paseto 0.3.0 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/paseto.rb +7 -13
- data/lib/paseto/local.rb +4 -2
- data/lib/paseto/public.rb +4 -2
- data/lib/paseto/token.rb +2 -2
- data/lib/paseto/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '097f41395926bd3e366dc693db7b1d488128bcdad615776bf14263ea79d2814a'
|
|
4
|
+
data.tar.gz: 0ddabba5cd16bfac6dce3ac474af223d336564280b94f5647fc25f27b1a32c5d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9876adbdd0432b13825a357f9f3a1226048461b68dd3b9f8b71e43821dfd9114050ec131b5481ae4d6afb9410396a427d8f56d195f64b7825fb218abf74f1ea1
|
|
7
|
+
data.tar.gz: 363c81182b427a2d352ca09abf43aa0089c6bf90033ecb3dcbabccebfccdd8cf984e5531eb1ff9143db45035a83fd7f0d26163593dc0c1a86d1a5b406dd22dbd
|
data/README.md
CHANGED
|
@@ -8,8 +8,8 @@ Ruby implementation of [Paseto](https://github.com/paragonie/paseto) using [libs
|
|
|
8
8
|
|
|
9
9
|
## Installation
|
|
10
10
|
|
|
11
|
-
To use Paseto, you will need to install [libsodium]
|
|
12
|
-
required). See [Installing libsodium]
|
|
11
|
+
To use Paseto, you will need to install [libsodium] (at least version `1.0.12` is
|
|
12
|
+
required). See [Installing libsodium] for installation instructions.
|
|
13
13
|
|
|
14
14
|
Add this line to your application's Gemfile:
|
|
15
15
|
|
data/lib/paseto.rb
CHANGED
|
@@ -8,27 +8,21 @@ require 'paseto/public'
|
|
|
8
8
|
require 'paseto/local'
|
|
9
9
|
|
|
10
10
|
module Paseto
|
|
11
|
+
EMPTY_FOOTER = ''.freeze
|
|
12
|
+
|
|
13
|
+
# An Array#pack format to pack an unsigned little-endian 64-bit integer
|
|
14
|
+
UNSIGNED_LITTLE_64 = 'Q<'.freeze
|
|
11
15
|
|
|
12
16
|
# https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition
|
|
13
17
|
def self.encode_length(n)
|
|
14
|
-
|
|
15
|
-
(0..7).each do |i|
|
|
16
|
-
# Clear the MSB for interoperability
|
|
17
|
-
n &= 127 if (i === 7)
|
|
18
|
-
|
|
19
|
-
str << (n & 255)
|
|
20
|
-
n = n >> 8
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
str.pack('Q')
|
|
18
|
+
[n].pack(UNSIGNED_LITTLE_64)
|
|
24
19
|
end
|
|
25
20
|
|
|
26
21
|
# https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition
|
|
27
22
|
def self.pre_auth_encode(*pieces)
|
|
28
|
-
|
|
23
|
+
initial_output = encode_length(pieces.length)
|
|
29
24
|
|
|
30
|
-
initial_output
|
|
31
|
-
compacted_pieces.reduce(initial_output) do |output, piece|
|
|
25
|
+
pieces.reduce(initial_output) do |output, piece|
|
|
32
26
|
output += encode_length(piece.length)
|
|
33
27
|
output += piece
|
|
34
28
|
end
|
data/lib/paseto/local.rb
CHANGED
|
@@ -24,7 +24,7 @@ module Paseto
|
|
|
24
24
|
Paseto.encode64(@key)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
-
def encrypt(message, footer =
|
|
27
|
+
def encrypt(message, footer = EMPTY_FOOTER)
|
|
28
28
|
# Make a nonce: A single-use value never repeated under the same key
|
|
29
29
|
nonce = generate_nonce(message)
|
|
30
30
|
|
|
@@ -36,6 +36,8 @@ module Paseto
|
|
|
36
36
|
|
|
37
37
|
def decrypt(token, footer = nil)
|
|
38
38
|
footer ||= token.footer if token.is_a? Paseto::Token
|
|
39
|
+
footer ||= EMPTY_FOOTER
|
|
40
|
+
|
|
39
41
|
parsed = Paseto.verify_token(token, HEADER, footer)
|
|
40
42
|
|
|
41
43
|
nonce = parsed.payload[0, NONCE_BYTES]
|
|
@@ -72,7 +74,7 @@ module Paseto
|
|
|
72
74
|
end
|
|
73
75
|
end
|
|
74
76
|
|
|
75
|
-
def self.encrypt(message, key, footer =
|
|
77
|
+
def self.encrypt(message, key, footer = EMPTY_FOOTER)
|
|
76
78
|
key.encrypt(message, footer)
|
|
77
79
|
end
|
|
78
80
|
|
data/lib/paseto/public.rb
CHANGED
|
@@ -28,7 +28,7 @@ module Paseto
|
|
|
28
28
|
@nacl = RbNaCl::SigningKey.new(key)
|
|
29
29
|
end
|
|
30
30
|
|
|
31
|
-
def sign(message, footer =
|
|
31
|
+
def sign(message, footer = EMPTY_FOOTER)
|
|
32
32
|
data = encode_message(message, footer)
|
|
33
33
|
# Sign a message with the signing key
|
|
34
34
|
signature = @nacl.sign(data)
|
|
@@ -67,6 +67,8 @@ module Paseto
|
|
|
67
67
|
|
|
68
68
|
def verify(token, footer = nil)
|
|
69
69
|
footer ||= token.footer if token.is_a? Paseto::Token
|
|
70
|
+
footer ||= EMPTY_FOOTER
|
|
71
|
+
|
|
70
72
|
parsed = Paseto.verify_token(token, HEADER, footer)
|
|
71
73
|
|
|
72
74
|
decoded_message = parsed.payload[0..-(SIGNATURE_BYTES + 1)]
|
|
@@ -84,7 +86,7 @@ module Paseto
|
|
|
84
86
|
end
|
|
85
87
|
end
|
|
86
88
|
|
|
87
|
-
def self.sign(message, key, footer =
|
|
89
|
+
def self.sign(message, key, footer = EMPTY_FOOTER)
|
|
88
90
|
key.sign(message, footer)
|
|
89
91
|
end
|
|
90
92
|
|
data/lib/paseto/token.rb
CHANGED
|
@@ -6,7 +6,7 @@ module Paseto
|
|
|
6
6
|
Paseto.encode64(payload)
|
|
7
7
|
]
|
|
8
8
|
|
|
9
|
-
message << Paseto.encode64(footer) if footer
|
|
9
|
+
message << Paseto.encode64(footer) if footer && footer != EMPTY_FOOTER
|
|
10
10
|
|
|
11
11
|
message.join('.')
|
|
12
12
|
end
|
|
@@ -29,7 +29,7 @@ module Paseto
|
|
|
29
29
|
version, purpose, payload, footer = raw.split('.')
|
|
30
30
|
|
|
31
31
|
header = "#{version}.#{purpose}"
|
|
32
|
-
footer = Paseto.decode64(footer)
|
|
32
|
+
footer = footer.nil? ? EMPTY_FOOTER : Paseto.decode64(footer)
|
|
33
33
|
payload = Paseto.decode64(payload) unless payload.nil?
|
|
34
34
|
|
|
35
35
|
Token.new(header, payload, footer)
|
data/lib/paseto/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: paseto
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michael Guymon
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2019-02-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rbnacl
|