github.com/aarzilli/tools@v0.0.0-20151123112009-0d27094f75e0/appengine/login/googlesignin/jwt-go/rsa_pss_test.go (about) 1 // +build go1.4 2 3 package jwt_test 4 5 import ( 6 "crypto/rsa" 7 "io/ioutil" 8 "strings" 9 "testing" 10 11 "github.com/dgrijalva/jwt-go" 12 ) 13 14 var rsaPSSTestData = []struct { 15 name string 16 tokenString string 17 alg string 18 claims map[string]interface{} 19 valid bool 20 }{ 21 { 22 "Basic PS256", 23 "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.PPG4xyDVY8ffp4CcxofNmsTDXsrVG2npdQuibLhJbv4ClyPTUtR5giNSvuxo03kB6I8VXVr0Y9X7UxhJVEoJOmULAwRWaUsDnIewQa101cVhMa6iR8X37kfFoiZ6NkS-c7henVkkQWu2HtotkEtQvN5hFlk8IevXXPmvZlhQhwzB1sGzGYnoi1zOfuL98d3BIjUjtlwii5w6gYG2AEEzp7HnHCsb3jIwUPdq86Oe6hIFjtBwduIK90ca4UqzARpcfwxHwVLMpatKask00AgGVI0ysdk0BLMjmLutquD03XbThHScC2C2_Pp4cHWgMzvbgLU2RYYZcZRKr46QeNgz9w", 24 "PS256", 25 map[string]interface{}{"foo": "bar"}, 26 true, 27 }, 28 { 29 "Basic PS384", 30 "eyJhbGciOiJQUzM4NCIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.w7-qqgj97gK4fJsq_DCqdYQiylJjzWONvD0qWWWhqEOFk2P1eDULPnqHRnjgTXoO4HAw4YIWCsZPet7nR3Xxq4ZhMqvKW8b7KlfRTb9cH8zqFvzMmybQ4jv2hKc3bXYqVow3AoR7hN_CWXI3Dv6Kd2X5xhtxRHI6IL39oTVDUQ74LACe-9t4c3QRPuj6Pq1H4FAT2E2kW_0KOc6EQhCLWEhm2Z2__OZskDC8AiPpP8Kv4k2vB7l0IKQu8Pr4RcNBlqJdq8dA5D3hk5TLxP8V5nG1Ib80MOMMqoS3FQvSLyolFX-R_jZ3-zfq6Ebsqr0yEb0AH2CfsECF7935Pa0FKQ", 31 "PS384", 32 map[string]interface{}{"foo": "bar"}, 33 true, 34 }, 35 { 36 "Basic PS512", 37 "eyJhbGciOiJQUzUxMiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.GX1HWGzFaJevuSLavqqFYaW8_TpvcjQ8KfC5fXiSDzSiT9UD9nB_ikSmDNyDILNdtjZLSvVKfXxZJqCfefxAtiozEDDdJthZ-F0uO4SPFHlGiXszvKeodh7BuTWRI2wL9-ZO4mFa8nq3GMeQAfo9cx11i7nfN8n2YNQ9SHGovG7_T_AvaMZB_jT6jkDHpwGR9mz7x1sycckEo6teLdHRnH_ZdlHlxqknmyTu8Odr5Xh0sJFOL8BepWbbvIIn-P161rRHHiDWFv6nhlHwZnVzjx7HQrWSGb6-s2cdLie9QL_8XaMcUpjLkfOMKkDOfHo6AvpL7Jbwi83Z2ZTHjJWB-A", 38 "PS512", 39 map[string]interface{}{"foo": "bar"}, 40 true, 41 }, 42 { 43 "basic PS256 invalid: foo => bar", 44 "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.PPG4xyDVY8ffp4CcxofNmsTDXsrVG2npdQuibLhJbv4ClyPTUtR5giNSvuxo03kB6I8VXVr0Y9X7UxhJVEoJOmULAwRWaUsDnIewQa101cVhMa6iR8X37kfFoiZ6NkS-c7henVkkQWu2HtotkEtQvN5hFlk8IevXXPmvZlhQhwzB1sGzGYnoi1zOfuL98d3BIjUjtlwii5w6gYG2AEEzp7HnHCsb3jIwUPdq86Oe6hIFjtBwduIK90ca4UqzARpcfwxHwVLMpatKask00AgGVI0ysdk0BLMjmLutquD03XbThHScC2C2_Pp4cHWgMzvbgLU2RYYZcZRKr46QeNgz9W", 45 "PS256", 46 map[string]interface{}{"foo": "bar"}, 47 false, 48 }, 49 } 50 51 func TestRSAPSSVerify(t *testing.T) { 52 var err error 53 54 key, _ := ioutil.ReadFile("test/sample_key.pub") 55 var rsaPSSKey *rsa.PublicKey 56 if rsaPSSKey, err = jwt.ParseRSAPublicKeyFromPEM(key); err != nil { 57 t.Errorf("Unable to parse RSA public key: %v", err) 58 } 59 60 for _, data := range rsaPSSTestData { 61 parts := strings.Split(data.tokenString, ".") 62 63 method := jwt.GetSigningMethod(data.alg) 64 err := method.Verify(strings.Join(parts[0:2], "."), parts[2], rsaPSSKey) 65 if data.valid && err != nil { 66 t.Errorf("[%v] Error while verifying key: %v", data.name, err) 67 } 68 if !data.valid && err == nil { 69 t.Errorf("[%v] Invalid key passed validation", data.name) 70 } 71 } 72 } 73 74 func TestRSAPSSSign(t *testing.T) { 75 var err error 76 77 key, _ := ioutil.ReadFile("test/sample_key") 78 var rsaPSSKey *rsa.PrivateKey 79 if rsaPSSKey, err = jwt.ParseRSAPrivateKeyFromPEM(key); err != nil { 80 t.Errorf("Unable to parse RSA private key: %v", err) 81 } 82 83 for _, data := range rsaPSSTestData { 84 if data.valid { 85 parts := strings.Split(data.tokenString, ".") 86 method := jwt.GetSigningMethod(data.alg) 87 sig, err := method.Sign(strings.Join(parts[0:2], "."), rsaPSSKey) 88 if err != nil { 89 t.Errorf("[%v] Error signing token: %v", data.name, err) 90 } 91 if sig == parts[2] { 92 t.Errorf("[%v] Signatures shouldn't match\nnew:\n%v\noriginal:\n%v", data.name, sig, parts[2]) 93 } 94 } 95 } 96 }