github.com/aarzilli/tools@v0.0.0-20151123112009-0d27094f75e0/appengine/login/googlesignin/jwt-go/ecdsa_test.go (about) 1 package jwt_test 2 3 import ( 4 "crypto/ecdsa" 5 "io/ioutil" 6 "strings" 7 "testing" 8 9 "github.com/dgrijalva/jwt-go" 10 ) 11 12 var ecdsaTestData = []struct { 13 name string 14 keys map[string]string 15 tokenString string 16 alg string 17 claims map[string]interface{} 18 valid bool 19 }{ 20 { 21 "Basic ES256", 22 map[string]string{"private": "test/ec256-private.pem", "public": "test/ec256-public.pem"}, 23 "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJmb28iOiJiYXIifQ.feG39E-bn8HXAKhzDZq7yEAPWYDhZlwTn3sePJnU9VrGMmwdXAIEyoOnrjreYlVM_Z4N13eK9-TmMTWyfKJtHQ", 24 "ES256", 25 map[string]interface{}{"foo": "bar"}, 26 true, 27 }, 28 { 29 "Basic ES384", 30 map[string]string{"private": "test/ec384-private.pem", "public": "test/ec384-public.pem"}, 31 "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCJ9.eyJmb28iOiJiYXIifQ.ngAfKMbJUh0WWubSIYe5GMsA-aHNKwFbJk_wq3lq23aPp8H2anb1rRILIzVR0gUf4a8WzDtrzmiikuPWyCS6CN4-PwdgTk-5nehC7JXqlaBZU05p3toM3nWCwm_LXcld", 32 "ES384", 33 map[string]interface{}{"foo": "bar"}, 34 true, 35 }, 36 { 37 "Basic ES512", 38 map[string]string{"private": "test/ec512-private.pem", "public": "test/ec512-public.pem"}, 39 "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9.eyJmb28iOiJiYXIifQ.AAU0TvGQOcdg2OvrwY73NHKgfk26UDekh9Prz-L_iWuTBIBqOFCWwwLsRiHB1JOddfKAls5do1W0jR_F30JpVd-6AJeTjGKA4C1A1H6gIKwRY0o_tFDIydZCl_lMBMeG5VNFAjO86-WCSKwc3hqaGkq1MugPRq_qrF9AVbuEB4JPLyL5", 40 "ES512", 41 map[string]interface{}{"foo": "bar"}, 42 true, 43 }, 44 { 45 "basic ES256 invalid: foo => bar", 46 map[string]string{"private": "test/ec256-private.pem", "public": "test/ec256-public.pem"}, 47 "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.MEQCIHoSJnmGlPaVQDqacx_2XlXEhhqtWceVopjomc2PJLtdAiAUTeGPoNYxZw0z8mgOnnIcjoxRuNDVZvybRZF3wR1l8W", 48 "ES256", 49 map[string]interface{}{"foo": "bar"}, 50 false, 51 }, 52 } 53 54 func TestECDSAVerify(t *testing.T) { 55 for _, data := range ecdsaTestData { 56 var err error 57 58 key, _ := ioutil.ReadFile(data.keys["public"]) 59 60 var ecdsaKey *ecdsa.PublicKey 61 if ecdsaKey, err = jwt.ParseECPublicKeyFromPEM(key); err != nil { 62 t.Errorf("Unable to parse ECDSA public key: %v", err) 63 } 64 65 parts := strings.Split(data.tokenString, ".") 66 67 method := jwt.GetSigningMethod(data.alg) 68 err = method.Verify(strings.Join(parts[0:2], "."), parts[2], ecdsaKey) 69 if data.valid && err != nil { 70 t.Errorf("[%v] Error while verifying key: %v", data.name, err) 71 } 72 if !data.valid && err == nil { 73 t.Errorf("[%v] Invalid key passed validation", data.name) 74 } 75 } 76 } 77 78 func TestECDSASign(t *testing.T) { 79 for _, data := range ecdsaTestData { 80 var err error 81 key, _ := ioutil.ReadFile(data.keys["private"]) 82 83 var ecdsaKey *ecdsa.PrivateKey 84 if ecdsaKey, err = jwt.ParseECPrivateKeyFromPEM(key); err != nil { 85 t.Errorf("Unable to parse ECDSA private key: %v", err) 86 } 87 88 if data.valid { 89 parts := strings.Split(data.tokenString, ".") 90 method := jwt.GetSigningMethod(data.alg) 91 sig, err := method.Sign(strings.Join(parts[0:2], "."), ecdsaKey) 92 if err != nil { 93 t.Errorf("[%v] Error signing token: %v", data.name, err) 94 } 95 if sig == parts[2] { 96 t.Errorf("[%v] Identical signatures\nbefore:\n%v\nafter:\n%v", data.name, parts[2], sig) 97 } 98 } 99 } 100 }