Hello community,
here is the log from the commit of package rubygem-json-jwt for
openSUSE:Factory checked in at 2020-10-05 19:31:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-json-jwt (Old)
and /work/SRC/openSUSE:Factory/.rubygem-json-jwt.new.4249 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-json-jwt"
Mon Oct 5 19:31:44 2020 rev:7 rq:838045 version:1.13.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-json-jwt/rubygem-json-jwt.changes
2020-03-07 21:38:38.244288308 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-json-jwt.new.4249/rubygem-json-jwt.changes
2020-10-05 19:31:53.652890163 +0200
@@ -1,0 +2,6 @@
+Fri Sep 25 14:14:03 UTC 2020 - Stephan Kulow <[email protected]>
+
+updated to version 1.13.0
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
json-jwt-1.11.0.gem
New:
----
json-jwt-1.13.0.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-json-jwt.spec ++++++
--- /var/tmp/diff_new_pack.2OnT5J/_old 2020-10-05 19:31:54.336893049 +0200
+++ /var/tmp/diff_new_pack.2OnT5J/_new 2020-10-05 19:31:54.340893065 +0200
@@ -24,12 +24,12 @@
#
Name: rubygem-json-jwt
-Version: 1.11.0
+Version: 1.13.0
Release: 0
%define mod_name json-jwt
%define mod_full_name %{mod_name}-%{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: %{ruby >= 2.3}
+BuildRequires: %{ruby >= 2.4}
BuildRequires: %{rubygem gem2rpm}
BuildRequires: ruby-macros >= 5
URL: https://github.com/nov/json-jwt
++++++ json-jwt-1.11.0.gem -> json-jwt-1.13.0.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.travis.yml new/.travis.yml
--- old/.travis.yml 2019-11-11 15:31:40.000000000 +0100
+++ new/.travis.yml 2020-06-01 01:45:28.000000000 +0200
@@ -3,9 +3,9 @@
- git submodule update --init --recursive
rvm:
- - 2.3.7
- - 2.4.4
- - 2.5.1
+ - 2.5.8
+ - 2.6.6
+ - 2.7.1
jdk:
- openjdk11
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/VERSION new/VERSION
--- old/VERSION 2019-11-11 15:31:40.000000000 +0100
+++ new/VERSION 2020-06-01 01:45:28.000000000 +0200
@@ -1 +1 @@
-1.11.0
\ No newline at end of file
+1.13.0
\ No newline at end of file
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/json-jwt.gemspec new/json-jwt.gemspec
--- old/json-jwt.gemspec 2019-11-11 15:31:40.000000000 +0100
+++ new/json-jwt.gemspec 2020-06-01 01:45:28.000000000 +0200
@@ -12,7 +12,7 @@
end
gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f|
File.basename(f) }
gem.require_paths = ['lib']
- gem.required_ruby_version = '>= 2.3'
+ gem.required_ruby_version = '>= 2.4'
gem.add_runtime_dependency 'activesupport', '>= 4.2'
gem.add_runtime_dependency 'bindata'
gem.add_runtime_dependency 'aes_key_wrap'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/json/jose.rb new/lib/json/jose.rb
--- old/lib/json/jose.rb 2019-11-11 15:31:40.000000000 +0100
+++ new/lib/json/jose.rb 2020-06-01 01:45:28.000000000 +0200
@@ -7,6 +7,8 @@
included do
extend ClassMethods
register_header_keys :alg, :jku, :jwk, :x5u, :x5t, :x5c, :kid, :typ,
:cty, :crit
+
+ # NOTE: not used anymore in this gem, but keeping in case developers are
calling it.
alias_method :algorithm, :alg
attr_writer :header
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/json/jwe.rb new/lib/json/jwe.rb
--- old/lib/json/jwe.rb 2019-11-11 15:31:40.000000000 +0100
+++ new/lib/json/jwe.rb 2020-06-01 01:45:28.000000000 +0200
@@ -107,7 +107,7 @@
end
def dir?
- :dir == algorithm&.to_sym
+ :dir == alg&.to_sym
end
def cipher
@@ -159,7 +159,7 @@
# encryption
def jwe_encrypted_key
- @jwe_encrypted_key ||= case algorithm&.to_sym
+ @jwe_encrypted_key ||= case alg&.to_sym
when :RSA1_5
public_key_or_secret.public_encrypt content_encryption_key
when :'RSA-OAEP'
@@ -211,7 +211,7 @@
def decrypt_content_encryption_key
fake_content_encryption_key = generate_content_encryption_key # NOTE: do
this always not to make timing difference
- case algorithm&.to_sym
+ case alg&.to_sym
when :RSA1_5
private_key_or_secret.private_decrypt jwe_encrypted_key
when :'RSA-OAEP'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/json/jwk/jwkizable.rb
new/lib/json/jwk/jwkizable.rb
--- old/lib/json/jwk/jwkizable.rb 2019-11-11 15:31:40.000000000 +0100
+++ new/lib/json/jwk/jwkizable.rb 2020-06-01 01:45:28.000000000 +0200
@@ -44,6 +44,8 @@
:'P-384'
when 'secp521r1'
:'P-521'
+ when 'secp256k1'
+ :secp256k1
else
raise UnknownAlgorithm.new('Unknown EC Curve')
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/json/jwk.rb new/lib/json/jwk.rb
--- old/lib/json/jwk.rb 2019-11-11 15:31:40.000000000 +0100
+++ new/lib/json/jwk.rb 2020-06-01 01:45:28.000000000 +0200
@@ -50,8 +50,6 @@
end
end
- private
-
def rsa?
self[:kty]&.to_sym == :RSA
end
@@ -64,12 +62,6 @@
self[:kty]&.to_sym == :oct
end
- def calculate_default_kid
- self[:kid] = thumbprint
- rescue
- # ignore
- end
-
def normalize
case
when rsa?
@@ -95,6 +87,14 @@
end
end
+ private
+
+ def calculate_default_kid
+ self[:kid] = thumbprint
+ rescue
+ # ignore
+ end
+
def to_rsa_key
e, n, d, p, q, dp, dq, qi = [:e, :n, :d, :p, :q, :dp, :dq, :qi].collect
do |key|
if self[key]
@@ -127,6 +127,8 @@
'secp384r1'
when :'P-521'
'secp521r1'
+ when :secp256k1
+ 'secp256k1'
else
raise UnknownAlgorithm.new('Unknown EC Curve')
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/json/jws.rb new/lib/json/jws.rb
--- old/lib/json/jws.rb 2019-11-11 15:31:40.000000000 +0100
+++ new/lib/json/jws.rb 2020-06-01 01:45:28.000000000 +0200
@@ -13,7 +13,7 @@
end
def sign!(private_key_or_secret)
- self.alg = autodetected_algorithm_from(private_key_or_secret) if
algorithm == :autodetect
+ self.alg = autodetected_algorithm_from(private_key_or_secret) if alg ==
:autodetect
self.signature = sign signature_base_string, private_key_or_secret
self
end
@@ -43,31 +43,23 @@
private
def digest
- OpenSSL::Digest.new "SHA#{algorithm.to_s[2, 3]}"
+ OpenSSL::Digest.new "SHA#{alg.to_s[2, 3]}"
end
def hmac?
- [:HS256, :HS384, :HS512].include? algorithm&.to_sym
+ [:HS256, :HS384, :HS512].include? alg&.to_sym
end
def rsa?
- [:RS256, :RS384, :RS512].include? algorithm&.to_sym
+ [:RS256, :RS384, :RS512].include? alg&.to_sym
end
def rsa_pss?
- if [:PS256, :PS384, :PS512].include? algorithm&.to_sym
- if OpenSSL::VERSION < '2.1.0'
- raise "#{alg} isn't supported. OpenSSL gem v2.1.0+ is required to
use #{alg}."
- else
- true
- end
- else
- false
- end
+ [:PS256, :PS384, :PS512].include? alg&.to_sym
end
def ecdsa?
- [:ES256, :ES384, :ES512].include? algorithm&.to_sym
+ [:ES256, :ES384, :ES512, :ES256K].include? alg&.to_sym
end
def autodetected_algorithm_from(private_key_or_secret)
@@ -85,6 +77,8 @@
:ES384
when 'secp521r1'
:ES512
+ when 'secp256k1'
+ :ES256K
else
raise UnknownAlgorithm.new('Unknown EC Curve')
end
@@ -118,8 +112,7 @@
private_key = private_key_or_secret
verify_ecdsa_group! private_key
asn1_to_raw(
- private_key.dsa_sign_asn1(digest.digest signature_base_string),
- # private_key.sign(digest, signature_base_string), # NOTE: this
causes `undefined method `private?'` error in ruby 2.3
+ private_key.sign(digest, signature_base_string),
private_key
)
else
@@ -152,7 +145,12 @@
def verify_ecdsa_group!(key)
group_name = case digest.digest_length * 8
when 256
- :prime256v1
+ case key.group.curve_name
+ when 'secp256k1'
+ :secp256k1
+ else
+ :prime256v1
+ end
when 384
:secp384r1
when 512
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2019-11-11 15:31:40.000000000 +0100
+++ new/metadata 2020-06-01 01:45:28.000000000 +0200
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: json-jwt
version: !ruby/object:Gem::Version
- version: 1.11.0
+ version: 1.13.0
platform: ruby
authors:
- nov matake
autorequire:
bindir: bin
cert_chain: []
-date: 2019-11-11 00:00:00.000000000 Z
+date: 2020-05-31 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: activesupport
@@ -145,7 +145,7 @@
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: '2.3'
+ version: '2.4'
required_rubygems_version: !ruby/object:Gem::Requirement
requirements:
- - ">="
