa_parameters[:dp] if rsa_parameters[:dp]
+            rsa_key.dmq1 = rsa_parameters[:dq] if rsa_parameters[:dq]
+            rsa_key.iqmp = rsa_parameters[:qi] if rsa_parameters[:qi]
           end
         end
 
-        def decode_open_ssl_bn(jwk_data)
-          return nil unless jwk_data
+        def validate_rsa_parameters!(rsa_parameters)
+          return unless rsa_parameters.key?(:d)
 
-          OpenSSL::BN.new(::JWT::Base64.url_decode(jwk_data), BINARY)
+          parameters = RSA_OPT_PARAMS - rsa_parameters.keys
+          return if parameters.empty? || parameters.size == RSA_OPT_PARAMS.size
+
+          raise JWT::JWKError, 'When one of p, q, dp, dq or qi is given all the other optimization parameters also needs to be defined' # https://www.rfc-editor.org/rfc/rfc7518.html#section-6.3.2
+        end
+
+        if ::JWT.openssl_3?
+          alias create_rsa_key create_rsa_key_using_der
+        elsif OpenSSL::PKey::RSA.new.respond_to?(:set_key)
+          alias create_rsa_key create_rsa_key_using_sets
+        else
+          alias create_rsa_key create_rsa_key_using_accessors
         end
       end
     end