New Upstream Release - ruby-jwt
Ready changes
Summary
Merged new upstream version: 2.7.1 (was: 2.7.0).
Resulting package
Built on 2023-06-26T13:17 (took 7m0s)
The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:
apt install -t fresh-releases ruby-jwt
Lintian Result
Diff
diff --git a/CHANGELOG.md b/CHANGELOG.md
index fec3c8a..bdc71bd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,14 @@
# Changelog
+## [v2.7.1](https://github.com/jwt/ruby-jwt/tree/v2.8.0) (2023-06-09)
+
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.7.0...v2.8.0)
+
+**Fixes and enhancements:**
+
+- Handle invalid algorithm when decoding JWT [#559](https://github.com/jwt/ruby-jwt/pull/559) - [@nataliastanko](https://github.com/nataliastanko)
+- Do not raise error when verifying bad HMAC signature [#563](https://github.com/jwt/ruby-jwt/pull/563) - [@hieuk09](https://github.com/hieuk09)
+
## [v2.7.0](https://github.com/jwt/ruby-jwt/tree/v2.7.0) (2023-02-01)
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.6.0...v2.7.0)
diff --git a/README.md b/README.md
index 4ebf0e7..2c3a225 100644
--- a/README.md
+++ b/README.md
@@ -602,7 +602,7 @@ If the requested `kid` is not found from the given set the loader will be called
The application can choose to implement some kind of JWK cache invalidation or other mechanism to handle such cases.
Tokens without a specified `kid` are rejected by default.
-This behaviour may be overwritten by setting the `allow_nil_jwks` option for `decode` to `true`.
+This behaviour may be overwritten by setting the `allow_nil_kid` option for `decode` to `true`.
```ruby
jwks_loader = ->(options) do
diff --git a/debian/changelog b/debian/changelog
index c68ed27..365262c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ruby-jwt (2.7.1-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+
+ -- Debian Janitor <janitor@jelmer.uk> Mon, 26 Jun 2023 13:10:59 -0000
+
ruby-jwt (2.7.0-2) unstable; urgency=medium
* Reupload to unstable
diff --git a/debian/patches/no-pending-tests.patch b/debian/patches/no-pending-tests.patch
index 65de734..254ebbe 100644
--- a/debian/patches/no-pending-tests.patch
+++ b/debian/patches/no-pending-tests.patch
@@ -4,9 +4,11 @@ Forwarded: not needed
Author: Cédric Boutillier <boutil@debian.org>
Last-Update: 2022-11-30
---- a/spec/jwt_spec.rb
-+++ b/spec/jwt_spec.rb
-@@ -631,7 +631,7 @@
+Index: ruby-jwt.git/spec/jwt_spec.rb
+===================================================================
+--- ruby-jwt.git.orig/spec/jwt_spec.rb
++++ ruby-jwt.git/spec/jwt_spec.rb
+@@ -631,7 +631,7 @@ RSpec.describe JWT do
context 'when hmac algorithm is used without secret key' do
it 'encodes payload' do
@@ -15,7 +17,7 @@ Last-Update: 2022-11-30
payload = { a: 1, b: 'b' }
token = JWT.encode(payload, '', 'HS256')
-@@ -762,7 +762,7 @@
+@@ -762,7 +762,7 @@ RSpec.describe JWT do
describe 'when token signed with nil and decoded with nil' do
let(:no_key_token) { ::JWT.encode(payload, nil, 'HS512') }
it 'raises JWT::DecodeError' do
@@ -24,9 +26,11 @@ Last-Update: 2022-11-30
expect { ::JWT.decode(no_key_token, nil, true, algorithms: 'HS512') }.to raise_error(JWT::DecodeError, 'No verification key available')
end
end
---- a/spec/integration/readme_examples_spec.rb
-+++ b/spec/integration/readme_examples_spec.rb
-@@ -29,7 +29,7 @@
+Index: ruby-jwt.git/spec/integration/readme_examples_spec.rb
+===================================================================
+--- ruby-jwt.git.orig/spec/integration/readme_examples_spec.rb
++++ ruby-jwt.git/spec/integration/readme_examples_spec.rb
+@@ -29,7 +29,7 @@ RSpec.describe 'README.md code test' do
end
it 'decodes with HMAC algorithm without secret key' do
diff --git a/lib/jwt/algos.rb b/lib/jwt/algos.rb
index c78281e..96f71b6 100644
--- a/lib/jwt/algos.rb
+++ b/lib/jwt/algos.rb
@@ -7,7 +7,6 @@ rescue LoadError
end
require 'openssl'
-require 'jwt/security_utils'
require 'jwt/algos/hmac'
require 'jwt/algos/eddsa'
require 'jwt/algos/ecdsa'
diff --git a/lib/jwt/algos/algo_wrapper.rb b/lib/jwt/algos/algo_wrapper.rb
index caf823e..e4fa072 100644
--- a/lib/jwt/algos/algo_wrapper.rb
+++ b/lib/jwt/algos/algo_wrapper.rb
@@ -11,7 +11,7 @@ module JWT
end
def valid_alg?(alg_to_check)
- alg.casecmp(alg_to_check)&.zero? == true
+ alg&.casecmp(alg_to_check)&.zero? == true
end
def sign(data:, signing_key:)
@@ -20,10 +20,6 @@ module JWT
def verify(data:, signature:, verification_key:)
cls.verify(alg, verification_key, data, signature)
- rescue OpenSSL::PKey::PKeyError # These should be moved to the algorithms that actually need this, but left here to ensure nothing will break.
- raise JWT::VerificationError, 'Signature verification raised'
- ensure
- OpenSSL.errors.clear
end
end
end
diff --git a/lib/jwt/algos/ecdsa.rb b/lib/jwt/algos/ecdsa.rb
index ea154bd..86c1611 100644
--- a/lib/jwt/algos/ecdsa.rb
+++ b/lib/jwt/algos/ecdsa.rb
@@ -38,7 +38,7 @@ module JWT
end
digest = OpenSSL::Digest.new(curve_definition[:digest])
- SecurityUtils.asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
+ asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
end
def verify(algorithm, public_key, signing_input, signature)
@@ -49,7 +49,9 @@ module JWT
end
digest = OpenSSL::Digest.new(curve_definition[:digest])
- public_key.dsa_verify_asn1(digest.digest(signing_input), SecurityUtils.raw_to_asn1(signature, public_key))
+ public_key.dsa_verify_asn1(digest.digest(signing_input), raw_to_asn1(signature, public_key))
+ rescue OpenSSL::PKey::PKeyError
+ raise JWT::VerificationError, 'Signature verification raised'
end
def curve_by_name(name)
@@ -57,6 +59,18 @@ module JWT
raise UnsupportedEcdsaCurve, "The ECDSA curve '#{name}' is not supported"
end
end
+
+ def raw_to_asn1(signature, private_key)
+ byte_size = (private_key.group.degree + 7) / 8
+ sig_bytes = signature[0..(byte_size - 1)]
+ sig_char = signature[byte_size..-1] || ''
+ OpenSSL::ASN1::Sequence.new([sig_bytes, sig_char].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
+ end
+
+ def asn1_to_raw(signature, public_key)
+ byte_size = (public_key.group.degree + 7) / 8
+ OpenSSL::ASN1.decode(signature).value.map { |value| value.value.to_s(2).rjust(byte_size, "\x00") }.join
+ end
end
end
end
diff --git a/lib/jwt/algos/hmac_rbnacl.rb b/lib/jwt/algos/hmac_rbnacl.rb
index 039850e..d6b0370 100644
--- a/lib/jwt/algos/hmac_rbnacl.rb
+++ b/lib/jwt/algos/hmac_rbnacl.rb
@@ -28,7 +28,7 @@ module JWT
else
Hmac.verify(algorithm, key, signing_input, signature)
end
- rescue ::RbNaCl::BadAuthenticatorError
+ rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError
false
end
diff --git a/lib/jwt/algos/hmac_rbnacl_fixed.rb b/lib/jwt/algos/hmac_rbnacl_fixed.rb
index a156cf9..386ddd8 100644
--- a/lib/jwt/algos/hmac_rbnacl_fixed.rb
+++ b/lib/jwt/algos/hmac_rbnacl_fixed.rb
@@ -36,7 +36,7 @@ module JWT
else
Hmac.verify(algorithm, key, signing_input, signature)
end
- rescue ::RbNaCl::BadAuthenticatorError
+ rescue ::RbNaCl::BadAuthenticatorError, ::RbNaCl::LengthError
false
end
diff --git a/lib/jwt/algos/ps.rb b/lib/jwt/algos/ps.rb
index a30c326..1163932 100644
--- a/lib/jwt/algos/ps.rb
+++ b/lib/jwt/algos/ps.rb
@@ -12,9 +12,7 @@ module JWT
def sign(algorithm, msg, key)
require_openssl!
- key_class = key.class
-
- raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key_class == String
+ raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key.is_a?(String)
translated_algorithm = algorithm.sub('PS', 'sha')
@@ -23,8 +21,10 @@ module JWT
def verify(algorithm, public_key, signing_input, signature)
require_openssl!
-
- SecurityUtils.verify_ps(algorithm, public_key, signing_input, signature)
+ translated_algorithm = algorithm.sub('PS', 'sha')
+ public_key.verify_pss(translated_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: translated_algorithm)
+ rescue OpenSSL::PKey::PKeyError
+ raise JWT::VerificationError, 'Signature verification raised'
end
def require_openssl!
diff --git a/lib/jwt/algos/rsa.rb b/lib/jwt/algos/rsa.rb
index e7e54da..2b792d6 100644
--- a/lib/jwt/algos/rsa.rb
+++ b/lib/jwt/algos/rsa.rb
@@ -14,7 +14,9 @@ module JWT
end
def verify(algorithm, public_key, signing_input, signature)
- SecurityUtils.verify_rsa(algorithm, public_key, signing_input, signature)
+ public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)
+ rescue OpenSSL::PKey::PKeyError
+ raise JWT::VerificationError, 'Signature verification raised'
end
end
end
diff --git a/lib/jwt/security_utils.rb b/lib/jwt/security_utils.rb
deleted file mode 100644
index 1cfc548..0000000
--- a/lib/jwt/security_utils.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module JWT
- # Collection of security methods
- #
- # @see: https://github.com/rails/rails/blob/master/activesupport/lib/active_support/security_utils.rb
- module SecurityUtils
- module_function
-
- def verify_rsa(algorithm, public_key, signing_input, signature)
- public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)
- end
-
- def verify_ps(algorithm, public_key, signing_input, signature)
- formatted_algorithm = algorithm.sub('PS', 'sha')
-
- public_key.verify_pss(formatted_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: formatted_algorithm)
- end
-
- def asn1_to_raw(signature, public_key)
- byte_size = (public_key.group.degree + 7) / 8
- OpenSSL::ASN1.decode(signature).value.map { |value| value.value.to_s(2).rjust(byte_size, "\x00") }.join
- end
-
- def raw_to_asn1(signature, private_key)
- byte_size = (private_key.group.degree + 7) / 8
- sig_bytes = signature[0..(byte_size - 1)]
- sig_char = signature[byte_size..-1] || ''
- OpenSSL::ASN1::Sequence.new([sig_bytes, sig_char].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
- end
- end
-end
diff --git a/lib/jwt/version.rb b/lib/jwt/version.rb
index 556520b..d396b6c 100644
--- a/lib/jwt/version.rb
+++ b/lib/jwt/version.rb
@@ -13,7 +13,7 @@ module JWT
# minor version
MINOR = 7
# tiny version
- TINY = 0
+ TINY = 1
# alpha, beta, etc. tag
PRE = nil
diff --git a/spec/jwk/decode_with_jwk_spec.rb b/spec/jwk/decode_with_jwk_spec.rb
index ac2f0f1..686d224 100644
--- a/spec/jwk/decode_with_jwk_spec.rb
+++ b/spec/jwk/decode_with_jwk_spec.rb
@@ -138,7 +138,7 @@ RSpec.describe JWT do
it 'fails in some way' do
expect { described_class.decode(signed_token, nil, true, algorithms: [algorithm], jwks: jwks) }.to(
- raise_error(NoMethodError, /undefined method `verify' for "secret":String/)
+ raise_error(NoMethodError, /undefined method `verify' for/)
)
end
end
@@ -148,7 +148,7 @@ RSpec.describe JWT do
it 'fails in some way' do
expect { described_class.decode(signed_token, nil, true, algorithms: ['ES384'], jwks: jwks) }.to(
- raise_error(NoMethodError, /undefined method `group' for "secret":String/)
+ raise_error(NoMethodError, /undefined method `group' for/)
)
end
end
diff --git a/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb b/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
index 5ebef78..5609884 100644
--- a/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
+++ b/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
@@ -30,6 +30,17 @@ RSpec.describe '::JWT::Algos::HmacRbNaClFixed' do
expect(OpenSSL::HMAC).to have_received(:digest).once
end
end
+
+ context 'when signature is invalid' do
+ let(:key) { 'a' * 100 }
+ let(:signature) { JWT::Base64.url_decode('some_random_signature') }
+
+ it 'can verify without error' do
+ allow(OpenSSL::HMAC).to receive(:digest).and_call_original
+ expect(described_class.verify('HS256', key, data, signature)).to eq(false)
+ expect(OpenSSL::HMAC).not_to have_received(:digest)
+ end
+ end
end
describe '.sign' do
diff --git a/spec/jwt/algos/hmac_rbnacl_spec.rb b/spec/jwt/algos/hmac_rbnacl_spec.rb
index e6a26d3..3b013d0 100644
--- a/spec/jwt/algos/hmac_rbnacl_spec.rb
+++ b/spec/jwt/algos/hmac_rbnacl_spec.rb
@@ -30,6 +30,17 @@ RSpec.describe '::JWT::Algos::HmacRbNaCl' do
expect(OpenSSL::HMAC).not_to have_received(:digest)
end
end
+
+ context 'when signature is invalid' do
+ let(:key) { 'a' * 100 }
+ let(:signature) { JWT::Base64.url_decode('some_random_signature') }
+
+ it 'can verify without error' do
+ allow(OpenSSL::HMAC).to receive(:digest).and_call_original
+ expect(described_class.verify('HS256', key, data, signature)).to eq(false)
+ expect(OpenSSL::HMAC).not_to have_received(:digest)
+ end
+ end
end
describe '.sign' do
diff --git a/spec/jwt_spec.rb b/spec/jwt_spec.rb
index 9f3eab5..6ed9968 100644
--- a/spec/jwt_spec.rb
+++ b/spec/jwt_spec.rb
@@ -838,6 +838,14 @@ RSpec.describe JWT do
end
end
+ context 'when the alg is invalid' do
+ let(:token) { 'eyJhbGciOiJIUzI1NiJ9.eyJwYXkiOiJsb2FkIn0.ZpAhTTtuo-CmbgT6-95NaM_wFckKeyI157baZ29H41o' }
+
+ it 'raises JWT::IncorrectAlgorithm error' do
+ expect { JWT.decode(token, 'secret', true, algorithm: 'invalid-HS256') }.to raise_error(JWT::IncorrectAlgorithm, 'Expected a different algorithm')
+ end
+ end
+
context 'when algorithm is a custom class' do
let(:custom_algorithm) do
Class.new do
Debdiff
[The following lists of changes regard files as different if they have different names, permissions or owners.]
Files in second set of .debs but not in first
-rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/algo_wrapper.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/ecdsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/eddsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/hmac.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/hmac_rbnacl.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/hmac_rbnacl_fixed.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/none.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/ps.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/rsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/algos/unsupported.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/base64.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/claims_validator.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration/container.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration/decode_configuration.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/configuration/jwk_configuration.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/decode.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/encode.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/error.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/json.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/ec.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/hmac.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/key_base.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/key_finder.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/kid_as_key_digest.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/okp_rbnacl.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/rsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/set.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/jwk/thumbprint.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/verify.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/version.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.1/lib/jwt/x5c_key_finder.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/specifications/jwt-2.7.1.gemspec
Files in first set of .debs but not in second
-rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/algo_wrapper.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/ecdsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/eddsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/hmac.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/hmac_rbnacl.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/hmac_rbnacl_fixed.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/none.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/ps.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/rsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/algos/unsupported.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/base64.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/claims_validator.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration/container.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration/decode_configuration.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/configuration/jwk_configuration.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/decode.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/encode.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/error.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/json.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/ec.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/hmac.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/key_base.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/key_finder.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/kid_as_key_digest.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/okp_rbnacl.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/rsa.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/set.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/jwk/thumbprint.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/security_utils.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/verify.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/version.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/gems/jwt-2.7.0/lib/jwt/x5c_key_finder.rb -rw-r--r-- root/root /usr/share/rubygems-integration/all/specifications/jwt-2.7.0.gemspec
No differences were encountered in the control files