jwt 2.9.3 → 3.1.2

data/lib/jwt/jwa/none.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWA
+    # Implementation of the none algorithm
     class None
       include JWT::JWA::SigningAlgorithm
 

data/lib/jwt/jwa/ps.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWA
+    # Implementation of the RSASSA-PSS family of algorithms
     class Ps
       include JWT::JWA::SigningAlgorithm
 
@@ -11,9 +12,8 @@ module JWT
       end
 
       def sign(data:, signing_key:)
-        unless signing_key.is_a?(::OpenSSL::PKey::RSA)
-          raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::RSA instance.")
-        end
+        raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::RSA instance.") unless signing_key.is_a?(::OpenSSL::PKey::RSA)
+        raise_sign_error!('The key length must be greater than or equal to 2048 bits') if signing_key.n.num_bits < 2048
 
         signing_key.sign_pss(digest_algorithm, data, salt_length: :digest, mgf1_hash: digest_algorithm)
       end

data/lib/jwt/jwa/rsa.rb

@@ -2,24 +2,24 @@
 
 module JWT
   module JWA
+    # Implementation of the RSA family of algorithms
     class Rsa
       include JWT::JWA::SigningAlgorithm
 
       def initialize(alg)
         @alg = alg
-        @digest = OpenSSL::Digest.new(alg.sub('RS', 'SHA'))
+        @digest = alg.sub('RS', 'SHA')
       end
 
       def sign(data:, signing_key:)
-        unless signing_key.is_a?(OpenSSL::PKey::RSA)
-          raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::RSA instance")
-        end
+        raise_sign_error!("The given key is a #{signing_key.class}. It has to be an OpenSSL::PKey::RSA instance") unless signing_key.is_a?(OpenSSL::PKey::RSA)
+        raise_sign_error!('The key length must be greater than or equal to 2048 bits') if signing_key.n.num_bits < 2048
 
-        signing_key.sign(digest, data)
+        signing_key.sign(OpenSSL::Digest.new(digest), data)
       end
 
       def verify(data:, signature:, verification_key:)
-        verification_key.verify(digest, signature, data)
+        verification_key.verify(OpenSSL::Digest.new(digest), signature, data)
       rescue OpenSSL::PKey::PKeyError
         raise JWT::VerificationError, 'Signature verification raised'
       end

data/lib/jwt/jwa/signing_algorithm.rb

@@ -1,8 +1,11 @@
 # frozen_string_literal: true
 
 module JWT
+  # JSON Web Algorithms
   module JWA
+    # Base functionality for signing algorithms
     module SigningAlgorithm
+      # Class methods for the SigningAlgorithm module
       module ClassMethods
         def register_algorithm(algo)
           ::JWT::JWA.register_algorithm(algo)
@@ -11,7 +14,6 @@ module JWT
 
       def self.included(klass)
         klass.extend(ClassMethods)
-        klass.include(JWT::JWA::Compat)
       end
 
       attr_reader :alg

data/lib/jwt/jwa/unsupported.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWA
+    # Represents an unsupported algorithm
     module Unsupported
       class << self
         include JWT::JWA::SigningAlgorithm

data/lib/jwt/jwa.rb

@@ -2,13 +2,6 @@
 
 require 'openssl'
 
-begin
-  require 'rbnacl'
-rescue LoadError
-  raise if defined?(RbNaCl)
-end
-
-require_relative 'jwa/compat'
 require_relative 'jwa/signing_algorithm'
 require_relative 'jwa/ecdsa'
 require_relative 'jwa/hmac'
@@ -16,34 +9,94 @@ require_relative 'jwa/none'
 require_relative 'jwa/ps'
 require_relative 'jwa/rsa'
 require_relative 'jwa/unsupported'
-require_relative 'jwa/wrapper'
-
-if JWT.rbnacl?
-  require_relative 'jwa/eddsa'
-end
-
-if JWT.rbnacl_6_or_greater?
-  require_relative 'jwa/hmac_rbnacl'
-elsif JWT.rbnacl?
-  require_relative 'jwa/hmac_rbnacl_fixed'
-end
 
 module JWT
+  # The JWA module contains all supported algorithms.
   module JWA
+    # @api private
+    class VerifierContext
+      attr_reader :jwa
+
+      def initialize(jwa:, keys:)
+        @jwa = jwa
+        @keys = Array(keys)
+      end
+
+      def verify(*args, **kwargs)
+        @keys.any? do |key|
+          @jwa.verify(*args, **kwargs, verification_key: key)
+        end
+      end
+    end
+
+    # @api private
+    class SignerContext
+      attr_reader :jwa
+
+      def initialize(jwa:, key:)
+        @jwa = jwa
+        @key = key
+      end
+
+      def sign(*args, **kwargs)
+        @jwa.sign(*args, **kwargs, signing_key: @key)
+      end
+    end
+
     class << self
+      # @api private
       def resolve(algorithm)
         return find(algorithm) if algorithm.is_a?(String) || algorithm.is_a?(Symbol)
 
-        unless algorithm.is_a?(SigningAlgorithm)
-          Deprecations.warning('Custom algorithms are required to include JWT::JWA::SigningAlgorithm. Custom algorithms that do not include this module may stop working in the next major version of ruby-jwt.')
-          return Wrapper.new(algorithm)
-        end
+        raise ArgumentError, 'Algorithm must be provided' if algorithm.nil?
+
+        raise ArgumentError, 'Custom algorithms are required to include JWT::JWA::SigningAlgorithm' unless algorithm.is_a?(SigningAlgorithm)
 
         algorithm
       end
 
-      def create(algorithm)
-        resolve(algorithm)
+      # @api private
+      def resolve_and_sort(algorithms:, preferred_algorithm:)
+        Array(algorithms).map { |alg| JWA.resolve(alg) }
+                         .partition { |alg| alg.valid_alg?(preferred_algorithm) }
+                         .flatten
+      end
+
+      # @api private
+      def create_signer(algorithm:, key:)
+        if key.is_a?(JWK::KeyBase)
+          validate_jwk_algorithms!(key, algorithm, DecodeError)
+
+          return key
+        end
+
+        SignerContext.new(jwa: resolve(algorithm), key: key)
+      end
+
+      # @api private
+      def create_verifiers(algorithms:, keys:, preferred_algorithm:)
+        jwks, other_keys = keys.partition { |key| key.is_a?(JWK::KeyBase) }
+
+        validate_jwk_algorithms!(jwks, algorithms, VerificationError)
+
+        jwks + resolve_and_sort(algorithms: algorithms,
+                                preferred_algorithm: preferred_algorithm)
+               .map { |jwa| VerifierContext.new(jwa: jwa, keys: other_keys) }
+      end
+
+      # @api private
+      def validate_jwk_algorithms!(jwks, algorithms, error_class)
+        algorithms = Array(algorithms)
+
+        return if algorithms.empty?
+
+        return if Array(jwks).all? do |jwk|
+          algorithms.any? do |alg|
+            jwk.jwa.valid_alg?(alg)
+          end
+        end
+
+        raise error_class, "Provided JWKs do not support one of the specified algorithms: #{algorithms.join(', ')}"
       end
     end
   end

data/lib/jwt/jwk/ec.rb

@@ -4,6 +4,7 @@ require 'forwardable'
 
 module JWT
   module JWK
+    # JWK representation for Elliptic Curve (EC) keys
     class EC < KeyBase # rubocop:disable Metrics/ClassLength
       KTY    = 'EC'
       KTYS   = [KTY, OpenSSL::PKey::EC, JWT::JWK::EC].freeze
@@ -65,11 +66,16 @@ module JWT
       end
 
       def []=(key, value)
-        if EC_KEY_ELEMENTS.include?(key.to_sym)
-          raise ArgumentError, 'cannot overwrite cryptographic key attributes'
-        end
+        raise ArgumentError, 'cannot overwrite cryptographic key attributes' if EC_KEY_ELEMENTS.include?(key.to_sym)
+
+        super
+      end
+
+      def jwa
+        return super if self[:alg]
 
-        super(key, value)
+        curve_name = self.class.to_openssl_curve(self[:crv])
+        JWA.resolve(JWA::Ecdsa.curve_by_name(curve_name)[:algorithm])
       end
 
       private
@@ -125,10 +131,6 @@ module JWT
         ::JWT::Base64.url_encode(octets)
       end
 
-      def encode_open_ssl_bn(key_part)
-        ::JWT::Base64.url_encode(key_part.to_s(BINARY))
-      end
-
       def parse_ec_key(key)
         crv, x_octets, y_octets = keypair_components(key)
         octets = key.private_key&.to_bn&.to_s(BINARY)
@@ -141,67 +143,54 @@ module JWT
         }.compact
       end
 
-      if ::JWT.openssl_3?
-        def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d) # rubocop:disable Metrics/MethodLength
-          curve = EC.to_openssl_curve(jwk_crv)
-          x_octets = decode_octets(jwk_x)
-          y_octets = decode_octets(jwk_y)
-
-          point = OpenSSL::PKey::EC::Point.new(
-            OpenSSL::PKey::EC::Group.new(curve),
-            OpenSSL::BN.new([0x04, x_octets, y_octets].pack('Ca*a*'), 2)
-          )
-
-          sequence = if jwk_d
-                       # https://datatracker.ietf.org/doc/html/rfc5915.html
-                       # ECPrivateKey ::= SEQUENCE {
-                       #   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
-                       #   privateKey     OCTET STRING,
-                       #   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
-                       #   publicKey  [1] BIT STRING OPTIONAL
-                       # }
-
-                       OpenSSL::ASN1::Sequence([
-                                                 OpenSSL::ASN1::Integer(1),
-                                                 OpenSSL::ASN1::OctetString(OpenSSL::BN.new(decode_octets(jwk_d), 2).to_s(2)),
-                                                 OpenSSL::ASN1::ObjectId(curve, 0, :EXPLICIT),
-                                                 OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed), 1, :EXPLICIT)
-                                               ])
-                     else
-                       OpenSSL::ASN1::Sequence([
-                                                 OpenSSL::ASN1::Sequence([OpenSSL::ASN1::ObjectId('id-ecPublicKey'), OpenSSL::ASN1::ObjectId(curve)]),
-                                                 OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
-                                               ])
-                     end
+      def create_point(jwk_crv, jwk_x, jwk_y)
+        curve = EC.to_openssl_curve(jwk_crv)
+        x_octets = decode_octets(jwk_x)
+        y_octets = decode_octets(jwk_y)
 
+        # The details of the `Point` instantiation are covered in:
+        # - https://docs.ruby-lang.org/en/2.4.0/OpenSSL/PKey/EC.html
+        # - https://www.openssl.org/docs/manmaster/man3/EC_POINT_new.html
+        # - https://tools.ietf.org/html/rfc5480#section-2.2
+        # - https://www.secg.org/SEC1-Ver-1.0.pdf
+        # Section 2.3.3 of the last of these references specifies that the
+        # encoding of an uncompressed point consists of the byte `0x04` followed
+        # by the x value then the y value.
+        OpenSSL::PKey::EC::Point.new(
+          OpenSSL::PKey::EC::Group.new(curve),
+          OpenSSL::BN.new([0x04, x_octets, y_octets].pack('Ca*a*'), 2)
+        )
+      end
+
+      if ::JWT.openssl_3?
+        def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d)
+          point = create_point(jwk_crv, jwk_x, jwk_y)
+
+          return ::JWT::JWA::Ecdsa.create_public_key_from_point(point) unless jwk_d
+
+          # https://datatracker.ietf.org/doc/html/rfc5915.html
+          # ECPrivateKey ::= SEQUENCE {
+          #   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+          #   privateKey     OCTET STRING,
+          #   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+          #   publicKey  [1] BIT STRING OPTIONAL
+          # }
+
+          sequence = OpenSSL::ASN1::Sequence([
+                                               OpenSSL::ASN1::Integer(1),
+                                               OpenSSL::ASN1::OctetString(OpenSSL::BN.new(decode_octets(jwk_d), 2).to_s(2)),
+                                               OpenSSL::ASN1::ObjectId(point.group.curve_name, 0, :EXPLICIT),
+                                               OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed), 1, :EXPLICIT)
+                                             ])
           OpenSSL::PKey::EC.new(sequence.to_der)
         end
       else
         def create_ec_key(jwk_crv, jwk_x, jwk_y, jwk_d)
-          curve = EC.to_openssl_curve(jwk_crv)
-
-          x_octets = decode_octets(jwk_x)
-          y_octets = decode_octets(jwk_y)
-
-          key = OpenSSL::PKey::EC.new(curve)
-
-          # The details of the `Point` instantiation are covered in:
-          # - https://docs.ruby-lang.org/en/2.4.0/OpenSSL/PKey/EC.html
-          # - https://www.openssl.org/docs/manmaster/man3/EC_POINT_new.html
-          # - https://tools.ietf.org/html/rfc5480#section-2.2
-          # - https://www.secg.org/SEC1-Ver-1.0.pdf
-          # Section 2.3.3 of the last of these references specifies that the
-          # encoding of an uncompressed point consists of the byte `0x04` followed
-          # by the x value then the y value.
-          point = OpenSSL::PKey::EC::Point.new(
-            OpenSSL::PKey::EC::Group.new(curve),
-            OpenSSL::BN.new([0x04, x_octets, y_octets].pack('Ca*a*'), 2)
-          )
-
-          key.public_key = point
-          key.private_key = OpenSSL::BN.new(decode_octets(jwk_d), 2) if jwk_d
-
-          key
+          point = create_point(jwk_crv, jwk_x, jwk_y)
+
+          ::JWT::JWA::Ecdsa.create_public_key_from_point(point).tap do |key|
+            key.private_key = OpenSSL::BN.new(decode_octets(jwk_d), 2) if jwk_d
+          end
         end
       end
 
@@ -210,7 +199,7 @@ module JWT
         # Some base64 encoders on some platform omit a single 0-byte at
         # the start of either Y or X coordinate of the elliptic curve point.
         # This leads to an encoding error when data is passed to OpenSSL BN.
-        # It is know to have happend to exported JWKs on a Java application and
+        # It is know to have happened to exported JWKs on a Java application and
         # on a Flutter/Dart application (both iOS and Android). All that is
         # needed to fix the problem is adding a leading 0-byte. We know the
         # required byte is 0 because with any other byte the point is no longer

data/lib/jwt/jwk/hmac.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWK
+    # JWK for HMAC keys
     class HMAC < KeyBase
       KTY  = 'oct'
       KTYS = [KTY, String, JWT::JWK::HMAC].freeze
@@ -61,17 +62,15 @@ module JWT
       end
 
       def []=(key, value)
-        if HMAC_KEY_ELEMENTS.include?(key.to_sym)
-          raise ArgumentError, 'cannot overwrite cryptographic key attributes'
-        end
+        raise ArgumentError, 'cannot overwrite cryptographic key attributes' if HMAC_KEY_ELEMENTS.include?(key.to_sym)
 
-        super(key, value)
+        super
       end
 
       private
 
       def secret
-        self[:k]
+        @secret ||= ::JWT::Base64.url_decode(self[:k])
       end
 
       def extract_key_params(key)
@@ -79,7 +78,7 @@ module JWT
         when JWT::JWK::HMAC
           key.export(include_private: true)
         when String # Accept String key as input
-          { kty: KTY, k: key }
+          { kty: KTY, k: ::JWT::Base64.url_encode(key) }
         when Hash
           key.transform_keys(&:to_sym)
         else

data/lib/jwt/jwk/key_base.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWK
+    # Base for JWK implementations
     class KeyBase
       def self.inherited(klass)
         super
@@ -41,6 +42,14 @@ module JWT
         other.is_a?(::JWT::JWK::KeyBase) && self[:kid] == other[:kid]
       end
 
+      def verify(**kwargs)
+        jwa.verify(**kwargs, verification_key: verify_key)
+      end
+
+      def sign(**kwargs)
+        jwa.sign(**kwargs, signing_key: signing_key)
+      end
+
       alias eql? ==
 
       def <=>(other)
@@ -49,7 +58,13 @@ module JWT
         self[:kid] <=> other[:kid]
       end
 
-      private
+      def jwa
+        raise JWT::JWKError, 'Could not resolve the JWA, the "alg" parameter is missing' unless self[:alg]
+
+        JWA.resolve(self[:alg]).tap do |jwa|
+          raise JWT::JWKError, 'none algorithm usage not supported via JWK' if jwa.is_a?(JWA::None)
+        end
+      end
 
       attr_reader :parameters
     end

data/lib/jwt/jwk/key_finder.rb

@@ -2,7 +2,16 @@
 
 module JWT
   module JWK
+    # JSON Web Key keyfinder
+    # To find the key for a given kid
     class KeyFinder
+      # Initializes a new KeyFinder instance.
+      # @param [Hash] options the options to create a KeyFinder with
+      # @option options [Proc, JWT::JWK::Set] :jwks the jwks or a loader proc
+      # @option options [Boolean] :allow_nil_kid whether to allow nil kid
+      # @option options [Array] :key_fields the fields to use for key matching,
+      #                         the order of the fields are used to determine
+      #                         the priority of the keys.
       def initialize(options)
         @allow_nil_kid = options[:allow_nil_kid]
         jwks_or_loader = options[:jwks]
@@ -12,13 +21,16 @@ module JWT
                        else
                          ->(_options) { jwks_or_loader }
                        end
+
+        @key_fields = options[:key_fields] || %i[kid]
       end
 
-      def key_for(kid)
-        raise ::JWT::DecodeError, 'No key id (kid) found from token headers' unless kid || @allow_nil_kid
-        raise ::JWT::DecodeError, 'Invalid type for kid header parameter' unless kid.nil? || kid.is_a?(String)
+      # Returns the verification key for the given kid
+      # @param [String] kid the key id
+      def key_for(kid, key_field = :kid)
+        raise ::JWT::DecodeError, "Invalid type for #{key_field} header parameter" unless kid.nil? || kid.is_a?(String)
 
-        jwk = resolve_key(kid)
+        jwk = resolve_key(kid, key_field)
 
         raise ::JWT::DecodeError, 'No keys found in jwks' unless @jwks.any?
         raise ::JWT::DecodeError, "Could not find public key for kid #{kid}" unless jwk
@@ -26,19 +38,34 @@ module JWT
         jwk.verify_key
       end
 
+      # Returns the key for the given token
+      # @param [JWT::EncodedToken] token the token
+      def call(token)
+        @key_fields.each do |key_field|
+          field_value = token.header[key_field.to_s]
+
+          return key_for(field_value, key_field) if field_value
+        end
+
+        raise ::JWT::DecodeError, 'No key id (kid) or x5t found from token headers' unless @allow_nil_kid
+
+        kid = token.header['kid']
+        key_for(kid)
+      end
+
       private
 
-      def resolve_key(kid)
-        key_matcher = ->(key) { (kid.nil? && @allow_nil_kid) || key[:kid] == kid }
+      def resolve_key(kid, key_field)
+        key_matcher = ->(key) { (kid.nil? && @allow_nil_kid) || key[key_field] == kid }
 
         # First try without invalidation to facilitate application caching
-        @jwks ||= JWT::JWK::Set.new(@jwks_loader.call(kid: kid))
+        @jwks ||= JWT::JWK::Set.new(@jwks_loader.call(key_field => kid))
         jwk = @jwks.find { |key| key_matcher.call(key) }
 
         return jwk if jwk
 
         # Second try, invalidate for backwards compatibility
-        @jwks = JWT::JWK::Set.new(@jwks_loader.call(invalidate: true, kid_not_found: true, kid: kid))
+        @jwks = JWT::JWK::Set.new(@jwks_loader.call(invalidate: true, kid_not_found: true, key_field => kid))
         @jwks.find { |key| key_matcher.call(key) }
       end
     end

data/lib/jwt/jwk/kid_as_key_digest.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWK
+    # @api private
     class KidAsKeyDigest
       def initialize(jwk)
         @jwk = jwk

data/lib/jwt/jwk/rsa.rb

@@ -2,6 +2,7 @@
 
 module JWT
   module JWK
+    # JSON Web Key (JWK) representation of a RSA key
     class RSA < KeyBase # rubocop:disable Metrics/ClassLength
       BINARY = 2
       KTY    = 'RSA'
@@ -50,6 +51,7 @@ module JWT
       def export(options = {})
         exported = parameters.clone
         exported.reject! { |k, _| RSA_PRIVATE_KEY_ELEMENTS.include? k } unless private? && options[:include_private] == true
+
         exported
       end
 
@@ -64,11 +66,9 @@ module JWT
       end
 
       def []=(key, value)
-        if RSA_KEY_ELEMENTS.include?(key.to_sym)
-          raise ArgumentError, 'cannot overwrite cryptographic key attributes'
-        end
+        raise ArgumentError, 'cannot overwrite cryptographic key attributes' if RSA_KEY_ELEMENTS.include?(key.to_sym)
 
-        super(key, value)
+        super
       end
 
       private
@@ -166,6 +166,8 @@ module JWT
           end
         end
 
+        # :nocov:
+        # Before openssl 2.0, we need to use the accessors to set the key
         def create_rsa_key_using_accessors(rsa_parameters) # rubocop:disable Metrics/AbcSize
           validate_rsa_parameters!(rsa_parameters)
 
@@ -180,6 +182,7 @@ module JWT
             rsa_key.iqmp = rsa_parameters[:qi] if rsa_parameters[:qi]
           end
         end
+        # :nocov:
 
         def validate_rsa_parameters!(rsa_parameters)
           return unless rsa_parameters.key?(:d)

data/lib/jwt/jwk/set.rb

@@ -4,6 +4,8 @@ require 'forwardable'
 
 module JWT
   module JWK
+    # JSON Web Key Set (JWKS) representation
+    # https://tools.ietf.org/html/rfc7517
     class Set
       include Enumerable
       extend Forwardable

data/lib/jwt/jwk.rb

@@ -4,6 +4,7 @@ require_relative 'jwk/key_finder'
 require_relative 'jwk/set'
 
 module JWT
+  # JSON Web Key (JWK)
   module JWK
     class << self
       def create_from(key, params = nil, options = {})
@@ -52,4 +53,3 @@ require_relative 'jwk/key_base'
 require_relative 'jwk/ec'
 require_relative 'jwk/rsa'
 require_relative 'jwk/hmac'
-require_relative 'jwk/okp_rbnacl' if JWT.rbnacl?