github.com/zntrio/harp/v2@v2.0.9/pkg/sdk/value/signature/jws/transformer_test.go (about) 1 // Licensed to Elasticsearch B.V. under one or more contributor 2 // license agreements. See the NOTICE file distributed with 3 // this work for additional information regarding copyright 4 // ownership. Elasticsearch B.V. licenses this file to you under 5 // the Apache License, Version 2.0 (the "License"); you may 6 // not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, 12 // software distributed under the License is distributed on an 13 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 // KIND, either express or implied. See the License for the 15 // specific language governing permissions and limitations 16 // under the License. 17 18 package jws 19 20 import ( 21 "context" 22 "encoding/json" 23 "reflect" 24 "testing" 25 26 "github.com/stretchr/testify/assert" 27 "gopkg.in/square/go-jose.v2" 28 29 "github.com/zntrio/harp/v2/pkg/sdk/value/signature" 30 ) 31 32 // ----------------------------------------------------------------------------- 33 34 var rsa2048PrivateJWK = []byte(`{ 35 "p": "_yLzpupxMheh6-VYntvlZPRFheEezWnr_7Q8dD73WrfXOpU296kw7dLaR4W8uJTscHGphW9qD4iuHCXQ8O7E4CGNk3gLMqnN7RS11WfRyidQ414SHot9DhozxKI02yYlU4nGJvCUvI14Q5E2Yc12BZYMH5oK6HPPrpUDGlEJrl0", 36 "kty": "RSA", 37 "q": "qh8Nc7PqKTfE5STnexTGJfb9D225cXjNFilzQpwyxCcAd7hYdvk2j6X2cNxKTFMZLQBfE90g7ItoEq2bZ3Oe0BixgI7gNVqqkOblKYiJ3je2K06Td1X2MEyC6o55XLpShjRXHK1bCUnmIdMnJ0iUhAcYsaOznELufRJqZgN0FZk", 38 "d": "GCsQgKZ8JVRxtredwbTEwF02CUvsS9xv1GpYlcE_g4COF6ulxDRtyYLFJtNeSa4dT7pEHNM6y7bdMEVOVTaU6EWkyCIQTJ1NUdnS7qa5uJDkKhgYN87GaM0VJLj6Ks0Xp9O4Ljw1ASKMQcQVdDR9MZIBaN14cRGUF87BDQjR-M6v0CaGVOmMzF2iFjGmxWux8XJpZhIVUcWJPIhyGYyDkZcDOF6mAghfBwiAysVBgwoTrmY4rtST2uwTNhhTENvHk1n0dG9shpQFWsg7Ml27TSDCtEPp6VKxhIldOw1auV-AcVttCT8VrbVH6ENiDGKaTBptb8-mmWf0KgQtTOyqwQ", 39 "e": "AQAB", 40 "qi": "9dOJ8-lpm6dSu12pB2b9IN4u1yzbqMyrkVPnu06huZSFDqYhVS1m1pBB01tSiZjFmek0HmC7gqE0jOnfHN7myRN1gJMIayDNpBt2YiUX7tXO4mLpmHRpHccDkeJKY9b6KBiqq73fmCQLjsYiHhjAhuly6FhDcXMG1hTNmghFyKg", 41 "dp": "i3id3Vc3vfxxRbVANsdapU9rWf5wijYnDseGbL2nFm59N8cuH0DcQIYNUR_oxLaUcfuQgiMfxZIgK774c1zzPtrYvA7ZgD6XFc1GgXyZkHrhmwlnuk7ic_0a45kQb-RwbzRXoB3QESr83WLaaaiZpgAabIQXBm-YzoUjBxXZxvk", 42 "dq": "ny4THjI4ZnziZS6U0hvsFFX5D9ixbjWEYLpEOQ2CivubemopjJk_rkWyRIQ7mRMgOXVhgWqlhfAjX2bGRJRxA3I3lH0b2ZCOjKsfvi8eIamrcPZDEaSDiUnuLZ9Ge7dzxFNxN0oWJqjZBslWl3FYVfl157GvPAV8tdbna7DLi_E", 43 "n": "qYwocG9HTEBtCp0yg0Z-Tfz_IxMryMZ_8O7fgK41gu8byv7HYY97iBlkuQpHfv9Ch8xePem8_3FPK9vKI8I8lZTT7f3t4LHYL_yfm9wOqy08NErRr6BeeW_NoLH686X3QZYBQmGIx0NlIEpLwAofZ9X9jr1WK5JPSa7M-DbHbgVLnex0iktmbvtamVejwJ4nCdoJPIZ1P9y8srWmlBj_Mf_kRPO86pgv557lhftMYbw_y2t_u7l6qs1LVGymrhmaK-3ZnT_xotInPx2LNFfd8MJTX-9cCgX7rlCS6-orkLsz0BZQg8weih5DICq9F0PGI6iBEPFHvlI-x9PcUzrWlQ" 44 }`) 45 46 var rsa3072PrivateJWK = []byte(`{ 47 "p": "uN30W1rjK5Pj__VFKPOi0J6e14eXAkA9DLvbQfVbym_b2KGgRMPtHIOlsz8GSn1KvE4docU9cfjUDSVeTJGcx4DEgvhAeXV15Rtpn7P1eUUSjr_HaSxeqqjveKccmbYGUvaMiN-mHPNQubBwxBsNO7RT-P_Xntxi58QxTXwHftwqE16ACZgZVcypaddRQxbvfWpDIymkv8OOSigRrIELIrnDls5g7z09bV27ZvdFdxDJF1jIOdgl18sKAmtuuYB_", 48 "kty": "RSA", 49 "q": "s63k6YU1oTUq-Ejzls7xdibrk2bMoVIRVZ29qXNjEbvE-1CgFTbMuZ3bHk6PGZ2_ss5hPIGyWr0dnWrmvgWHMvqpq4iRg-5iJeU9WeRnBppEbUrc-2MtmwFyzQELmqkgytBWZdpZI6x4cE7bGjSEX_UOuxQxZa0JtCr9iRelM5cU2W0gCTXDMEU2zCf8veKnd5DaxgoF8ziVrmHZqCQqNOukiBsRiYeYx9CNjRgNZqljkS2ngnr8FzZSQCvv_jgH", 50 "d": "R_MSINKxb5RcA4WVOF1f2CkncvsGsTOsONib9_Cg8ieRggwKqGtDYe0zv1LZ4j1cvv4e_mpcL9TUKeAVKOVUgmlF25v3M9k7FZtizVoqO9wKXEFZeMMJ608iBFv5mcNmaDz2RqE8C3ldYFxCjBsKZAuodygPKFSysfGPpV12yl_uzIvj9-SW0Ow1rN_pFBTNHU5HfAW4I5vQW30QJO4lzJtQ_mHQLrGbNiDrGY-IEIJ8WR49dYFpR7cBJoJXxQkq14X0po6GG7RWwtfnA86ddfI_KTDW_Poq2xcAD6o9h1Y-Y2meBUYwb4_cMjf0rrFoA4CtCkxxubM6HHmv7xmvnLCBUBh_CG-7fhFkeRFBwml6tyRq1YCzqjHCrwO5z3PDL1Jsb7c4t9K2rOzOi7Yrv5YPj3jf2-pVnCWiWC1xd7b7TNOCNJXfx2fuDHHsKqVsrNYUFCiagcb4gfZP9mmoQXDe5W3TErLkfnpyb2hWsaR631yNHiiXKMH41fub0AeF", 51 "e": "AQAB", 52 "qi": "h5WO63K6wpvju-sDSqouGy6i0SdPLg5xzcBtmdci99kkHkSkb2Wx-WgApcQK5ZNk4esMHmb59-JZmL0a6l4xU1I7CNeKS1ywMxDMGDia1Ub5UyZaaBKtK8K6LAf35MwvJr60uS-T-arnf42tSeFwUUOuMm2fP8-JnFhsjHpla1m2D8IKzzoqyy2IohO8UP6YeUrdkfqYPU6TWQrteqI4d-jRUVNUR2O-lHe5g9tVr229MUIeQqOuP2G_xwL5e9l2", 53 "dp": "H5_AbFxI3iyHZULE2POMl5l63K3SNE1e5C3CnS7my-OEvTMw4nKNvkH694XBgr6aKUpHoWPHVhbV14Xb8sc6BZrOgwUKqnxgdZfR4sL7LAqX2RmPeDth2lnZ1U7pApZz0H9inQt9NBifZ5R6ReHGyr7XWpIRhZh3xuP19yZPdfEdtYCF8J43P0kqdfOicBKdV1v1Li-ygidm0OK320Wb7Q3QGp0lUees-Wd-ZmfIV0zkyXyji9mg56BRDwbnww3r", 54 "dq": "RCNc3OXEWbcE7ZUUswsVbH4D9ikUztSFeFdSdnEoj7AKWlfP7VuTtYxUbSDTiZ5V9SPoof55OYngMjM4_7Su-bkvILqwnDyJgd92LaG9JDbaXiv2s2p___lDpNSRpvweUGtDaGquRSYBom11D3H9BTq0dGOK_Ajr1iQ7c4LBBlhz8qQ8cuGtfJ-y0ScU5JmQcno_TLy-VucNdEztMqNMUjdOdML3GpWOba_8Dhah9l2kQYjzrjqfYNobxPQkld5_", 55 "n": "gcDFKFIgEWXvugSrKgKF-x5EWHd8C9KzVvDMAl8BvtfS0InvHF3_tmeFoO7lz0L6WIo5jnChP1CmsG92q2hNUT3Jx044MuRF2Aws8sjVHvnhRkQExuF0C2tYOjNeDDjV1jjsGMO9cxuu8gOrYqr05g5Nv2Dl0ZrLIuu6_FLX0yHifMZm1Ri5Rymdio2XgOeD3VZc2Nzih1KCuYuGimj-obRll40x0H292fJ4JwQpHH-YDN4ANaRfRrTdF3YWRRyusUxNctr1i14JUkZkZN7tfZFe6Fl1RQ7e8Z4gTaGS73E3wF63galyHaXGHy0cKWfHvLXHNsPZEYUanPk4RoOpKYhM7elxw1Xo3RKFRyNKGrISzmqAghZoJdXBWwoZ16Lqz1eKjC_xvA1Hulx5y13Q1jTJtc6ksKrwJv4AMixqXkXffku8FSS4pD70v3mtUX8XD5mUZjAoBX38EF5ezqwsRReT04ONvLnQSwZn9jMjWDWNrfPKMpV1Kly68YGqMEt5" 56 }`) 57 58 var rsa4096PrivateJWK = []byte(`{ 59 "p": "1F-nnNrrx5qLjApeW0MFw5zDN45DilrE54jCuYG_5VQCgJ-b2ldySjRwAYOS-74yDVeYyr6VicJZJBQdExk4-w78xP1A_N_AgjINwLZI_-29s63qMPJKHym8AaaGKLa_eKZHbKzEmDgC3Xu0XRaPgI7MNvKTDnSaRaNnnefvRxkjaeDnnvOzGF9PXdM4IQ2iXrkRjdswkXwWnW4vLjhqHFqjHOt7GkKYHcp6zfcSgpZUsVPiR29O6cZA-PaLbDX6eGlGsqbLIDdLUdXD7GGc9YtP-galcdHeKrxtdCCPOS7EPhcVu3Weas8ZqTFyphWcUj927gj4UEyc6yZTI9M5pQ", 60 "kty": "RSA", 61 "q": "qrTYkllcUZgBe7TMI0IQrdRmjWvUKy4QLDJPmlqEPzDkFH7sgz-R5Ev1DlD6w7R47v-uUu3HZBEXrxUw3o2jHbmRAj02iUc3492eZveBNr8ElAXOko_9l2jx8SjfGFjrLB_b0r_Z3lfLZt2EsT8qRwWrDvNSI3f2HETtnCsjlcj_s2brFXcHgkAi2iMmyHAaiBwIGRZ8LmtB5gCWmqAOnCoRIr15QqUUnrSOriCWNUuLkLWh7ZmfLMXPj9HmYBgXzsqiEc0WUMQryVmHL_yrVL8CrNPrg2fwvkjPbkE_SCRzhGlH8hxm03Db2W7S3svZfOyYtucpNrOmM5e9uL-Yjw", 62 "d": "E1d8SohIY5F3bNPBikL_Ttqcz-gU6AFqL6m0xJB-CIAGvwsjCEGcyaojGwvRaqFTvx1KhIF5x5ViA7C4rGfrENS76ti3uZVUclbZdcgpC-3zxm_jSFghmdJ4C4cyGClSvJh9WOhvDfNHm8iU24OtC_-CVxl203CudWaG5OubfwvUFExztTaHN_knfNjDDsMVNRJTi99BEW26YvsqUk60vlQ4loxkY2tIDqGmzurAIbkDzGZ0oAnHFyH2Y7ysh4HqU3XzHYCM-k96UzuIpcSxL6IMi-30LlUcvk7cBjGtkU6W5rpGm8QYfBIFPAK9iew_36kft_lDRaxZB86C92ya-5Av96Tgcq6EEPhUt4dNhKVFzBGQ2YvQGQyX__xdR_ykGNUoifVkwJywbjRxQ0XJ5tNGLwjnJtPikAW-MSnyRL23mhKI1VwCs1HXSGEJNlJp2R3Ib4MaZRPrqQ-5jbDwHtYWFwae-9e8FzDKrixPhvyJVbaTIRCaClgZdWeDAKSvElBkvTAjchlCam5SmlxsAbT_BqQB5temOYoQjOriHK5flB69u6dqP-9wGSCgJSzfG8a1Tv791q_NuZOdA3m4nA3gwAhxjDX-2J0vp7G-6Lkpw1Sw4qgL0qfw6Jg__QFp2X0QMManNKKUEK0-OhQvAYICPiZFCdmFb4QaSuEmx0k", 63 "e": "AQAB", 64 "qi": "VQYPsxi5IwWgYlKjUP_CvquMeQce8_gO5QxdvaaXPr2Zp_zZhdoHbcrN5R7D9cOqZhPARTo7yuFVrsCRKU-38Pcs_yN4zvy09SlI2kA4Vwi9ME5le2SXeGQgkey0acsIEUX4cYBSJ85fK5ZJTeLBBvacsdyAYAfQjvj224mhw_dyHJ6RepoXeyL7YE0VBI4duBzVx8jV4H0H65t-9fuu7woYQ-XmSElJPM3H265VJW-4YDLJ7QR5gpjm9bO0-Es14do-zHtbETPl77SBVjczILfp9TT2a-Kzgu7ckFCdG22tK8I8KxMdq8elMxT5oBmdaiMuyio1wdelWI-koN_auA", 65 "dp": "SxylwIFhQNB1KIuGQcrboAqytNR5KNbfq3AgRtIQF8D1vZ411ix1fK89KhvqAWWMeFGR9asgYn-9XVhLzDRwhcMQPW_A628LvECNwqn1-aaRIJqTKMqY0prFJuRJsN6pq7dLrbEROzEcOk-FRCM1j-dxbMGwpz0wTw7zF9MvOrs2Xj0wTnSs1CLphCqvQGl9EvlrrvtmGx6DNR0CTNuhE_QumoziljAVcvvpIS2Qe2VGAQ3FCzTf-SioVCWGvDf_JVU-rvL1Bqjn18K-L716cRHbsHdnTnFGnWDVaWwWm8fhmoA5rHp2FBq5XbDidsFP73sIyjmb8XKXUUfVweb0DQ", 66 "dq": "aVne5sMbhIepMq1r5r6ZCI6zE8heUp_E_2G1Wu9N-qmzuSpz0LRk115BSKqVeD5i_Czzat6wVYNu-HC9jjwfVPL3GUip5aL8TTay0Z0iM6VDsA69ZBpVSSJNXqX4uU_3I24t_izEysGoGD3R7ImtD9PhtAJayOT6EIxBkEXXWlOH6zIzFzY0fiAS4kkbYEw_M40JOmJ0FTnAm6_1QkxRd_NGTAhfU9AJn8CS5cfaq92Jrq9J1hce80TJSlsiMF_uIYNQ7meBxCqtU0BbfDQVkOGpRvwqtxhorSbGTaca5O0KFcfbzQHWO9vE8rXAkhuAh-aEgSy8dLP-eIzHW8Ny5Q", 67 "n": "jZ2MOiHGR9bmwSRcflBMA9SEqZE56vWfpfawTJHvYhJW-Z5rHmufp2xUsLfa48r8cAcjtz2y3fhwJK-60eKG17JX56acvMqMEvhqS9Y10_v8ztOiFW7wPW9k0MJpvrfAypTVZarT4YWUJo72QAW8b-ZTpO53SdwwkL622oUArS7oaJPOSIloUbFViwhR5bEesUAcUeBlJlGBUlO4p_gxkKiYdfmez69VI-KGm80QhA0VziDrZLZxrtzk2ZAuVmKby7oPfFC5LppJlHWZtLSb0qzr819_w9y8-Sc4ZqqB33UfpA45UN9ufLYMeHaQOJCnXZRjcg6Qg8dVqXFdUgqmopsfl78YIF8swkuMe4Te1V8t4HLzCBVzAafo2THkHNgEILSPvEXfQq-En-ODb32HkEc3Zb_IyKq2aK67GvuAq2s_WlSYpOhz4rTmhez6yrBm52R9VSouSWGJhuRFLtBBvS613g5CykyTJlojXiZvrK68UCU7bZTa4zZmrJl3uNlizyhZr6qCwoSO6As0QKAOdVgcKUTNxv3h1NFmOHvMMIxAtQBdFvHaEjNjVvRkeS9waLuPySRihm5N3sBIv1NUKCSBU8tynMJhRUkf0Tp5EMeEBgQuqR-Cs5cgMcq_FD5s1ztT8f5ze9eCbt6Z9csnWaN2xO0-nPtMI7QzjgdSKys" 68 }`) 69 70 var p256PrivateJWK = []byte(`{ 71 "kty": "EC", 72 "d": "sXCIy5HxtyG24MTl3hsgLDqi0dd33WAB_Rae1I_o2Is", 73 "crv": "P-256", 74 "x": "ykS0SN-EaFIVQUBC7norE9yYAN0ZFxSYYP6p0iofMxw", 75 "y": "faQhXipqrhZeHIPFzJEYlxVvCdezZnJs2mKxnraO8_M" 76 }`) 77 78 var p384PrivateJWK = []byte(`{ 79 "kty": "EC", 80 "d": "7YcsmkNxmZdzGyb46ZeDb2I1yr-ja1iw9gspGjq7UDqQ6a61h_ES8c4uU__adkFV", 81 "crv": "P-384", 82 "x": "dWLSo6PTkL1G68bzTwY3zzrL_QX-pwvP9HUPpQGeSFmj20EWOtfvXXKDrCR0jnJD", 83 "y": "lFvTFechH_KmbOEvycryCHy23Cm1qekJYAtn7T_TELpm7zsY290NYlvqDKesGeXx" 84 }`) 85 86 var p521PrivateJWK = []byte(`{ 87 "kty": "EC", 88 "d": "AIqIPpDjCGGwdG1usjkOkzovnv0SMiMgfLTn938E_gp4NBEyQVy4myOilDAEKrxPWw8f1u3FLKhGza-yxevMnfnr", 89 "crv": "P-521", 90 "x": "AVfi6aKylpZU334mETb2lNO5Ckpzp_L06WG4UQpiFxQMdxxKeldRJTxgt3FCYg5rXbUcKB2vm7Yq1Mxl3CHeBGQ8", 91 "y": "AQQurRdp6oLjLbOTosM2cnu91dBL2YShDnqXbaUyFlGYoUJB6LPwwph9Uu0qHKCeK6QxZmHWxST2iky7ObEfM8GC" 92 }`) 93 94 var ed25519PrivateJWK = []byte(`{ 95 "kty": "OKP", 96 "d": "ytOw6kKTTVJUKCnX5HgmhsGguNFQ18ECIS2C-ujJv-s", 97 "crv": "Ed25519", 98 "x": "K5i0d37-eRk8-EPwo2bpcmM-HGmzLiqRtWnk7oR3FCs" 99 }`) 100 101 func mustDecodeJWK(input []byte) *jose.JSONWebKey { 102 var jwk jose.JSONWebKey 103 if err := json.Unmarshal(input, &jwk); err != nil { 104 panic(err) 105 } 106 107 return &jwk 108 } 109 110 // -----------------------------------------------------------------------------. 111 func Test_jwsTransformer_To(t *testing.T) { 112 type fields struct { 113 key jose.SigningKey 114 } 115 type args struct { 116 ctx context.Context 117 input []byte 118 } 119 tests := []struct { 120 name string 121 fields fields 122 args args 123 want []byte 124 wantErr bool 125 }{ 126 { 127 name: "nil", 128 wantErr: true, 129 }, 130 { 131 name: "nil key", 132 fields: fields{ 133 key: jose.SigningKey{ 134 Key: nil, 135 }, 136 }, 137 wantErr: true, 138 }, 139 { 140 name: "nil key", 141 fields: fields{ 142 key: jose.SigningKey{ 143 Key: nil, 144 }, 145 }, 146 wantErr: true, 147 }, 148 { 149 name: "invalid key", 150 fields: fields{ 151 key: jose.SigningKey{ 152 Key: &jose.JSONWebKey{}, 153 Algorithm: jose.RS256, 154 }, 155 }, 156 args: args{ 157 ctx: context.Background(), 158 input: []byte("test"), 159 }, 160 wantErr: true, 161 }, 162 { 163 name: "public key", 164 fields: fields{ 165 key: jose.SigningKey{ 166 Key: mustDecodeJWK(ed25519PrivateJWK).Public(), 167 Algorithm: jose.RS256, 168 }, 169 }, 170 args: args{ 171 ctx: context.Background(), 172 input: []byte("test"), 173 }, 174 wantErr: true, 175 }, 176 // --------------------------------------------------------------------- 177 { 178 name: "valid - HS256", 179 fields: fields{ 180 key: jose.SigningKey{ 181 Key: &jose.JSONWebKey{ 182 Key: []byte("scye7sLSvuw9pB9bfkqZNoQ01CzjCtFhg64QcqQ60JU"), 183 }, 184 Algorithm: jose.HS256, 185 }, 186 }, 187 args: args{ 188 ctx: signature.WithDetermisticSignature(context.Background(), true), 189 input: []byte("test"), 190 }, 191 wantErr: false, 192 want: []byte("eyJhbGciOiJIUzI1NiJ9.dGVzdA.YZ2zjgjYgXQA4kp3AWjt72XN6RUwxs2EAWpjTWTw2sA"), 193 }, 194 { 195 name: "valid - HS384", 196 fields: fields{ 197 key: jose.SigningKey{ 198 Key: &jose.JSONWebKey{ 199 Key: []byte("ZO-sssUGsRpYzgTLHH7SHL410d7S0ekSaJudOun8k3s-kM_9GUqr3BCpbZfAK1rk"), 200 }, 201 Algorithm: jose.HS384, 202 }, 203 }, 204 args: args{ 205 ctx: signature.WithDetermisticSignature(context.Background(), true), 206 input: []byte("test"), 207 }, 208 wantErr: false, 209 want: []byte("eyJhbGciOiJIUzM4NCJ9.dGVzdA.s2vnkZWuRntbEHvWZL5Da22n5tpfqAn9In6Nc59oXkThtjoHO8YV_xFoBszoNbff"), 210 }, 211 { 212 name: "valid - HS512", 213 fields: fields{ 214 key: jose.SigningKey{ 215 Key: &jose.JSONWebKey{ 216 Key: []byte("Wgl6uSlvowSnVQhR0bkJ3uun-IJiJn0o3CfwOcH0IgTVHiBBgVSF4z2KVWW6RATGWjx5zjCk6FUtq9Jx-eoXvw"), 217 }, 218 Algorithm: jose.HS512, 219 }, 220 }, 221 args: args{ 222 ctx: signature.WithDetermisticSignature(context.Background(), true), 223 input: []byte("test"), 224 }, 225 wantErr: false, 226 want: []byte("eyJhbGciOiJIUzUxMiJ9.dGVzdA.sRArznPrS3SDMLdOplA1gW9sDvPK_bS78S8LjqKHdsRRWGmcU673RM8W20C66RLJqST8g1lK2rlhauBbys-YVQ"), 227 }, 228 { 229 name: "valid - RS256", 230 fields: fields{ 231 key: jose.SigningKey{ 232 Key: mustDecodeJWK(rsa2048PrivateJWK), 233 Algorithm: jose.RS256, 234 }, 235 }, 236 args: args{ 237 ctx: signature.WithDetermisticSignature(context.Background(), true), 238 input: []byte("test"), 239 }, 240 wantErr: false, 241 want: []byte("eyJhbGciOiJSUzI1NiJ9.dGVzdA.M24oz_l9RSn9qt4aVoEVXg4EvcgtanpikhMs1BkL3JbCoBi9-M9EZdMUZk4_yLUdj-NmDO4O20V_JjxtlyXMm45AGTTghM_f3aBo5eqBWVkJuyl8EqJM2HeowmoyY7ZxlsoJwEA3VSA68CUSaukjd33zOF4SGPea5aDZClTjdC6Y-OvTzlDX1l6q99fPDrRJO-ih4gdsWLs-EYKaI-nTPzvtGcjOAfchTChT-kH0DKjANf35eMbceTNlZODlQfWw0vB2Zqeu4U8SkXpk6oA3S25COpcXjx-k8sxZbrLq57M0jppgRIrMxq-JvORZ716U3B2cRAVmP1SwgqcBnsLLmA"), 242 }, 243 { 244 name: "valid - RS384", 245 fields: fields{ 246 key: jose.SigningKey{ 247 Key: mustDecodeJWK(rsa3072PrivateJWK), 248 Algorithm: jose.RS384, 249 }, 250 }, 251 args: args{ 252 ctx: signature.WithDetermisticSignature(context.Background(), true), 253 input: []byte("test"), 254 }, 255 wantErr: false, 256 want: []byte("eyJhbGciOiJSUzM4NCJ9.dGVzdA.ML2P3gs_gC3R1jUflAggcQER7fe1OcENO_Rrei0PgKfvvfyE1x-5aTzoMZnIHT_5sxBdxa7wxssy6IYEZzE7vSCLxoJdlWgRaRfZo6LrEf8B6Q80kG7Oc6vBwEetzCLjJD_IBVYLOMqkOvxSaBdOB28NDFVBifvqA6-M1VHHN9koUerwwCMshJmH7dsjC083JsQeui2ThVedhYxOHb4K5IkCiYOJBnNF15E9qxIrCtZQQK5hAvk5-BEzcKrT6BRrUo1L_fidgE9tb2mIqDeWsap64DdIIMHJ9sxfcXg1c0CZ_Rocd3lVrpeCkNa2s6sY8HILOYG0Vz1EI1-rA_r_TAD3rMbS-l2ENZMbUKus7zbN1bzLQMR-D8KVB7uUnpFsOJqX47xl1D_QCBuOI5tHKCx0707U29BAe0Mysp2jFx1qskoL_JTl9ObVYV_JjJIAmxhxZ7TxQaMzfOqPpEzgoTHscSfyXd05_oUTSxISmxQf6S7lpUQ5tRIVT2qumiGL"), 257 }, 258 { 259 name: "valid - RS512", 260 fields: fields{ 261 key: jose.SigningKey{ 262 Key: mustDecodeJWK(rsa4096PrivateJWK), 263 Algorithm: jose.RS512, 264 }, 265 }, 266 args: args{ 267 ctx: signature.WithDetermisticSignature(context.Background(), true), 268 input: []byte("test"), 269 }, 270 wantErr: false, 271 want: []byte("eyJhbGciOiJSUzUxMiJ9.dGVzdA.e201ath4i-njH626lFFadhOCrk0XJVlwhFxIkbaweTl6FlFaO9x178zLmYjVNkiC-ooVzFiYegHw0lqGHGX0CgMnLy97_6GJfnwLF6Nhmi7jFo2FtSCJ71-d7i6ObAJkWT_4PFzIemPc31xa0FGzKo8uG3Xvmug1Pz94H2V_4Hsc14M32vBv0vd5daf581YQTln_CTRajZEd46s6rTYA6PEFG9C4-N-3jiqvPd3aga8ZwX6S7nTYuQMnbRnX33g5ZEIjJNpJT0QInbbPmM0YmGzSYfwyGuso1bhRueqri0PnvoMlVe7EK_WnjH3-MGr1RcHDAbl4I9mqZBL_danAJqhcqKM6AaRVrcNaOiO5R-KNSMskEnP8JvLE0PXOlpmv886uOjEhrWV3KG2js1E908xdDZE5kZ2Dhvv2PZxGDtzYqenTGWMff6t3R4Md8xM7LloB3xjopqOKzqJeb3cdPnKG9g4hrYelyKUzAo3vV_fK9ZuR2FTLdLrzp2pdSDRv3CffKCLEkvqS7COTQBwx-NHPo3Zhq_X8CjldwmdvF-BcEK2tc8C2vRlDrwQvbIWNfUS9lAHbGMq6UbfTSnXD9nzJpn9bMGe-q2Q28kfcPB6IrTQXYrHo97M-3rXc5rhbpyEcheZCXbPWTtAOmnCV1c_py4xDyR9hh384fok9Yts"), 272 }, 273 { 274 name: "valid - EdDSA", 275 fields: fields{ 276 key: jose.SigningKey{ 277 Key: mustDecodeJWK(ed25519PrivateJWK), 278 Algorithm: jose.EdDSA, 279 }, 280 }, 281 args: args{ 282 ctx: signature.WithDetermisticSignature(context.Background(), true), 283 input: []byte("test"), 284 }, 285 wantErr: false, 286 want: []byte("eyJhbGciOiJFZERTQSJ9.dGVzdA.UHM26VhesCXny588L0ou6Hj8xdyB5NnyYg_vQYPYMct7LIjEVf7_E6EeYz2wzvNdKoxmf5j8dpbjPzGg_pDzDA"), 287 }, 288 } 289 for _, tt := range tests { 290 t.Run(tt.name, func(t *testing.T) { 291 d := &jwsTransformer{ 292 key: tt.fields.key, 293 } 294 got, err := d.To(tt.args.ctx, tt.args.input) 295 if (err != nil) != tt.wantErr { 296 t.Errorf("jwsTransformer.To() error = %v, wantErr %v", err, tt.wantErr) 297 return 298 } 299 if !reflect.DeepEqual(got, tt.want) { 300 t.Errorf("jwsTransformer.To() = %v, want %v", string(got), tt.want) 301 } 302 }) 303 } 304 } 305 306 func Test_jwsTransformer_Roundtrip(t *testing.T) { 307 testcases := []struct { 308 name string 309 privateKey *jose.JSONWebKey 310 signatureAlgorithm jose.SignatureAlgorithm 311 }{ 312 { 313 name: "ed25519", 314 privateKey: mustDecodeJWK(ed25519PrivateJWK), 315 signatureAlgorithm: jose.EdDSA, 316 }, 317 { 318 name: "p256", 319 privateKey: mustDecodeJWK(p256PrivateJWK), 320 signatureAlgorithm: jose.ES256, 321 }, 322 { 323 name: "p384", 324 privateKey: mustDecodeJWK(p384PrivateJWK), 325 signatureAlgorithm: jose.ES384, 326 }, 327 { 328 name: "p521", 329 privateKey: mustDecodeJWK(p521PrivateJWK), 330 signatureAlgorithm: jose.ES512, 331 }, 332 { 333 name: "rsa2048 - rs256", 334 privateKey: mustDecodeJWK(rsa2048PrivateJWK), 335 signatureAlgorithm: jose.RS256, 336 }, 337 { 338 name: "rsa3072 - rs384", 339 privateKey: mustDecodeJWK(rsa3072PrivateJWK), 340 signatureAlgorithm: jose.RS384, 341 }, 342 { 343 name: "rsa4096 - rs512", 344 privateKey: mustDecodeJWK(rsa4096PrivateJWK), 345 signatureAlgorithm: jose.RS512, 346 }, 347 { 348 name: "rsa2048 - ps256", 349 privateKey: mustDecodeJWK(rsa2048PrivateJWK), 350 signatureAlgorithm: jose.PS256, 351 }, 352 { 353 name: "rsa3072 - ps384", 354 privateKey: mustDecodeJWK(rsa3072PrivateJWK), 355 signatureAlgorithm: jose.PS384, 356 }, 357 { 358 name: "rsa4096 - ps512", 359 privateKey: mustDecodeJWK(rsa4096PrivateJWK), 360 signatureAlgorithm: jose.PS512, 361 }, 362 } 363 for _, tt := range testcases { 364 t.Run(tt.name, func(t *testing.T) { 365 signer := &jwsTransformer{ 366 key: jose.SigningKey{ 367 Algorithm: tt.signatureAlgorithm, 368 Key: tt.privateKey, 369 }, 370 } 371 372 verifier := &jwsTransformer{ 373 key: jose.SigningKey{ 374 Algorithm: tt.signatureAlgorithm, 375 Key: tt.privateKey.Public(), 376 }, 377 } 378 379 // Prepare context 380 ctx := context.Background() 381 input := []byte("test") 382 383 signed, err := signer.To(ctx, input) 384 assert.NoError(t, err) 385 386 payload, err := verifier.From(ctx, signed) 387 assert.NoError(t, err) 388 389 assert.Equal(t, input, payload) 390 }) 391 } 392 }