RubyGems - paseto - Versions diffs - 0.3.0 → 0.3.1 - Mend

paseto 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a421280a88036f2a55dd025ad6ac1c5f2d4650a1b3224e49aa8aace62c2c9bd0
-  data.tar.gz: eb70251af2fab9ec23bab85b462be6c492be09c95b22a0a673041d8f58fb2cef
+  metadata.gz: '097f41395926bd3e366dc693db7b1d488128bcdad615776bf14263ea79d2814a'
+  data.tar.gz: 0ddabba5cd16bfac6dce3ac474af223d336564280b94f5647fc25f27b1a32c5d
 SHA512:
-  metadata.gz: 55eb37eb857dd3643e15bf5934d6369b642da672098476404d993b329a43199e4df9e701d34eaeebc17b6b2825e283fa7ce0af5620993edd7954e1aaa26dedef
-  data.tar.gz: 40a37f1d9575b306f4a8a72146ac7f7324a85b02c6d8d5adc58089271455bf119b2c1a0c979a75977c0596819c50a4e9fbd4a17c4d6047a364dc17566e917d7a
+  metadata.gz: 9876adbdd0432b13825a357f9f3a1226048461b68dd3b9f8b71e43821dfd9114050ec131b5481ae4d6afb9410396a427d8f56d195f64b7825fb218abf74f1ea1
+  data.tar.gz: 363c81182b427a2d352ca09abf43aa0089c6bf90033ecb3dcbabccebfccdd8cf984e5531eb1ff9143db45035a83fd7f0d26163593dc0c1a86d1a5b406dd22dbd

data/README.md CHANGED

@@ -8,8 +8,8 @@ Ruby implementation of [Paseto](https://github.com/paragonie/paseto) using [libs
 ## Installation
-To use Paseto, you will need to install [libsodium][] (at least version `1.0.12` is
-required). See [Installing libsodium][] for installation instructions.
+To use Paseto, you will need to install [libsodium] (at least version `1.0.12` is
+required). See [Installing libsodium] for installation instructions.
 Add this line to your application's Gemfile:

data/lib/paseto.rb CHANGED

@@ -8,27 +8,21 @@ require 'paseto/public'
 require 'paseto/local'
 module Paseto
+  EMPTY_FOOTER = ''.freeze
+  # An Array#pack format to pack an unsigned little-endian 64-bit integer
+  UNSIGNED_LITTLE_64 = 'Q<'.freeze
   # https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition
   def self.encode_length(n)
-    str = []
-    (0..7).each do |i|
-      # Clear the MSB for interoperability
-      n &= 127 if (i === 7)
-      str << (n & 255)
-      n = n >> 8
-    end
-    str.pack('Q')
+    [n].pack(UNSIGNED_LITTLE_64)
   end
   # https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition
   def self.pre_auth_encode(*pieces)
-    compacted_pieces = pieces.compact
+    initial_output = encode_length(pieces.length)
-    initial_output = encode_length(compacted_pieces.length)
-    compacted_pieces.reduce(initial_output) do |output, piece|
+    pieces.reduce(initial_output) do |output, piece|
       output += encode_length(piece.length)
       output += piece
     end

data/lib/paseto/local.rb CHANGED

@@ -24,7 +24,7 @@ module Paseto
           Paseto.encode64(@key)
         end
-        def encrypt(message, footer = nil)
+        def encrypt(message, footer = EMPTY_FOOTER)
           # Make a nonce: A single-use value never repeated under the same key
           nonce = generate_nonce(message)
@@ -36,6 +36,8 @@ module Paseto
         def decrypt(token, footer = nil)
           footer ||= token.footer if token.is_a? Paseto::Token
+          footer ||= EMPTY_FOOTER
           parsed = Paseto.verify_token(token, HEADER, footer)
           nonce = parsed.payload[0, NONCE_BYTES]
@@ -72,7 +74,7 @@ module Paseto
         end
       end
-      def self.encrypt(message, key, footer = nil)
+      def self.encrypt(message, key, footer = EMPTY_FOOTER)
         key.encrypt(message, footer)
       end

data/lib/paseto/public.rb CHANGED

@@ -28,7 +28,7 @@ module Paseto
           @nacl = RbNaCl::SigningKey.new(key)
         end
-        def sign(message, footer = nil)
+        def sign(message, footer = EMPTY_FOOTER)
           data = encode_message(message, footer)
           # Sign a message with the signing key
           signature = @nacl.sign(data)
@@ -67,6 +67,8 @@ module Paseto
         def verify(token, footer = nil)
           footer ||= token.footer if token.is_a? Paseto::Token
+          footer ||= EMPTY_FOOTER
           parsed = Paseto.verify_token(token, HEADER, footer)
           decoded_message = parsed.payload[0..-(SIGNATURE_BYTES + 1)]
@@ -84,7 +86,7 @@ module Paseto
         end
       end
-      def self.sign(message, key, footer = nil)
+      def self.sign(message, key, footer = EMPTY_FOOTER)
         key.sign(message, footer)
       end

data/lib/paseto/token.rb CHANGED

@@ -6,7 +6,7 @@ module Paseto
         Paseto.encode64(payload)
       ]
-      message << Paseto.encode64(footer) if footer
+      message << Paseto.encode64(footer) if footer && footer != EMPTY_FOOTER
       message.join('.')
     end
@@ -29,7 +29,7 @@ module Paseto
     version, purpose, payload, footer = raw.split('.')
     header = "#{version}.#{purpose}"
-    footer = Paseto.decode64(footer) unless footer.nil?
+    footer = footer.nil? ? EMPTY_FOOTER : Paseto.decode64(footer)
     payload = Paseto.decode64(payload) unless payload.nil?
     Token.new(header, payload, footer)

data/lib/paseto/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Paseto
-  VERSION = "0.3.0"
+  VERSION = "0.3.1"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: paseto
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Michael Guymon
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-12-04 00:00:00.000000000 Z
+date: 2019-02-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rbnacl