-
Notifications
You must be signed in to change notification settings - Fork 46
/
algo_ps_test.go
84 lines (69 loc) · 2.76 KB
/
algo_ps_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package jwt
import (
"crypto/rsa"
"testing"
)
func TestPS(t *testing.T) {
testCases := []struct {
alg Algorithm
privateKey *rsa.PrivateKey
publicKey *rsa.PublicKey
wantErr error
}{
{PS256, rsapsPrivateKey256, rsapsPublicKey256, nil},
{PS384, rsapsPrivateKey384, rsapsPublicKey384, nil},
{PS512, rsapsPrivateKey512, rsapsPublicKey512, nil},
{PS512, rsapsPrivateKey512Other, rsapsPublicKey512Other, nil},
{PS256, rsapsPrivateKey256, rsapsPublicKey256Another, ErrInvalidSignature},
{PS384, rsapsPrivateKey384, rsapsPublicKey384Another, ErrInvalidSignature},
{PS512, rsapsPrivateKey512, rsapsPublicKey512Another, ErrInvalidSignature},
{PS256, rsapsPrivateKey256Another, rsapsPublicKey256, ErrInvalidSignature},
{PS384, rsapsPrivateKey384Another, rsapsPublicKey384, ErrInvalidSignature},
{PS512, rsapsPrivateKey512Another, rsapsPublicKey512, ErrInvalidSignature},
{PS512, rsapsPrivateKey512Another, rsapsPublicKey512Other, ErrInvalidSignature},
}
for _, tc := range testCases {
signer, errSigner := NewSignerPS(tc.alg, tc.privateKey)
mustOk(t, errSigner)
verifier, errVerifier := NewVerifierPS(tc.alg, tc.publicKey)
mustOk(t, errVerifier)
token, err := NewBuilder(signer).Build(simplePayload)
mustOk(t, err)
err = verifier.Verify(token)
mustEqual(t, err, tc.wantErr)
}
}
func TestPS_BadKeys(t *testing.T) {
testCases := []struct {
err error
wantErr error
}{
{getErr(NewSignerPS(PS256, nil)), ErrNilKey},
{getErr(NewSignerPS(PS384, nil)), ErrNilKey},
{getErr(NewSignerPS(PS512, nil)), ErrNilKey},
{getErr(NewSignerPS("foo", rsapsPrivateKey384)), ErrUnsupportedAlg},
{getErr(NewVerifierPS(PS256, nil)), ErrNilKey},
{getErr(NewVerifierPS(PS384, nil)), ErrNilKey},
{getErr(NewVerifierPS(PS512, nil)), ErrNilKey},
{getErr(NewVerifierPS("boo", rsapsPublicKey384)), ErrUnsupportedAlg},
}
for _, tc := range testCases {
mustEqual(t, tc.err, tc.wantErr)
}
}
var (
rsapsPrivateKey256 = mustParseRSAKey(testKeyRSA1024)
rsapsPrivateKey384 = mustParseRSAKey(testKeyRSA2048)
rsapsPrivateKey512 = mustParseRSAKey(testKeyRSA4096)
rsapsPrivateKey512Other = mustParseRSAKey(testKeyRSA4096Other)
rsapsPublicKey256 = &rsapsPrivateKey256.PublicKey
rsapsPublicKey384 = &rsapsPrivateKey384.PublicKey
rsapsPublicKey512 = &rsapsPrivateKey512.PublicKey
rsapsPublicKey512Other = &rsapsPrivateKey512Other.PublicKey
rsapsPrivateKey256Another = mustParseRSAKey(testKeyRSA1024Another)
rsapsPrivateKey384Another = mustParseRSAKey(testKeyRSA2048Another)
rsapsPrivateKey512Another = mustParseRSAKey(testKeyRSA4096Another)
rsapsPublicKey256Another = &rsapsPrivateKey256Another.PublicKey
rsapsPublicKey384Another = &rsapsPrivateKey384Another.PublicKey
rsapsPublicKey512Another = &rsapsPrivateKey512Another.PublicKey
)