sandal 0.4.0 → 0.5.0

data/lib/sandal/sig.rb

@@ -1,19 +1,19 @@
-require 'singleton'
+require "singleton"
 
 module Sandal
   # Contains signature (JWS) functionality.
   module Sig
 
-    # The 'none' JWA signature method.
+    # The "none" JWA signature method.
     class None
       include Singleton
 
-      # @return [String] The JWA name of the algorithm.
-      attr_reader :name
+      # The JWA name of the algorithm.
+      NAME = "none"
 
-      # Creates a new instance.
-      def initialize
-        @name = 'none'
+      # The JWA name of the algorithm.
+      def name
+        NAME
       end
 
       # Returns an empty signature.
@@ -21,12 +21,12 @@ module Sandal
       # @param payload [String] This parameter is ignored.
       # @return [String] An empty string.
       def sign(payload)
-        ''
+        ""
       end
 
       # Validates that a signature is nil or empty.
       #
-      # @param signature [String] The signature to verify.
+      # @param signature [String] The signature to validate.
       # @param payload [String] This parameter is ignored.
       # @return [Boolean] true if the signature is nil/empty; otherwise false.
       def valid?(signature, payload)
@@ -41,6 +41,6 @@ module Sandal
   end
 end
 
-require 'sandal/sig/es' unless RUBY_PLATFORM == 'java'
-require 'sandal/sig/hs'
-require 'sandal/sig/rs'
+require "sandal/sig/es" unless RUBY_PLATFORM == "java"
+require "sandal/sig/hs"
+require "sandal/sig/rs"

data/lib/sandal/sig/es.rb

@@ -1,4 +1,4 @@
-require 'openssl'
+require "openssl"
 
 module Sandal
   module Sig
@@ -6,18 +6,18 @@ module Sandal
     # Base implementation of the ECDSA-SHA family of signature algorithms.
     class ES
 
-      # @return [String] The JWA name of the algorithm.
+      # The JWA name of the algorithm.
       attr_reader :name
 
       # Creates a new instance; it's probably easier to use one of the subclass
       # constructors.
       #
+      # @oaram name [String] The JWA name of the algorithm.
       # @param sha_size [Integer] The size of the SHA algorithm.
       # @param prime_size [Integer] The size of the ECDSA primes.
-      # @param key [OpenSSL::PKey::EC] The key to use for signing (private) or 
-      #   validation (public).
-      def initialize(sha_size, prime_size, key)
-        @name = "ES#{sha_size}"
+      # @param key [OpenSSL::PKey::EC] The key to use for signing (private) or validation (public).
+      def initialize(name, sha_size, prime_size, key)
+        @name = name
         @digest = OpenSSL::Digest.new("sha#{sha_size}")
         @prime_size = prime_size
         @key = key
@@ -36,7 +36,7 @@ module Sandal
 
       # Validates a payload signature and returns whether the signature matches.
       #
-      # @param signature [String] The signature to verify.
+      # @param signature [String] The signature to validate.
       # @param payload [String] The payload of the token.
       # @return [Boolean] true if the signature is correct; otherwise false.
       def valid?(signature, payload)
@@ -57,8 +57,8 @@ module Sandal
 
       # Encodes a pair of BNs into an ASN.1 signature.
       #
-      # @param r [OpenSSL::BN] The 'r' value.
-      # @param s [OpenSSL::BN] The 's' value.
+      # @param r [OpenSSL::BN] The "r" value.
+      # @param s [OpenSSL::BN] The "s" value.
       # @return [String] The ASN.1 signature.
       def self.encode_asn1_signature(r, s)
         items = [OpenSSL::ASN1::Integer.new(r), OpenSSL::ASN1::Integer.new(s)]
@@ -71,7 +71,7 @@ module Sandal
       # @return [OpenSSL::BN, OpenSSL::BN] A pair of BNs.
       def self.decode_jws_signature(signature)
         n_length = signature.length / 2
-        s_to_n = -> s { OpenSSL::BN.new(s.unpack('H*')[0], 16) }
+        s_to_n = -> s { OpenSSL::BN.new(s.unpack("H*")[0], 16) }
         r = s_to_n.call(signature[0..(n_length - 1)])
         s = s_to_n.call(signature[n_length..-1])
         return r, s
@@ -79,13 +79,13 @@ module Sandal
 
       # Encodes a pair of BNs into a JWS signature.
       #
-      # @param r [OpenSSL::BN] The 'r' value.
-      # @param s [OpenSSL::BN] The 's' value.
+      # @param r [OpenSSL::BN] The "r" value.
+      # @param s [OpenSSL::BN] The "s" value.
       # @param prime_size [Integer] The size of the ECDSA primes.
       # @return [String] The ASN.1 signature.
       def self.encode_jws_signature(r, s, prime_size)
         byte_count = (prime_size / 8.0).ceil
-        n_to_s = -> n { [n.to_s(16)].pack('H*').rjust(byte_count, "\0") }
+        n_to_s = -> n { [n.to_s(16)].pack("H*").rjust(byte_count, "\0") }
         n_to_s.call(r) + n_to_s.call(s)
       end
 
@@ -109,40 +109,58 @@ module Sandal
 
     # The ECDSA-SHA256 signing algorithm.
     class ES256 < Sandal::Sig::ES
+
+      # The JWA name of the algorithm.
+      NAME = "ES256"
+
+      # The ECDSA curve name.
+      CURVE_NAME = "prime256v1"
+
       # Creates a new instance.
       #
-      # @param key [OpenSSL::PKey::EC or String] The key to use for signing 
-      #   (private) or validation (public). If the value is a String then it 
-      #   will be passed to the constructor of the EC class.
+      # @param key [OpenSSL::PKey::EC or String] The key to use for signing (private) or validation (public). If the 
+      #   value is a String then it will be passed to the constructor of the EC class.
       # @raise [ArgumentError] The key is not in the "prime256v1" group.
       def initialize(key)
-        super(256, 256, make_key(key, 'prime256v1'))
+        super(NAME, 256, 256, make_key(key, CURVE_NAME))
       end
     end
 
     # The ECDSA-SHA384 signing algorithm.
     class ES384 < Sandal::Sig::ES
+
+      # The JWA name of the algorithm.
+      NAME = "ES384"
+
+      # The ECDSA curve name.
+      CURVE_NAME = "secp384r1"
+
       # Creates a new instance.
       #
-      # @param key [OpenSSL::PKey::EC or String] The key to use for signing 
-      #   (private) or validation (public). If the value is a String then it 
-      #   will be passed to the constructor of the EC class.
+      # @param key [OpenSSL::PKey::EC or String] The key to use for signing (private) or validation (public). If the 
+      #   value is a String then it will be passed to the constructor of the EC class.
       # @raise [ArgumentError] The key is not in the "secp384r1" group.
       def initialize(key)
-        super(384, 384, make_key(key, 'secp384r1'))
+        super(NAME, 384, 384, make_key(key, CURVE_NAME))
       end
     end
 
     # The ECDSA-SHA512 signing algorithm.
     class ES512 < Sandal::Sig::ES
+
+      # The JWA name of the algorithm.
+      NAME = "ES512"
+
+      # The ECDSA curve name.
+      CURVE_NAME = "secp521r1"
+
       # Creates a new instance.
       #
-      # @param key [OpenSSL::PKey::EC or String] The key to use for signing 
-      #   (private) or validation (public). If the value is a String then it 
-      #   will be passed to the constructor of the EC class.
+      # @param key [OpenSSL::PKey::EC or String] The key to use for signing (private) or validation (public). If the 
+      #   value is a String then it will be passed to the constructor of the EC class.
       # @raise [ArgumentError] The key is not in the "secp521r1" group.
       def initialize(key)
-        super(512, 521, make_key(key, 'secp521r1'))
+        super(NAME, 512, 521, make_key(key, CURVE_NAME))
       end
     end
 

data/lib/sandal/sig/hs.rb

@@ -1,4 +1,4 @@
-require 'openssl'
+require "openssl"
 
 module Sandal
   module Sig
@@ -7,16 +7,17 @@ module Sandal
     class HS
       include Sandal::Util
 
-      # @return [String] The JWA name of the algorithm.
+      # The JWA name of the algorithm.
       attr_reader :name
 
       # Creates a new instance; it's probably easier to use one of the subclass
       # constructors.
       #
+      # @oaram name [String] The JWA name of the algorithm.
       # @param sha_size [Integer] The size of the SHA algorithm.
       # @param key [String] The key to use for signing or validation.
-      def initialize(sha_size, key)
-        @name = "HS#{sha_size}"
+      def initialize(name, sha_size, key)
+        @name = name
         @digest = OpenSSL::Digest.new("sha#{sha_size}")
         @key = key
       end
@@ -31,7 +32,7 @@ module Sandal
 
       # Validates a payload signature and returns whether the signature matches.
       #
-      # @param signature [String] The signature to verify.
+      # @param signature [String] The signature to validate.
       # @param payload [String] The payload of the token.
       # @return [Boolean] true if the signature is correct; otherwise false.
       def valid?(signature, payload)
@@ -42,31 +43,43 @@ module Sandal
 
     # The HMAC-SHA256 signing algorithm.
     class HS256 < Sandal::Sig::HS
+
+      # The JWA name of the algorithm.
+      NAME = "HS256"
+
       # Creates a new instance.
       #
       # @param key [String] The key to use for signing or validation.
       def initialize(key)
-        super(256, key)
+        super(NAME, 256, key)
       end
     end
 
     # The HMAC-SHA384 signing algorithm.
     class HS384 < Sandal::Sig::HS
+
+      # The JWA name of the algorithm.
+      NAME = "HS384"
+
       # Creates a new instance.
       #
       # @param key [String] The key to use for signing or validation.
       def initialize(key)
-        super(384, key)
+        super(NAME, 384, key)
       end
     end
 
     # The HMAC-SHA512 signing algorithm.
     class HS512 < Sandal::Sig::HS
+
+      # The JWA name of the algorithm.
+      NAME = "HS512"
+
       # Creates a new instance.
       #
       # @param key [String] The key to use for signing or validation.
       def initialize(key)
-        super(512, key)
+        super(NAME, 512, key)
       end
     end
 

data/lib/sandal/sig/rs.rb

@@ -1,4 +1,4 @@
-require 'openssl'
+require "openssl"
 
 module Sandal
   module Sig
@@ -6,18 +6,18 @@ module Sandal
     # Base implementation of the RSA-SHA family of signature algorithms.
     class RS
 
-      # @return [String] The JWA name of the algorithm.
+      # The JWA name of the algorithm.
       attr_reader :name
 
       # Creates a new instance; it's probably easier to use one of the subclass
       # constructors.
       #
+      # @oaram name [String] The JWA name of the algorithm.
       # @param sha_size [Integer] The size of the SHA algorithm.
-      # @param key [OpenSSL::PKey::RSA] The key to use for signing (private) or 
-      #   validation (public). This must be at least 2048 bits to be compliant 
-      #   with the JWA specification.
-      def initialize(sha_size, key)
-        @name = "RS#{sha_size}"
+      # @param key [OpenSSL::PKey::RSA] The key to use for signing (private) or validation (public). This must be at 
+      #   least 2048 bits to be compliant with the JWA specification.
+      def initialize(name, sha_size, key)
+        @name = name
         @digest = OpenSSL::Digest.new("sha#{sha_size}")
         @key = key
       end
@@ -32,11 +32,13 @@ module Sandal
 
       # Validates a payload signature and returns whether the signature matches.
       #
-      # @param signature [String] The signature to verify.
+      # @param signature [String] The signature to validate.
       # @param payload [String] The payload of the token.
       # @return [Boolean] true if the signature is correct; otherwise false.
       def valid?(signature, payload)
         @key.verify(@digest, signature, payload)
+      rescue OpenSSL::PKey::PKeyError # happens in jruby if the signature is invalid
+        false
       end
 
       private
@@ -53,40 +55,49 @@ module Sandal
 
     # The RSA-SHA256 signing algorithm.
     class RS256 < Sandal::Sig::RS
+
+      # The JWA name of the algorithm.
+      NAME = "RS256"
+
       # Creates a new instance.
       #
-      # @param key [OpenSSL::PKey::RSA or String] The key to use for signing 
-      #   (private) or validation (public). If the value is a String then it 
-      #   will be passed to the constructor of the RSA class. This must be at 
-      #   least 2048 bits to be compliant with the JWA specification.
+      # @param key [OpenSSL::PKey::RSA or String] The key to use for signing (private) or validation (public). If the 
+      #   value is a String then it will be passed to the constructor of the RSA class. This must be at least 2048 bits
+      #   to be compliant with the JWA specification.
       def initialize(key)
-        super(256, make_key(key))
+        super(NAME, 256, make_key(key))
       end
     end
 
     # The RSA-SHA384 signing algorithm.
     class RS384 < Sandal::Sig::RS
+
+      # The JWA name of the algorithm.
+      NAME = "RS384"
+
       # Creates a new instance.
       #
-      # @param key [OpenSSL::PKey::RSA or String] The key to use for signing 
-      #   (private) or validation (public). If the value is a String then it 
-      #   will be passed to the constructor of the RSA class. This must be at 
-      #   least 2048 bits to be compliant with the JWA specification.
+      # @param key [OpenSSL::PKey::RSA or String] The key to use for signing (private) or validation (public). If the 
+      #   value is a String then it will be passed to the constructor of the RSA class. This must be at least 2048 bits
+      #   to be compliant with the JWA specification.
       def initialize(key)
-        super(384, make_key(key))
+        super(NAME, 384, make_key(key))
       end
     end
 
     # The RSA-SHA512 signing algorithm.
     class RS512 < Sandal::Sig::RS
+
+      # The JWA name of the algorithm.
+      NAME = "RS512"
+
       # Creates a new instance.
       #
-      # @param key [OpenSSL::PKey::RSA or String] The key to use for signing 
-      #   (private) or validation (public). If the value is a String then it 
-      #   will be passed to the constructor of the RSA class. This must be at 
-      #   least 2048 bits to be compliant with the JWA specification.
+      # @param key [OpenSSL::PKey::RSA or String] The key to use for signing (private) or validation (public). If the 
+      #   value is a String then it will be passed to the constructor of the RSA class. This must be at least 2048 bits
+      #   to be compliant with the JWA specification.
       def initialize(key)
-        super(512, make_key(key))
+        super(NAME, 512, make_key(key))
       end
     end
 

data/lib/sandal/util.rb

@@ -1,4 +1,4 @@
-require 'base64'
+require "base64"
 
 module Sandal
   # @private
@@ -30,7 +30,7 @@ module Sandal
     # @param s [String] The string to encode.
     # @return [String] The encoded base64 string.
     def jwt_base64_encode(s)
-      Base64.urlsafe_encode64(s).gsub(/=+$/, '')
+      Base64.urlsafe_encode64(s).gsub(/=+$/, "")
     end
 
     # Base64 decodes a string, in compliance with the JWT specification.
@@ -39,21 +39,21 @@ module Sandal
     # @return [String] The decoded string.
     # @raise [ArgumentError] The base64 string is invalid or contains padding.
     def jwt_base64_decode(s)
-      if s.end_with?('=')
-        raise ArgumentError, 'Base64 strings must not contain padding.'
+      if s.end_with?("=")
+        raise ArgumentError, "Base64 strings must not contain padding."
       end
 
       padding_length = (4 - (s.length % 4)) % 4
-      padding = '=' * padding_length
+      padding = "=" * padding_length
       input = s + padding
       result = Base64.urlsafe_decode64(input)
 
-      # this bit is primarily for jruby which does a 'best effort' decode of
+      # this bit is primarily for jruby which does a "best effort" decode of
       # whatever data it can if the input is invalid rather than raising an
       # ArgumentError - as that could be a security issue we'll check that the 
       # result contains all the data that was in the input string
       unless input.length == (((result.length - 1) / 3) * 4) + 4
-        raise ArgumentError, 'Invalid base64.'
+        raise ArgumentError, "Invalid base64."
       end
       
       result

data/lib/sandal/version.rb

@@ -1,4 +1,4 @@
 module Sandal
   # The semantic version of the library.
-  VERSION = '0.4.0'
+  VERSION = "0.5.0"
 end

data/spec/helper.rb

@@ -24,4 +24,5 @@ def make_bn(arr)
   OpenSSL::BN.new(hex_str, 16)
 end
 
+require_relative './sample_keys'
 require "#{File.dirname(__FILE__)}/../lib/sandal.rb"

data/spec/sample_keys.rb

@@ -0,0 +1,28 @@
+
+module SampleKeys
+
+  def self.jwe_draft11_appendix1_rsa
+    key = OpenSSL::PKey::RSA.new(2048)
+    key.n = make_bn([161, 168, 84, 34, 133, 176, 208, 173, 46, 176, 163, 110, 57, 30, 135, 227, 9, 31, 226, 128, 84, 92, 116, 241, 70, 248, 27, 227, 193, 62, 5, 91, 241, 145, 224, 205, 141, 176, 184, 133, 239, 43, 81, 103, 9, 161, 153, 157, 179, 104, 123, 51, 189, 34, 152, 69, 97, 69, 78, 93, 140, 131, 87, 182, 169, 101, 92, 142, 3, 22, 167, 8, 212, 56, 35, 79, 210, 222, 192, 208, 252, 49, 109, 138, 173, 253, 210, 166, 201, 63, 102, 74, 5, 158, 41, 90, 144, 108, 160, 79, 10, 89, 222, 231, 172, 31, 227, 197, 0, 19, 72, 81, 138, 78, 136, 221, 121, 118, 196, 17, 146, 10, 244, 188, 72, 113, 55, 221, 162, 217, 171, 27, 57, 233, 210, 101, 236, 154, 199, 56, 138, 239, 101, 48, 198, 186, 202, 160, 76, 111, 234, 71, 57, 183, 5, 211, 171, 136, 126, 64, 40, 75, 58, 89, 244, 254, 107, 84, 103, 7, 236, 69, 163, 18, 180, 251, 58, 153, 46, 151, 174, 12, 103, 197, 181, 161, 162, 55, 250, 235, 123, 110, 17, 11, 158, 24, 47, 133, 8, 199, 235, 107, 126, 130, 246, 73, 195, 20, 108, 202, 176, 214, 187, 45, 146, 182, 118, 54, 32, 200, 61, 201, 71, 243, 1, 255, 131, 84, 37, 111, 211, 168, 228, 45, 192, 118, 27, 197, 235, 232, 36, 10, 230, 248, 190, 82, 182, 140, 35, 204, 108, 190, 253, 186, 186, 27]) 
+    key.e = make_bn([1, 0, 1])
+    key.d = make_bn([144, 183, 109, 34, 62, 134, 108, 57, 44, 252, 10, 66, 73, 54, 16, 181, 233, 92, 54, 219, 101, 42, 35, 178, 63, 51, 43, 92, 119, 136, 251, 41, 53, 23, 191, 164, 164, 60, 88, 227, 229, 152, 228, 213, 149, 228, 169, 237, 104, 71, 151, 75, 88, 252, 216, 77, 251, 231, 28, 97, 88, 193, 215, 202, 248, 216, 121, 195, 211, 245, 250, 112, 71, 243, 61, 129, 95, 39, 244, 122, 225, 217, 169, 211, 165, 48, 253, 220, 59, 122, 219, 42, 86, 223, 32, 236, 39, 48, 103, 78, 122, 216, 187, 88, 176, 89, 24, 1, 42, 177, 24, 99, 142, 170, 1, 146, 43, 3, 108, 64, 194, 121, 182, 95, 187, 134, 71, 88, 96, 134, 74, 131, 167, 69, 106, 143, 121, 27, 72, 44, 245, 95, 39, 194, 179, 175, 203, 122, 16, 112, 183, 17, 200, 202, 31, 17, 138, 156, 184, 210, 157, 184, 154, 131, 128, 110, 12, 85, 195, 122, 241, 79, 251, 229, 183, 117, 21, 123, 133, 142, 220, 153, 9, 59, 57, 105, 81, 255, 138, 77, 82, 54, 62, 216, 38, 249, 208, 17, 197, 49, 45, 19, 232, 157, 251, 131, 137, 175, 72, 126, 43, 229, 69, 179, 117, 82, 157, 213, 83, 35, 57, 210, 197, 252, 171, 143, 194, 11, 47, 163, 6, 253, 75, 252, 96, 11, 187, 84, 130, 210, 7, 121, 78, 91, 79, 57, 251, 138, 132, 220, 60, 224, 173, 56, 224, 201])
+    key
+  end
+
+  def self.jwe_draft11_appendix2_rsa
+    key = OpenSSL::PKey::RSA.new(2048)
+    key.n = make_bn([177, 119, 33, 13, 164, 30, 108, 121, 207, 136, 107, 242, 12, 224, 19, 226, 198, 134, 17, 71, 173, 75, 42, 61, 48, 162, 206, 161, 97, 108, 185, 234, 226, 219, 118, 206, 118, 5, 169, 224, 60, 181, 90, 85, 51, 123, 6, 224, 4, 122, 29, 230, 151, 12, 244, 127, 121, 25, 4, 85, 220, 144, 215, 110, 130, 17, 68, 228, 129, 138, 7, 130, 231, 40, 212, 214, 17, 179, 28, 124, 151, 178, 207, 20, 14, 154, 222, 113, 176, 24, 198, 73, 211, 113, 9, 33, 178, 80, 13, 25, 21, 25, 153, 212, 206, 67, 154, 147, 70, 194, 192, 183, 160, 83, 98, 236, 175, 85, 23, 97, 75, 199, 177, 73, 145, 50, 253, 206, 32, 179, 254, 236, 190, 82, 73, 67, 129, 253, 252, 220, 108, 136, 138, 11, 192, 1, 36, 239, 228, 55, 81, 113, 17, 25, 140, 63, 239, 146, 3, 172, 96, 60, 227, 233, 64, 255, 224, 173, 225, 228, 229, 92, 112, 72, 99, 97, 26, 87, 187, 123, 46, 50, 90, 202, 117, 73, 10, 153, 47, 224, 178, 163, 77, 48, 46, 154, 33, 148, 34, 228, 33, 172, 216, 89, 46, 225, 127, 68, 146, 234, 30, 147, 54, 146, 5, 133, 45, 78, 254, 85, 55, 75, 213, 86, 194, 218, 215, 163, 189, 194, 54, 6, 83, 36, 18, 153, 53, 7, 48, 89, 35, 66, 144, 7, 65, 154, 13, 97, 75, 55, 230, 132, 3, 13, 239, 71]) 
+    key.e = make_bn([1, 0, 1])
+    key.d = make_bn([84, 80, 150, 58, 165, 235, 242, 123, 217, 55, 38, 154, 36, 181, 221, 156, 211, 215, 100, 164, 90, 88, 40, 228, 83, 148, 54, 122, 4, 16, 165, 48, 76, 194, 26, 107, 51, 53, 179, 165, 31, 18, 198, 173, 78, 61, 56, 97, 252, 158, 140, 80, 63, 25, 223, 156, 36, 203, 214, 252, 120, 67, 180, 167, 3, 82, 243, 25, 97, 214, 83, 133, 69, 16, 104, 54, 160, 200, 41, 83, 164, 187, 70, 153, 111, 234, 242, 158, 175, 28, 198, 48, 211, 45, 148, 58, 23, 62, 227, 74, 52, 117, 42, 90, 41, 249, 130, 154, 80, 119, 61, 26, 193, 40, 125, 10, 152, 174, 227, 225, 205, 32, 62, 66, 6, 163, 100, 99, 219, 19, 253, 25, 105, 80, 201, 29, 252, 157, 237, 69, 1, 80, 171, 167, 20, 196, 156, 109, 249, 88, 0, 3, 152, 38, 165, 72, 87, 6, 152, 71, 156, 214, 16, 71, 30, 82, 51, 103, 76, 218, 63, 9, 84, 163, 249, 91, 215, 44, 238, 85, 101, 240, 148, 1, 82, 224, 91, 135, 105, 127, 84, 171, 181, 152, 210, 183, 126, 24, 46, 196, 90, 173, 38, 245, 219, 186, 222, 27, 240, 212, 194, 15, 66, 135, 226, 178, 190, 52, 245, 74, 65, 224, 81, 100, 85, 25, 204, 165, 203, 187, 175, 84, 100, 82, 15, 11, 23, 202, 151, 107, 54, 41, 207, 3, 136, 229, 134, 131, 93, 139, 50, 182, 204, 93, 130, 89])
+    key
+  end
+
+  def self.jws_draft11_appendix2_rsa
+    key = OpenSSL::PKey::RSA.new(2048)
+    key.n = make_bn([161, 248, 22, 10, 226, 227, 201, 180, 101, 206, 141, 45, 101, 98, 99, 54, 43, 146, 125, 190, 41, 225, 240, 36, 119, 252, 22, 37, 204, 144, 161, 54, 227, 139, 217, 52, 151, 197, 182, 234, 99, 221, 119, 17, 230, 124, 116, 41, 249, 86, 176, 251, 138, 143, 8, 154, 220, 75, 105, 137, 60, 193, 51, 63, 83, 237, 208, 25, 184, 119, 132, 37, 47, 236, 145, 79, 228, 133, 119, 105, 89, 75, 234, 66, 128, 211, 44, 15, 85, 191, 98, 148, 79, 19, 3, 150, 188, 110, 155, 223, 110, 189, 210, 189, 163, 103, 142, 236, 160, 198, 104, 247, 1, 179, 141, 191, 251, 56, 200, 52, 44, 226, 254, 109, 39, 250, 222, 74, 90, 72, 116, 151, 157, 212, 185, 207, 154, 222, 196, 199, 91, 5, 133, 44, 44, 15, 94, 248, 165, 193, 117, 3, 146, 249, 68, 232, 237, 100, 193, 16, 198, 182, 71, 96, 154, 164, 120, 58, 235, 156, 108, 154, 215, 85, 49, 48, 80, 99, 139, 131, 102, 92, 111, 111, 122, 130, 163, 150, 112, 42, 31, 100, 27, 130, 211, 235, 242, 57, 34, 25, 73, 31, 182, 134, 135, 44, 87, 22, 245, 10, 248, 53, 141, 154, 139, 157, 23, 195, 64, 114, 143, 127, 135, 216, 154, 24, 216, 252, 171, 103, 173, 132, 89, 12, 46, 207, 117, 147, 57, 54, 60, 7, 3, 77, 111, 96, 111, 158, 33, 224, 84, 86, 202, 229, 233, 161]) 
+    key.e = make_bn([1, 0, 1])
+    key.d = make_bn([18, 174, 113, 164, 105, 205, 10, 43, 195, 126, 82, 108, 69, 0, 87, 31, 29, 97, 117, 29, 100, 233, 73, 112, 123, 98, 89, 15, 157, 11, 165, 124, 150, 60, 64, 30, 63, 207, 47, 44, 211, 189, 236, 136, 229, 3, 191, 198, 67, 155, 11, 40, 200, 47, 125, 55, 151, 103, 31, 82, 19, 238, 216, 193, 90, 37, 216, 213, 206, 160, 2, 94, 227, 171, 46, 139, 127, 121, 33, 111, 198, 59, 234, 86, 39, 83, 180, 6, 68, 198, 161, 81, 39, 217, 178, 149, 69, 64, 160, 187, 225, 163, 5, 86, 152, 45, 78, 159, 222, 95, 100, 37, 241, 77, 75, 113, 52, 65, 181, 93, 199, 59, 155, 74, 237, 204, 146, 172, 227, 146, 126, 55, 245, 125, 12, 253, 94, 117, 129, 250, 81, 44, 143, 73, 97, 169, 235, 11, 128, 248, 168, 7, 70, 114, 138, 85, 255, 70, 71, 31, 52, 37, 6, 59, 157, 83, 100, 47, 94, 222, 30, 132, 214, 19, 8, 26, 250, 92, 34, 208, 81, 40, 91, 214, 59, 148, 59, 86, 93, 137, 138, 5, 104, 84, 19, 229, 60, 60, 108, 101, 37, 255, 31, 227, 78, 61, 220, 112, 240, 213, 100, 80, 253, 164, 139, 161, 46, 16, 78, 157, 235, 159, 184, 24, 129, 225, 196, 189, 242, 93, 146, 71, 244, 80, 200, 101, 146, 121, 104, 231, 115, 52, 244, 65, 79, 117, 167, 80, 225, 57, 84, 110, 58, 138, 115, 157])
+    key
+  end
+
+end