From d1d31dbd49019c2f373f947082c97217ebca3ae5 Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Wed, 1 Jan 2020 00:00:00 +0100 Subject: Add a signature and verification function for JWS --- tests/Makefile.am | 4 +++- tests/verification-failed.scm | 24 ++++++++++++++++++++++++ tests/verify.scm | 15 +++++++++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 tests/verification-failed.scm create mode 100644 tests/verify.scm (limited to 'tests') diff --git a/tests/Makefile.am b/tests/Makefile.am index b889e0b..22718cf 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -8,7 +8,9 @@ TESTS = %reldir%/load-library.scm \ %reldir%/jwk-kty-rsa-incorrect.scm \ %reldir%/hash-ok.scm \ %reldir%/hash-unsupported.scm \ - %reldir%/jkt.scm + %reldir%/jkt.scm \ + %reldir%/verify.scm \ + %reldir%/verification-failed.scm EXTRA_DIST += $(TESTS) diff --git a/tests/verification-failed.scm b/tests/verification-failed.scm new file mode 100644 index 0000000..b580caa --- /dev/null +++ b/tests/verification-failed.scm @@ -0,0 +1,24 @@ +(use-modules (webid-oidc stubs) + (webid-oidc errors) + (webid-oidc testing)) + +(with-test-environment + "verification-failed" + (lambda () + (let* ((key (json-string->scm "{ + \"kty\":\"EC\", + \"x\":\"l8tFrhx-34tV3hRICRDY9zCkDlpBhF42UQUfWVAWBFs\", + \"y\":\"9VE4jf_Ok_o64zbTTlcuNJajHmt6v9TDVrU0CdvGRDA\", + \"crv\":\"P-256\" + }")) + (payload "eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwieCI6Imw4dEZyaHgtMzR0VjNoUklDUkRZOXpDa0RscEJoRjQyVVFVZldWQVdCRnMiLCJ5IjoiOVZFNGpmX09rX282NHpiVFRsY3VOSmFqSG10NnY5VERWclUwQ2R2R1JEQSIsImNydiI6IlAtMjU2In19.eyJqdGkiOiJlMWozVl9iS2ljOC1MQUVCIiwiaHRtIjoiR0VUIiwiaHR1IjoiaHR0cHM6Ly9yZXNvdXJjZS5leGFtcGxlLm9yZy9wcm90ZWN0ZWRyZXNvdXJjZSIsImlhdCI6MTU2MjI2MjYxOH0") + (signature "lNhmpAX_WwmpBvwhok4E74kWCiGBNdavjLAeevGy32H3dbF0Jbri69Nm2ukkwb-uyUI4AUg_JSskfWIyo4UCbQ")) ;; Replaced 1 with _ + (with-exception-handler + (lambda (error) + (unless ((record-predicate &invalid-signature) error) + (exit 1))) + (lambda () + (verify 'ES256 key payload signature) + (exit 2)) + #:unwind? #t + #:unwind-for-type &invalid-signature)))) diff --git a/tests/verify.scm b/tests/verify.scm new file mode 100644 index 0000000..e6dc2fd --- /dev/null +++ b/tests/verify.scm @@ -0,0 +1,15 @@ +(use-modules (webid-oidc stubs) + (webid-oidc testing)) + +(with-test-environment + "verify" + (lambda () + (let* ((key (json-string->scm "{ + \"kty\":\"EC\", + \"x\":\"l8tFrhx-34tV3hRICRDY9zCkDlpBhF42UQUfWVAWBFs\", + \"y\":\"9VE4jf_Ok_o64zbTTlcuNJajHmt6v9TDVrU0CdvGRDA\", + \"crv\":\"P-256\" + }")) + (payload "eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwieCI6Imw4dEZyaHgtMzR0VjNoUklDUkRZOXpDa0RscEJoRjQyVVFVZldWQVdCRnMiLCJ5IjoiOVZFNGpmX09rX282NHpiVFRsY3VOSmFqSG10NnY5VERWclUwQ2R2R1JEQSIsImNydiI6IlAtMjU2In19.eyJqdGkiOiJlMWozVl9iS2ljOC1MQUVCIiwiaHRtIjoiR0VUIiwiaHR1IjoiaHR0cHM6Ly9yZXNvdXJjZS5leGFtcGxlLm9yZy9wcm90ZWN0ZWRyZXNvdXJjZSIsImlhdCI6MTU2MjI2MjYxOH0") + (signature "lNhmpAX1WwmpBvwhok4E74kWCiGBNdavjLAeevGy32H3dbF0Jbri69Nm2ukkwb-uyUI4AUg1JSskfWIyo4UCbQ")) + (verify 'ES256 key payload signature)))) -- cgit v1.2.3