linzer 0.3.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/lib/linzer/message.rb +3 -1
- data/lib/linzer/signature.rb +8 -2
- data/lib/linzer/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 94cad96e720cc1235948c2a2ef20b1056f444b4a456364c8551cfda414c539fb
|
|
4
|
+
data.tar.gz: fbd2f500e2c64e010fa380ac525e2afeef1a1fc7de055655263138a1a6afab27
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f187e852f367e8d6428eb8cb61919693c67f0650a6b723e20211b1eabc47d0834c0b1facaaf89790e0d2e7335fe65752c09b0b136734e9d3214578b54fac794c
|
|
7
|
+
data.tar.gz: a5fa3a4eb24c9362918197d0828347095a354ed2151f3f08e6582d42854a0fd19460163b16523148823f82ada8a1aa95a4d467553490b909b39cba52a0ae9166
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,15 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [0.4.0] - 2024-03-16
|
|
4
|
+
|
|
5
|
+
- Add support for capitalized HTTP header names.
|
|
6
|
+
|
|
7
|
+
## [0.3.2] - 2024-03-16
|
|
8
|
+
|
|
9
|
+
- Force signature component name strings to be encoded as ASCII.
|
|
10
|
+
Otherwise in some scenarios, this could to signature verification errors
|
|
11
|
+
for valid signatures.
|
|
12
|
+
|
|
3
13
|
## [0.3.1] - 2024-03-02
|
|
4
14
|
|
|
5
15
|
- Fix incorrect signing and verifying for ECDSA P-256 and P-384 curves.
|
data/lib/linzer/message.rb
CHANGED
|
@@ -3,8 +3,10 @@
|
|
|
3
3
|
module Linzer
|
|
4
4
|
class Message
|
|
5
5
|
def initialize(request_data)
|
|
6
|
-
@headers = Hash(request_data[:headers].clone).freeze
|
|
7
6
|
@http = Hash(request_data[:http].clone).freeze
|
|
7
|
+
@headers = Hash(request_data.fetch(:headers, {})
|
|
8
|
+
.transform_keys(&:downcase)
|
|
9
|
+
.clone).freeze
|
|
8
10
|
freeze
|
|
9
11
|
end
|
|
10
12
|
|
data/lib/linzer/signature.rb
CHANGED
|
@@ -27,6 +27,8 @@ module Linzer
|
|
|
27
27
|
private :new
|
|
28
28
|
|
|
29
29
|
def build(headers, options = {})
|
|
30
|
+
basic_validate headers
|
|
31
|
+
headers.transform_keys!(&:downcase)
|
|
30
32
|
validate headers
|
|
31
33
|
|
|
32
34
|
input = parse_field(headers, "signature-input")
|
|
@@ -42,7 +44,8 @@ module Linzer
|
|
|
42
44
|
|
|
43
45
|
fail_due_invalid_components unless input[label].value.respond_to?(:each)
|
|
44
46
|
|
|
45
|
-
|
|
47
|
+
ascii = Encoding::US_ASCII
|
|
48
|
+
components = input[label].value.map { |c| c.value.encode(ascii) }
|
|
46
49
|
parameters = input[label].parameters
|
|
47
50
|
|
|
48
51
|
new(components, raw_signature, label, parameters)
|
|
@@ -50,9 +53,12 @@ module Linzer
|
|
|
50
53
|
|
|
51
54
|
private
|
|
52
55
|
|
|
53
|
-
def
|
|
56
|
+
def basic_validate(headers)
|
|
54
57
|
raise Error.new "Cannot build signature: Request headers cannot be null" if headers.nil?
|
|
55
58
|
raise Error.new "Cannot build signature: No request headers found" if headers.empty?
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def validate(headers)
|
|
56
62
|
raise Error.new "Cannot build signature: No \"signature-input\" header found" unless headers.key?("signature-input")
|
|
57
63
|
raise Error.new "Cannot build signature: No \"signature\" header found" unless headers.key?("signature")
|
|
58
64
|
end
|
data/lib/linzer/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: linzer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Miguel Landaeta
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-03-
|
|
11
|
+
date: 2024-03-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ed25519
|
|
@@ -94,7 +94,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
94
94
|
- !ruby/object:Gem::Version
|
|
95
95
|
version: '0'
|
|
96
96
|
requirements: []
|
|
97
|
-
rubygems_version: 3.4.
|
|
97
|
+
rubygems_version: 3.4.3
|
|
98
98
|
signing_key:
|
|
99
99
|
specification_version: 4
|
|
100
100
|
summary: An implementation of HTTP Messages Signatures (RFC9421)
|