Meet SourceLevel, your automatic code reviewer

SourceLevel does continuous static analysis of your GitHub repositories and delivers it straight to your Pull Requests

Get started for free

Great, lib/jwt/security_utils.rb does not have any issues!

Go to line 1
module JWT
Go to line 2
  # Collection of security methods
Go to line 4
  # @see: https://github.com/rails/rails/blob/master/activesupport/lib/active_support/security_utils.rb
Go to line 5
  module SecurityUtils
Go to line 6
    module_function
Go to line 8
    def secure_compare(left, right)
Go to line 9
      left_bytesize = left.bytesize
Go to line 11
      return false unless left_bytesize == right.bytesize
Go to line 13
      unpacked_left = left.unpack "C#{left_bytesize}"
Go to line 14
      result = 0
Go to line 15
      right.each_byte { |byte| result |= byte ^ unpacked_left.shift }
Go to line 16
      result.zero?
Go to line 19
    def verify_rsa(algorithm, public_key, signing_input, signature)
Go to line 20
      public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)
Go to line 23
    def verify_ps(algorithm, public_key, signing_input, signature)
Go to line 24
      formatted_algorithm = algorithm.sub('PS', 'sha')
Go to line 26
      public_key.verify_pss(formatted_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: formatted_algorithm)
Go to line 29
    def asn1_to_raw(signature, public_key)
Go to line 30
      byte_size = (public_key.group.degree + 7) / 8
Go to line 31
      OpenSSL::ASN1.decode(signature).value.map { |value| value.value.to_s(2).rjust(byte_size, "\x00") }.join
Go to line 34
    def raw_to_asn1(signature, private_key)
Go to line 35
      byte_size = (private_key.group.degree + 7) / 8
Go to line 36
      sig_bytes = signature[0..(byte_size - 1)]
Go to line 37
      sig_char = signature[byte_size..-1] || ''
Go to line 38
      OpenSSL::ASN1::Sequence.new([sig_bytes, sig_char].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
Go to line 41
    def rbnacl_fixup(algorithm, key)
Go to line 42
      algorithm = algorithm.sub('HS', 'SHA').to_sym
Go to line 44
      return [] unless defined?(RbNaCl) && RbNaCl::HMAC.constants(false).include?(algorithm)
Go to line 46
      authenticator = RbNaCl::HMAC.const_get(algorithm)
Go to line 48
      # Fall back to OpenSSL for keys larger than 32 bytes.
Go to line 49
      return [] if key.bytesize > authenticator.key_bytes
Go to line 52
        authenticator,
Go to line 53
        key.bytes.fill(0, key.bytesize...authenticator.key_bytes).pack('C*')