linzer 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/linzer/ecdsa.rb +15 -7
- data/lib/linzer/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e05d05474d794c882d28a6fb83949147497218f141ae1e40e6c07e750407b421
|
4
|
+
data.tar.gz: 58b26e247acd0ca13e9029ace69ebb7459f1639b7908733e07ac88566ac255d1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3af97f2888d5c4bd40900c490945590077604b93c954819c9308d2ab8fe767c491a08d2cbe5054aaced580a4da568a1d1cf11f82048048532feb5150dd59dfea
|
7
|
+
data.tar.gz: b4a47fd541623baef9582cc0b361975b504cc7824fd926f47f56f7f692f6a6d8dec0d8e4afdb5e64967d6e1d7a2107656165b95f383af5e902bddd26f0efe387
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,10 @@
|
|
1
1
|
## [Unreleased]
|
2
2
|
|
3
|
+
## [0.4.1] - 2024-03-25
|
4
|
+
|
5
|
+
- Fix one-off error on ECDSA P-256 and P-384 curve signature generation.
|
6
|
+
In some cases, an invalid signature of 63 or 95 bytes could be generated.
|
7
|
+
|
3
8
|
## [0.4.0] - 2024-03-16
|
4
9
|
|
5
10
|
- Add support for capitalized HTTP header names.
|
data/lib/linzer/ecdsa.rb
CHANGED
@@ -25,12 +25,12 @@ module Linzer
|
|
25
25
|
case digest
|
26
26
|
when "SHA256"
|
27
27
|
raise Linzer::Error.new(msg) if sig.length != 64
|
28
|
-
r_bn = OpenSSL::BN.new(sig[0..31].unpack1("
|
29
|
-
s_bn = OpenSSL::BN.new(sig[32..63].unpack1("
|
28
|
+
r_bn = OpenSSL::BN.new(sig[0..31].unpack1("H64").to_i(16))
|
29
|
+
s_bn = OpenSSL::BN.new(sig[32..63].unpack1("H64").to_i(16))
|
30
30
|
when "SHA384"
|
31
31
|
raise Linzer::Error.new(msg) if sig.length != 96
|
32
|
-
r_bn = OpenSSL::BN.new(sig[0..47].unpack1("
|
33
|
-
s_bn = OpenSSL::BN.new(sig[48..95].unpack1("
|
32
|
+
r_bn = OpenSSL::BN.new(sig[0..47].unpack1("H96").to_i(16))
|
33
|
+
s_bn = OpenSSL::BN.new(sig[48..95].unpack1("H96").to_i(16))
|
34
34
|
else
|
35
35
|
msg = "Cannot verify signature, unsupported digest algorithm: '%s'" % digest
|
36
36
|
raise Linzer::Error.new(msg)
|
@@ -44,13 +44,21 @@ module Linzer
|
|
44
44
|
end
|
45
45
|
|
46
46
|
def decode_der_signature(der_sig)
|
47
|
+
digest = @params[:digest]
|
48
|
+
msg = "Unsupported digest algorithm: '%s'" % digest
|
47
49
|
OpenSSL::ASN1
|
48
50
|
.decode(der_sig)
|
49
51
|
.value
|
50
|
-
.map
|
51
|
-
|
52
|
+
.map do |n|
|
53
|
+
case digest
|
54
|
+
when "SHA256" then "%.64x" % n.value
|
55
|
+
when "SHA384" then "%.96x" % n.value
|
56
|
+
else raise Linzer::Error.new(msg)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
.map { |s| [s].pack("H#{s.length}") }
|
52
60
|
.reduce(:<<)
|
53
|
-
.
|
61
|
+
.encode(Encoding::ASCII_8BIT)
|
54
62
|
end
|
55
63
|
end
|
56
64
|
end
|
data/lib/linzer/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: linzer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Miguel Landaeta
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-03-
|
11
|
+
date: 2024-03-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ed25519
|