openssl-signature_algorithm 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 973a01f83e137fb88da90dee332beee6e310b0b9e2e3e7a2b1e542483af0e6ef
4
- data.tar.gz: 93e691f2283a6d1acbd0448a647ba90f73171fc56a39a4fc05be88aca5be23f5
3
+ metadata.gz: 155970f6aff98c1b9f86fe354d17a70fc7b558b7c7805c1c7f6ae65e55a24d13
4
+ data.tar.gz: bd248c160731f6d98d5547c4cbe2895180a3b2fdec45ab74c7bd608f02e32949
5
5
  SHA512:
6
- metadata.gz: a91b04513d6ea59199bba52668fd76958ddea756012375db5b567dd67db86874c6ccb2aca08b7ad33480c33683266e417bb455ebeebc5f067de24fa648d3eb7b
7
- data.tar.gz: 26458502e1b9c12acf6b9652ce79b35572e28175a105f0fe0dc35eb87584039a47208417d079a5d3a2442e7407cc8b2943d7adbb6bb539bd29d9895063f04140
6
+ metadata.gz: 311d955094353e8198ce781dda61c6038c2e1b731c48f5de5f7741faeabe6d9e24464d4aa9dc1dd10b897a3beef28a6046501ee59ce771914c3a71add860ff56
7
+ data.tar.gz: c02b2031484f238b3069f16b3e0f88cd1ac980d67dfdd36fc3aed6cf6fcae8a8ee87bcc0b42da474360abef72e890e4d6acd86c4459e3b27d92a670332d15209
data/.gitignore CHANGED
@@ -9,3 +9,4 @@
9
9
 
10
10
  # rspec failure tracking
11
11
  .rspec_status
12
+ .byebug_history
@@ -1,5 +1,11 @@
1
1
  # Changelog
2
2
 
3
+ ## [v0.2.0] - 2020-01-29
4
+
5
+ ### Added
6
+
7
+ - `OpenSSL::SignatureAlgorithm::ECDSA#verify` now supports raw (non DER) signatures
8
+
3
9
  ## [v0.1.1] - 2020-01-29
4
10
 
5
11
  ### Fixed
@@ -14,5 +20,6 @@
14
20
  - `OpenSSL::SignatureAlgorithm::RSAPSS`
15
21
  - `OpenSSL::SignatureAlgorithm::RSAPKCS1`
16
22
 
23
+ [v0.2.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.1.1...v0.2.0/
17
24
  [v0.1.1]: https://github.com/cedarcode/openssl-signature_algorithm/compare/v0.1.0...v0.1.1/
18
25
  [v0.1.0]: https://github.com/cedarcode/openssl-signature_algorithm/compare/41887c277dc7fa0c884ccf8924cf990ff76784d9...v0.1.0/
data/Gemfile CHANGED
@@ -5,6 +5,7 @@ source "https://rubygems.org"
5
5
  # Specify your gem's dependencies in openssl-signature_algorithm.gemspec
6
6
  gemspec
7
7
 
8
+ gem "byebug", "~> 11.0"
8
9
  gem "rake", "~> 12.0"
9
10
  gem "rspec", "~> 3.0"
10
11
  gem "rubocop", "~> 0.79.0"
@@ -1,12 +1,13 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- openssl-signature_algorithm (0.1.1)
4
+ openssl-signature_algorithm (0.2.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
8
8
  specs:
9
9
  ast (2.4.0)
10
+ byebug (11.1.1)
10
11
  diff-lcs (1.3)
11
12
  jaro_winkler (1.5.4)
12
13
  parallel (1.19.1)
@@ -41,6 +42,7 @@ PLATFORMS
41
42
  ruby
42
43
 
43
44
  DEPENDENCIES
45
+ byebug (~> 11.0)
44
46
  openssl-signature_algorithm!
45
47
  rake (~> 12.0)
46
48
  rspec (~> 3.0)
@@ -22,7 +22,14 @@ module OpenSSL
22
22
  end
23
23
 
24
24
  def verify(signature, verification_data)
25
- verify_key.verify(hash_function, signature, verification_data) ||
25
+ formatted_signature =
26
+ if respond_to?(:formatted_signature, true)
27
+ formatted_signature(signature)
28
+ else
29
+ signature
30
+ end
31
+
32
+ verify_key.verify(hash_function, formatted_signature, verification_data) ||
26
33
  raise(OpenSSL::SignatureAlgorithm::Error, "Signature verification failed")
27
34
  end
28
35
  end
@@ -6,6 +6,8 @@ require "openssl/signature_algorithm/base"
6
6
  module OpenSSL
7
7
  module SignatureAlgorithm
8
8
  class ECDSA < Base
9
+ BYTE_LENGTH = 8
10
+
9
11
  class SigningKey < OpenSSL::PKey::EC
10
12
  def initialize(*args)
11
13
  super(*args).generate_key
@@ -39,6 +41,29 @@ module OpenSSL
39
41
  CURVE_BY_DIGEST_LENGTH[digest_length] ||
40
42
  raise(OpenSSL::SignatureAlgorithm::Error, "Unsupported digest length #{digest_length}")
41
43
  end
44
+
45
+ private
46
+
47
+ # Borrowed from jwt rubygem.
48
+ # https://github.com/jwt/ruby-jwt/blob/7a6a3f1dbaff806993156d1dff9c217bb2523ff8/lib/jwt/security_utils.rb#L34-L39
49
+ #
50
+ # Hopefully this will be provided by openssl rubygem in the future.
51
+ def formatted_signature(signature)
52
+ n = (verify_key_length.to_f / BYTE_LENGTH).ceil
53
+
54
+ if signature.size == n * 2
55
+ r = signature[0..(n - 1)]
56
+ s = signature[n..-1]
57
+
58
+ OpenSSL::ASN1::Sequence.new([r, s].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
59
+ else
60
+ signature
61
+ end
62
+ end
63
+
64
+ def verify_key_length
65
+ verify_key.group.degree
66
+ end
42
67
  end
43
68
  end
44
69
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module OpenSSL
4
4
  module SignatureAlgorithm
5
- VERSION = "0.1.1"
5
+ VERSION = "0.2.0"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openssl-signature_algorithm
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gonzalo