New Upstream Release - ruby-jwt

Ready changes

Summary

Merged new upstream version: 2.7.1 (was: 2.7.0).

Resulting package

Built on 2023-06-26T13:17 (took 7m0s)

The resulting binary packages can be installed (if you have the apt repository enabled) by running one of: 

apt install -t fresh-releases ruby-jwt

Lintian Result

Diff

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fec3c8a..bdc71bd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,14 @@
 # Changelog
 
+## [v2.7.1](https://github.com/jwt/ruby-jwt/tree/v2.8.0) (2023-06-09)
+
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.7.0...v2.8.0)
+
+**Fixes and enhancements:**
+
+- Handle invalid algorithm when decoding JWT [#559](https://github.com/jwt/ruby-jwt/pull/559) - [@nataliastanko](https://github.com/nataliastanko)
+- Do not raise error when verifying bad HMAC signature [#563](https://github.com/jwt/ruby-jwt/pull/563) - [@hieuk09](https://github.com/hieuk09)
+
 ## [v2.7.0](https://github.com/jwt/ruby-jwt/tree/v2.7.0) (2023-02-01)
 
 [Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.6.0...v2.7.0)
diff --git a/README.md b/README.md
index 4ebf0e7..2c3a225 100644
--- a/README.md
+++ b/README.md
@@ -602,7 +602,7 @@ If the requested `kid` is not found from the given set the loader will be called
 The application can choose to implement some kind of JWK cache invalidation or other mechanism to handle such cases.
 
 Tokens without a specified `kid` are rejected by default.
-This behaviour may be overwritten by setting the `allow_nil_jwks` option for `decode` to `true`.
+This behaviour may be overwritten by setting the `allow_nil_kid` option for `decode` to `true`.
 
 ```ruby
 jwks_loader = ->(options) do
diff --git a/debian/changelog b/debian/changelog
index c68ed27..365262c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ruby-jwt (2.7.1-1) UNRELEASED; urgency=low
+
+  * New upstream release.
+
+ -- Debian Janitor <janitor@jelmer.uk>  Mon, 26 Jun 2023 13:10:59 -0000
+
 ruby-jwt (2.7.0-2) unstable; urgency=medium
 
   * Reupload to unstable
diff --git a/debian/patches/no-pending-tests.patch b/debian/patches/no-pending-tests.patch
index 65de734..254ebbe 100644
--- a/debian/patches/no-pending-tests.patch
+++ b/debian/patches/no-pending-tests.patch
@@ -4,9 +4,11 @@ Forwarded: not needed
 Author: Cédric Boutillier <boutil@debian.org>
 Last-Update: 2022-11-30
 
---- a/spec/jwt_spec.rb
-+++ b/spec/jwt_spec.rb
-@@ -631,7 +631,7 @@
+Index: ruby-jwt.git/spec/jwt_spec.rb
+===================================================================
+--- ruby-jwt.git.orig/spec/jwt_spec.rb
++++ ruby-jwt.git/spec/jwt_spec.rb
+@@ -631,7 +631,7 @@ RSpec.describe JWT do
  
    context 'when hmac algorithm is used without secret key' do
      it 'encodes payload' do
@@ -15,7 +17,7 @@ Last-Update: 2022-11-30
        payload = { a: 1, b: 'b' }
  
        token = JWT.encode(payload, '', 'HS256')
-@@ -762,7 +762,7 @@
+@@ -762,7 +762,7 @@ RSpec.describe JWT do
    describe 'when token signed with nil and decoded with nil' do
      let(:no_key_token) { ::JWT.encode(payload, nil, 'HS512') }
      it 'raises JWT::DecodeError' do
@@ -24,9 +26,11 @@ Last-Update: 2022-11-30
        expect { ::JWT.decode(no_key_token, nil, true, algorithms: 'HS512') }.to raise_error(JWT::DecodeError, 'No verification key available')
      end
    end
---- a/spec/integration/readme_examples_spec.rb
-+++ b/spec/integration/readme_examples_spec.rb
-@@ -29,7 +29,7 @@
+Index: ruby-jwt.git/spec/integration/readme_examples_spec.rb
+===================================================================
+--- ruby-jwt.git.orig/spec/integration/readme_examples_spec.rb
++++ ruby-jwt.git/spec/integration/readme_examples_spec.rb
+@@ -29,7 +29,7 @@ RSpec.describe 'README.md code test' do
      end
  
      it 'decodes with HMAC algorithm without secret key' do
diff --git a/lib/jwt/algos.rb b/lib/jwt/algos.rb
index c78281e..96f71b6 100644
--- a/lib/jwt/algos.rb
+++ b/lib/jwt/algos.rb
@@ -7,7 +7,6 @@ rescue LoadError
 end
 require 'openssl'
 
-require 'jwt/security_utils'
 require 'jwt/algos/hmac'
 require 'jwt/algos/eddsa'
 require 'jwt/algos/ecdsa'
diff --git a/lib/jwt/algos/algo_wrapper.rb b/lib/jwt/algos/algo_wrapper.rb
index caf823e..e4fa072 100644
--- a/lib/jwt/algos/algo_wrapper.rb
+++ b/lib/jwt/algos/algo_wrapper.rb
@@ -11,7 +11,7 @@ module JWT
       end
 
       def valid_alg?(alg_to_check)
-        alg.casecmp(alg_to_check)&.zero? == true
+        alg&.casecmp(alg_to_check)&.zero? == true
       end
 
       def sign(data:, signing_key:)
@@ -20,10 +20,6 @@ module JWT
 
       def verify(data:, signature:, verification_key:)
         cls.verify(alg, verification_key, data, signature)
-      rescue OpenSSL::PKey::PKeyError # These should be moved to the algorithms that actually need this, but left here to ensure nothing will break.
-        raise JWT::VerificationError, 'Signature verification raised'
-      ensure
-        OpenSSL.errors.clear
       end
     end
   end
diff --git a/lib/jwt/algos/ecdsa.rb b/lib/jwt/algos/ecdsa.rb
index ea154bd..86c1611 100644
--- a/lib/jwt/algos/ecdsa.rb
+++ b/lib/jwt/algos/ecdsa.rb
@@ -38,7 +38,7 @@ module JWT
         end
 
         digest = OpenSSL::Digest.new(curve_definition[:digest])
-        SecurityUtils.asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
+        asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
       end
 
       def verify(algorithm, public_key, signing_input, signature)
@@ -49,7 +49,9 @@ module JWT
         end
 
         digest = OpenSSL::Digest.new(curve_definition[:digest])
-        public_key.dsa_verify_asn1(digest.digest(signing_input), SecurityUtils.raw_to_asn1(signature, public_key))
+        public_key.dsa_verify_asn1(digest.digest(signing_input), raw_to_asn1(signature, public_key))
+      rescue OpenSSL::PKey::PKeyError
+        raise JWT::VerificationError, 'Signature verification raised'
       end
 
       def curve_by_name(name)
@@ -57,6 +59,18 @@ module JWT
           raise UnsupportedEcdsaCurve, "The ECDSA curve '#{name}' is not supported"
         end
       end
+
+      def raw_to_asn1(signature, private_key)
+        byte_size = (private_key.group.degree + 7) / 8
+        sig_bytes = signature[0..(byte_size - 1)]
+        sig_char = signature[byte_size..-1] || ''
+        OpenSSL::ASN1::Sequence.new([sig_bytes, sig_char].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
+      end
+
+      def asn1_to_raw(signature, public_key)
+        byte_size = (public_key.group.degree + 7) / 8
+        OpenSSL::ASN1.decode(signature).value.map { |value| value.value.to_s(2).rjust(byte_size, "\x00") }.join
+      end
     end
   end
 end
diff --git a/lib/jwt/algos/hmac_rbnacl.rb b/lib/jwt/algos/hmac_rbnacl.rb
index 039850e..d6b0370 100644
--- a/lib/jwt/algos/hmac_rbnacl.rb
+++ b/lib/jwt/algos/hmac_rbnacl.rb
@@ -28,7 +28,7 @@ module JWT
         else
           Hmac.verify(algorithm, key, signing_input, signature)
         end
-      rescue ::RbNaCl::BadAuthenticatorError
+      rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError
         false
       end
 
diff --git a/lib/jwt/algos/hmac_rbnacl_fixed.rb b/lib/jwt/algos/hmac_rbnacl_fixed.rb
index a156cf9..386ddd8 100644
--- a/lib/jwt/algos/hmac_rbnacl_fixed.rb
+++ b/lib/jwt/algos/hmac_rbnacl_fixed.rb
@@ -36,7 +36,7 @@ module JWT
         else
           Hmac.verify(algorithm, key, signing_input, signature)
         end
-      rescue ::RbNaCl::BadAuthenticatorError
+      rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError
         false
       end
 
diff --git a/lib/jwt/algos/ps.rb b/lib/jwt/algos/ps.rb
index a30c326..1163932 100644
--- a/lib/jwt/algos/ps.rb
+++ b/lib/jwt/algos/ps.rb
@@ -12,9 +12,7 @@ module JWT
       def sign(algorithm, msg, key)
         require_openssl!
 
-        key_class = key.class
-
-        raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key_class == String
+        raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key.is_a?(String)
 
         translated_algorithm = algorithm.sub('PS', 'sha')
 
@@ -23,8 +21,10 @@ module JWT
 
       def verify(algorithm, public_key, signing_input, signature)
         require_openssl!
-
-        SecurityUtils.verify_ps(algorithm, public_key, signing_input, signature)
+        translated_algorithm = algorithm.sub('PS', 'sha')
+        public_key.verify_pss(translated_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: translated_algorithm)
+      rescue OpenSSL::PKey::PKeyError
+        raise JWT::VerificationError, 'Signature verification raised'
       end
 
       def require_openssl!
diff --git a/lib/jwt/algos/rsa.rb b/lib/jwt/algos/rsa.rb
index e7e54da..2b792d6 100644
--- a/lib/jwt/algos/rsa.rb
+++ b/lib/jwt/algos/rsa.rb
@@ -14,7 +14,9 @@ module JWT
       end
 
       def verify(algorithm, public_key, signing_input, signature)
-        SecurityUtils.verify_rsa(algorithm, public_key, signing_input, signature)
+        public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)
+      rescue OpenSSL::PKey::PKeyError
+        raise JWT::VerificationError, 'Signature verification raised'
       end
     end
   end
diff --git a/lib/jwt/security_utils.rb b/lib/jwt/security_utils.rb
deleted file mode 100644
index 1cfc548..0000000
--- a/lib/jwt/security_utils.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module JWT
-  # Collection of security methods
-  #
-  # @see: https://github.com/rails/rails/blob/master/activesupport/lib/active_support/security_utils.rb
-  module SecurityUtils
-    module_function
-
-    def verify_rsa(algorithm, public_key, signing_input, signature)
-      public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)
-    end
-
-    def verify_ps(algorithm, public_key, signing_input, signature)
-      formatted_algorithm = algorithm.sub('PS', 'sha')
-
-      public_key.verify_pss(formatted_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: formatted_algorithm)
-    end
-
-    def asn1_to_raw(signature, public_key)
-      byte_size = (public_key.group.degree + 7) / 8
-      OpenSSL::ASN1.decode(signature).value.map { |value| value.value.to_s(2).rjust(byte_size, "\x00") }.join
-    end
-
-    def raw_to_asn1(signature, private_key)
-      byte_size = (private_key.group.degree + 7) / 8
-      sig_bytes = signature[0..(byte_size - 1)]
-      sig_char = signature[byte_size..-1] || ''
-      OpenSSL::ASN1::Sequence.new([sig_bytes, sig_char].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
-    end
-  end
-end
diff --git a/lib/jwt/version.rb b/lib/jwt/version.rb
index 556520b..d396b6c 100644
--- a/lib/jwt/version.rb
+++ b/lib/jwt/version.rb
@@ -13,7 +13,7 @@ module JWT
     # minor version
     MINOR = 7
     # tiny version
-    TINY  = 0
+    TINY  = 1
     # alpha, beta, etc. tag
     PRE   = nil
 
diff --git a/spec/jwk/decode_with_jwk_spec.rb b/spec/jwk/decode_with_jwk_spec.rb
index ac2f0f1..686d224 100644
--- a/spec/jwk/decode_with_jwk_spec.rb
+++ b/spec/jwk/decode_with_jwk_spec.rb
@@ -138,7 +138,7 @@ RSpec.describe JWT do
 
         it 'fails in some way' do
           expect { described_class.decode(signed_token, nil, true, algorithms: [algorithm], jwks: jwks) }.to(
-            raise_error(NoMethodError, /undefined method `verify' for "secret":String/)
+            raise_error(NoMethodError, /undefined method `verify' for/)
           )
         end
       end
@@ -148,7 +148,7 @@ RSpec.describe JWT do
 
         it 'fails in some way' do
           expect { described_class.decode(signed_token, nil, true, algorithms: ['ES384'], jwks: jwks) }.to(
-            raise_error(NoMethodError, /undefined method `group' for "secret":String/)
+            raise_error(NoMethodError, /undefined method `group' for/)
           )
         end
       end
diff --git a/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb b/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
index 5ebef78..5609884 100644
--- a/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
+++ b/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
@@ -30,6 +30,17 @@ RSpec.describe '::JWT::Algos::HmacRbNaClFixed' do
         expect(OpenSSL::HMAC).to have_received(:digest).once
       end
     end
+
+    context 'when signature is invalid' do
+      let(:key) { 'a' * 100 }
+      let(:signature) { JWT::Base64.url_decode('some_random_signature') }
+
+      it 'can verify without error' do
+        allow(OpenSSL::HMAC).to receive(:digest).and_call_original
+        expect(described_class.verify('HS256', key, data, signature)).to eq(false)
+        expect(OpenSSL::HMAC).not_to have_received(:digest)
+      end
+    end
   end
 
   describe '.sign' do
diff --git a/spec/jwt/algos/hmac_rbnacl_spec.rb b/spec/jwt/algos/hmac_rbnacl_spec.rb
index e6a26d3..3b013d0 100644
--- a/spec/jwt/algos/hmac_rbnacl_spec.rb
+++ b/spec/jwt/algos/hmac_rbnacl_spec.rb
@@ -30,6 +30,17 @@ RSpec.describe '::JWT::Algos::HmacRbNaCl' do
         expect(OpenSSL::HMAC).not_to have_received(:digest)
       end
     end
+
+    context 'when signature is invalid' do
+      let(:key) { 'a' * 100 }
+      let(:signature) { JWT::Base64.url_decode('some_random_signature') }
+
+      it 'can verify without error' do
+        allow(OpenSSL::HMAC).to receive(:digest).and_call_original
+        expect(described_class.verify('HS256', key, data, signature)).to eq(false)
+        expect(OpenSSL::HMAC).not_to have_received(:digest)
+      end
+    end
   end
 
   describe '.sign' do
diff --git a/spec/jwt_spec.rb b/spec/jwt_spec.rb
index 9f3eab5..6ed9968 100644
--- a/spec/jwt_spec.rb
+++ b/spec/jwt_spec.rb
@@ -838,6 +838,14 @@ RSpec.describe JWT do
     end
   end
 
+  context 'when the alg is invalid' do
+    let(:token) { 'eyJhbGciOiJIUzI1NiJ9.eyJwYXkiOiJsb2FkIn0.ZpAhTTtuo-CmbgT6-95NaM_wFckKeyI157baZ29H41o' }
+
+    it 'raises JWT::IncorrectAlgorithm error' do
+      expect { JWT.decode(token, 'secret', true, algorithm: 'invalid-HS256') }.to raise_error(JWT::IncorrectAlgorithm, 'Expected a different algorithm')
+    end
+  end
+
   context 'when algorithm is a custom class' do
     let(:custom_algorithm) do
       Class.new do

Debdiff

[The following lists of changes regard files as different if they have different names, permissions or owners.]

Files in second set of .debs but not in first

-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/algo_wrapper.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/ecdsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/eddsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/hmac.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/hmac_rbnacl.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/hmac_rbnacl_fixed.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/none.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/ps.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/rsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/unsupported.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/base64.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/claims_validator.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration/container.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration/decode_configuration.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration/jwk_configuration.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/decode.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/encode.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/error.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/json.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/ec.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/hmac.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/key_base.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/key_finder.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/kid_as_key_digest.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/okp_rbnacl.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/rsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/set.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/thumbprint.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/verify.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/version.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/x5c_key_finder.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/specifications/jwt-2.7.1.gemspec

Files in first set of .debs but not in second

-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/algo_wrapper.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/ecdsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/eddsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/hmac.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/hmac_rbnacl.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/hmac_rbnacl_fixed.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/none.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/ps.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/rsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/unsupported.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/base64.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/claims_validator.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration/container.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration/decode_configuration.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration/jwk_configuration.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/decode.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/encode.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/error.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/json.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/ec.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/hmac.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/key_base.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/key_finder.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/kid_as_key_digest.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/okp_rbnacl.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/rsa.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/set.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/thumbprint.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/security_utils.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/verify.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/version.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/x5c_key_finder.rb
-rw-r--r--  root/root   /usr/share/rubygems-integration/all/specifications/jwt-2.7.0.gemspec

No differences were encountered in the control files

More details

Full run details

© 2018-2023 Jelmer Vernooij. File a bug. Source code. Published under the GNU GPLv2 or later.