linzer 0.3.2 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8d894c6969ed3ed090305c6232eba9b9c277893ade58afc49df8f34adebfe8f2
4
- data.tar.gz: a33efff10c8805011949f49e26a8777a7b1c4bf592ba4b5974de3c753cb4ed02
3
+ metadata.gz: e05d05474d794c882d28a6fb83949147497218f141ae1e40e6c07e750407b421
4
+ data.tar.gz: 58b26e247acd0ca13e9029ace69ebb7459f1639b7908733e07ac88566ac255d1
5
5
  SHA512:
6
- metadata.gz: 199983c83faa155354b4f9d0ee433fcf67ec5c2aac02deaf8be2be6ab3db612e68b062f43885f643643bbcbb5a150c2dc81021bc5de5ffbc1f99d32b05254bf9
7
- data.tar.gz: a8e0299826535468912457200eb479a115b395b6f20966f7584e3f257a05be01fb27f49f5dfd822baed973efd5b20ae824000faf2b427a19266ac28eb936c97c
6
+ metadata.gz: 3af97f2888d5c4bd40900c490945590077604b93c954819c9308d2ab8fe767c491a08d2cbe5054aaced580a4da568a1d1cf11f82048048532feb5150dd59dfea
7
+ data.tar.gz: b4a47fd541623baef9582cc0b361975b504cc7824fd926f47f56f7f692f6a6d8dec0d8e4afdb5e64967d6e1d7a2107656165b95f383af5e902bddd26f0efe387
data/CHANGELOG.md CHANGED
@@ -1,5 +1,14 @@
1
1
  ## [Unreleased]
2
2
 
3
+ ## [0.4.1] - 2024-03-25
4
+
5
+ - Fix one-off error on ECDSA P-256 and P-384 curve signature generation.
6
+ In some cases, an invalid signature of 63 or 95 bytes could be generated.
7
+
8
+ ## [0.4.0] - 2024-03-16
9
+
10
+ - Add support for capitalized HTTP header names.
11
+
3
12
  ## [0.3.2] - 2024-03-16
4
13
 
5
14
  - Force signature component name strings to be encoded as ASCII.
data/lib/linzer/ecdsa.rb CHANGED
@@ -25,12 +25,12 @@ module Linzer
25
25
  case digest
26
26
  when "SHA256"
27
27
  raise Linzer::Error.new(msg) if sig.length != 64
28
- r_bn = OpenSSL::BN.new(sig[0..31].unpack1("H*").to_i(16))
29
- s_bn = OpenSSL::BN.new(sig[32..63].unpack1("H*").to_i(16))
28
+ r_bn = OpenSSL::BN.new(sig[0..31].unpack1("H64").to_i(16))
29
+ s_bn = OpenSSL::BN.new(sig[32..63].unpack1("H64").to_i(16))
30
30
  when "SHA384"
31
31
  raise Linzer::Error.new(msg) if sig.length != 96
32
- r_bn = OpenSSL::BN.new(sig[0..47].unpack1("H*").to_i(16))
33
- s_bn = OpenSSL::BN.new(sig[48..95].unpack1("H*").to_i(16))
32
+ r_bn = OpenSSL::BN.new(sig[0..47].unpack1("H96").to_i(16))
33
+ s_bn = OpenSSL::BN.new(sig[48..95].unpack1("H96").to_i(16))
34
34
  else
35
35
  msg = "Cannot verify signature, unsupported digest algorithm: '%s'" % digest
36
36
  raise Linzer::Error.new(msg)
@@ -44,13 +44,21 @@ module Linzer
44
44
  end
45
45
 
46
46
  def decode_der_signature(der_sig)
47
+ digest = @params[:digest]
48
+ msg = "Unsupported digest algorithm: '%s'" % digest
47
49
  OpenSSL::ASN1
48
50
  .decode(der_sig)
49
51
  .value
50
- .map { |n| n.value.to_s(16) }
51
- .map { |s| [s].pack("H*") }
52
+ .map do |n|
53
+ case digest
54
+ when "SHA256" then "%.64x" % n.value
55
+ when "SHA384" then "%.96x" % n.value
56
+ else raise Linzer::Error.new(msg)
57
+ end
58
+ end
59
+ .map { |s| [s].pack("H#{s.length}") }
52
60
  .reduce(:<<)
53
- .force_encoding(Encoding::ASCII_8BIT)
61
+ .encode(Encoding::ASCII_8BIT)
54
62
  end
55
63
  end
56
64
  end
@@ -3,8 +3,10 @@
3
3
  module Linzer
4
4
  class Message
5
5
  def initialize(request_data)
6
- @headers = Hash(request_data[:headers].clone).freeze
7
6
  @http = Hash(request_data[:http].clone).freeze
7
+ @headers = Hash(request_data.fetch(:headers, {})
8
+ .transform_keys(&:downcase)
9
+ .clone).freeze
8
10
  freeze
9
11
  end
10
12
 
@@ -27,6 +27,8 @@ module Linzer
27
27
  private :new
28
28
 
29
29
  def build(headers, options = {})
30
+ basic_validate headers
31
+ headers.transform_keys!(&:downcase)
30
32
  validate headers
31
33
 
32
34
  input = parse_field(headers, "signature-input")
@@ -51,9 +53,12 @@ module Linzer
51
53
 
52
54
  private
53
55
 
54
- def validate(headers)
56
+ def basic_validate(headers)
55
57
  raise Error.new "Cannot build signature: Request headers cannot be null" if headers.nil?
56
58
  raise Error.new "Cannot build signature: No request headers found" if headers.empty?
59
+ end
60
+
61
+ def validate(headers)
57
62
  raise Error.new "Cannot build signature: No \"signature-input\" header found" unless headers.key?("signature-input")
58
63
  raise Error.new "Cannot build signature: No \"signature\" header found" unless headers.key?("signature")
59
64
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Linzer
4
- VERSION = "0.3.2"
4
+ VERSION = "0.4.1"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: linzer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Miguel Landaeta
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-03-16 00:00:00.000000000 Z
11
+ date: 2024-03-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ed25519