1 package jws_test
2
3 import (
4 "strings"
5 "testing"
6
7 "github.com/lestrrat-go/jwx/internal/jwxtest"
8 "github.com/lestrrat-go/jwx/jwa"
9 "github.com/lestrrat-go/jwx/jws"
10 "github.com/stretchr/testify/assert"
11 )
12
13 func TestSign(t *testing.T) {
14 t.Parallel()
15 t.Run("Bad algorithm", func(t *testing.T) {
16 t.Parallel()
17 _, err := jws.Sign([]byte(nil), jwa.SignatureAlgorithm("FooBar"), nil)
18 if !assert.Error(t, err, "Unknown algorithm should return error") {
19 return
20 }
21 })
22 t.Run("No private key", func(t *testing.T) {
23 t.Parallel()
24 _, err := jws.Sign([]byte{'a', 'b', 'c'}, jwa.RS256, nil)
25 if !assert.Error(t, err, "Sign with no private key should return error") {
26 return
27 }
28 })
29 t.Run("RSA verify with no public key", func(t *testing.T) {
30 t.Parallel()
31 _, err := jws.Verify([]byte(nil), jwa.RS256, nil)
32 if !assert.Error(t, err, "Verify with no private key should return error") {
33 return
34 }
35 })
36 t.Run("RSA roundtrip", func(t *testing.T) {
37 t.Parallel()
38 rsakey, err := jwxtest.GenerateRsaKey()
39 if !assert.NoError(t, err, "RSA key generated") {
40 return
41 }
42
43 signer, err := jws.NewSigner(jwa.RS256)
44 if !assert.NoError(t, err, `creating a signer should succeed`) {
45 return
46 }
47
48 payload := []byte("Hello, world")
49
50 signed, err := signer.Sign(payload, rsakey)
51 if !assert.NoError(t, err, "Payload signed") {
52 return
53 }
54
55 verifier, err := jws.NewVerifier(jwa.RS256)
56 if !assert.NoError(t, err, "creating a verifier should succeed") {
57 return
58 }
59
60 if !assert.NoError(t, verifier.Verify(payload, signed, &rsakey.PublicKey), "Payload verified") {
61 return
62 }
63 })
64 }
65
66 func TestSignMulti(t *testing.T) {
67 rsakey, err := jwxtest.GenerateRsaKey()
68 if !assert.NoError(t, err, "RSA key generated") {
69 return
70 }
71
72 dsakey, err := jwxtest.GenerateEcdsaKey(jwa.P521)
73 if !assert.NoError(t, err, "ECDSA key generated") {
74 return
75 }
76
77 s1, err := jws.NewSigner(jwa.RS256)
78 if !assert.NoError(t, err, "RSA Signer created") {
79 return
80 }
81 s1hdr := jws.NewHeaders()
82 s1hdr.Set(jws.KeyIDKey, "2010-12-29")
83
84 s2, err := jws.NewSigner(jwa.ES256)
85 if !assert.NoError(t, err, "DSA Signer created") {
86 return
87 }
88 s2hdr := jws.NewHeaders()
89 s2hdr.Set(jws.KeyIDKey, "e9bc097a-ce51-4036-9562-d2ade882db0d")
90
91 v := strings.Join([]string{`{"iss":"joe",`, ` "exp":1300819380,`, ` "http://example.com/is_root":true}`}, "\r\n")
92 m, err := jws.SignMulti([]byte(v),
93 jws.WithSigner(s1, rsakey, s1hdr, nil),
94 jws.WithSigner(s2, dsakey, s2hdr, nil),
95 )
96 if !assert.NoError(t, err, "jws.SignMulti should succeed") {
97 return
98 }
99
100 t.Logf("%s", m)
101 }
102
View as plain text