prosody: spec/util_paseto_spec.lua@98806cac64c3 (annotated)

12716 719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	1	-- Ignore long lines in this file
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	2	--luacheck: ignore 631
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	3
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	4	describe("util.paseto", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	5	local paseto = require "util.paseto";
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	6	local json = require "util.json";
12844 33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	7	local hex = require "util.hex";
12716 719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	8
12844 33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	9	describe("v3.local", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	10	local function parse_test_cases(json_test_cases)
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	11	local input_cases = json.decode(json_test_cases);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	12	local output_cases = {};
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	13	for _, case in ipairs(input_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	14	assert.is_string(case.name, "Bad test case: expected name");
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	15	assert.is_nil(output_cases[case.name], "Bad test case: duplicate name");
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	16	output_cases[case.name] = function ()
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	17	local key = hex.decode(case.key);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	18	local payload, err = paseto.v3_local.decrypt(case.token, key, case.footer, case["implicit-assertion"]);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	19	if case["expect-fail"] then
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	20	assert.is_nil(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	21	else
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	22	assert.is_nil(err);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	23	assert.same(json.decode(case.payload), payload);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	24	end
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	25	end;
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	26	end
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	27	return output_cases;
12716 719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	28	end
12844 33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	29
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	30	local test_cases = parse_test_cases [=[[
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	31	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	32	"name": "3-E-1",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	33	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	34	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	35	"nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	36	"token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeg",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	37	"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	38	"footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	39	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	40	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	41	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	42	"name": "3-E-2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	43	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	44	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	45	"nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	46	"token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAqhWxBMDgyBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9IzZfaZpReVpHlDSwfuygx1riVXYVs-UjcrG_apl9oz3jCVmmJbRuKn5ZfD8mHz2db0A",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	47	"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	48	"footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	49	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	50	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	51	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	52	"name": "3-E-3",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	53	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	54	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	55	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	56	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlxnt5xyhQjFJomwnt7WW_7r2VT0G704ifult011-TgLCyQ2X8imQhniG_hAQ4BydM",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	57	"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	58	"footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	59	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	60	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	61	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	62	"name": "3-E-4",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	63	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	64	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	65	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	66	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlBZa_gOpVj4gv0M9lV6Pwjp8JS_MmaZaTA1LLTULXybOBZ2S4xMbYqYmDRhh3IgEk",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	67	"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	68	"footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	69	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	70	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	71	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	72	"name": "3-E-5",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	73	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	74	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	75	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	76	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	77	"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	78	"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	79	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	80	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	81	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	82	"name": "3-E-6",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	83	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	84	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	85	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	86	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmSeEMphEWHiwtDKJftg41O1F8Hat-8kQ82ZIAMFqkx9q5VkWlxZke9ZzMBbb3Znfo.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	87	"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	88	"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	89	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	90	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	91	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	92	"name": "3-E-7",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	93	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	94	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	95	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	96	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJkzWACWAIoVa0bz7EWSBoTEnS8MvGBYHHo6t6mJunPrFR9JKXFCc0obwz5N-pxFLOc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	97	"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	98	"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	99	"implicit-assertion": "{\"test-vector\":\"3-E-7\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	100	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	101	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	102	"name": "3-E-8",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	103	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	104	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	105	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	106	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmZHSSKYR6AnPYJV6gpHtx6dLakIG_AOPhu8vKexNyrv5_1qoom6_NaPGecoiz6fR8.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	107	"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	108	"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	109	"implicit-assertion": "{\"test-vector\":\"3-E-8\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	110	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	111	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	112	"name": "3-E-9",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	113	"expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	114	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	115	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	116	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlk1nli0_wijTH_vCuRwckEDc82QWK8-lG2fT9wQF271sgbVRVPjm0LwMQZkvvamqU.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	117	"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	118	"footer": "arbitrary-string-that-isn't-json",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	119	"implicit-assertion": "{\"test-vector\":\"3-E-9\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	120	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	121	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	122	"name": "3-F-3",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	123	"expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	124	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	125	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	126	"token": "v4.local.1JgN1UG8TFAYS49qsx8rxlwh-9E4ONUm3slJXYi5EibmzxpF0Q-du6gakjuyKCBX8TvnSLOKqCPu8Yh3WSa5yJWigPy33z9XZTJF2HQ9wlLDPtVn_Mu1pPxkTU50ZaBKblJBufRA.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	127	"payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	128	"footer": "arbitrary-string-that-isn't-json",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	129	"implicit-assertion": "{\"test-vector\":\"3-F-3\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	130	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	131	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	132	"name": "3-F-4",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	133	"expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	134	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	135	"nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	136	"token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeh",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	137	"payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	138	"footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	139	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	140	},
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	141	{
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	142	"name": "3-F-5",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	143	"expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	144	"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	145	"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	146	"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc=.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	147	"payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	148	"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	149	"implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	150	}
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	151	]]=];
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	152	for name, test in pairs(test_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	153	it("test case "..name, test);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	154	end
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	155
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	156	describe("basic sign/verify", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	157	local key = paseto.v3_local.new_key();
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	158	local sign, verify = paseto.v3_local.init(key);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	159
12845 8b06d7c73090 spec: Suppress some harmless luacheck warnings in tests Matthew Wild <mwild1@gmail.com> parents: 12844 diff changeset	160	--luacheck: ignore 211/sign2
12844 33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	161	local key2 = paseto.v3_local.new_key();
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	162	local sign2, verify2 = paseto.v3_local.init(key2);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	163
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	164	it("works", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	165	local payload = { foo = "hello world", b = { 1, 2, 3 } };
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	166
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	167	local tok = sign(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	168	assert.same(payload, verify(tok));
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	169	assert.is_nil(verify2(tok));
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	170	end);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	171
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	172	it("rejects tokens if implicit assertion fails", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	173	local payload = { foo = "hello world", b = { 1, 2, 3 } };
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	174	local tok = sign(payload, nil, "my-custom-assertion");
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	175	assert.is_nil(verify(tok, nil, "my-incorrect-assertion"));
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	176	assert.is_nil(verify(tok, nil, nil));
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	177	assert.same(payload, verify(tok, nil, "my-custom-assertion"));
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	178	end);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	179	end);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	180	end);
12716 719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	181
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	182	describe("v4.public", function ()
12844 33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	183	local function parse_test_cases(json_test_cases)
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	184	local input_cases = json.decode(json_test_cases);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	185	local output_cases = {};
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	186	for _, case in ipairs(input_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	187	assert.is_string(case.name, "Bad test case: expected name");
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	188	assert.is_nil(output_cases[case.name], "Bad test case: duplicate name");
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	189	output_cases[case.name] = function ()
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	190	local verify_key = paseto.v4_public.import_public_key(case["public-key-pem"]);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	191	local payload, err = paseto.v4_public.verify(case.token, verify_key, case.footer, case["implicit-assertion"]);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	192	if case["expect-fail"] then
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	193	assert.is_nil(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	194	else
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	195	assert.is_nil(err);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	196	assert.same(json.decode(case.payload), payload);
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	197	end
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	198	end;
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	199	end
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	200	return output_cases;
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	201	end
33d902b093f0 util.paseto: Add support for v3.local tokens Matthew Wild <mwild1@gmail.com> parents: 12717 diff changeset	202
12716 719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	203	local test_cases = parse_test_cases [=[[
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	204	{
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	205	"name": "4-S-1",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	206	"expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	207	"public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	208	"secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	209	"secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	210	"secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	211	"public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	212	"token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9bg_XBBzds8lTZShVlwwKSgeKpLT3yukTw6JUz3W4h_ExsQV-P0V54zemZDcAxFaSeef1QlXEFtkqxT1ciiQEDA",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	213	"payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	214	"footer": "",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	215	"implicit-assertion": ""
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	216	},
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	217	{
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	218	"name": "4-S-2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	219	"expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	220	"public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	221	"secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	222	"secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	223	"secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	224	"public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	225	"token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9v3Jt8mx_TdM2ceTGoqwrh4yDFn0XsHvvV_D0DtwQxVrJEBMl0F2caAdgnpKlt4p7xBnx1HcO-SPo8FPp214HDw.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	226	"payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	227	"footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	228	"implicit-assertion": ""
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	229	},
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	230	{
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	231	"name": "4-S-3",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	232	"expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	233	"public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	234	"secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	235	"secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	236	"secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	237	"public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	238	"token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9NPWciuD3d0o5eXJXG5pJy-DiVEoyPYWs1YSTwWHNJq6DZD3je5gf-0M4JR9ipdUSJbIovzmBECeaWmaqcaP0DQ.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	239	"payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	240	"footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	241	"implicit-assertion": "{\"test-vector\":\"4-S-3\"}"
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	242	}]]=];
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	243	for name, test in pairs(test_cases) do
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	244	it("test case "..name, test);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	245	end
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	246
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	247	describe("basic sign/verify", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	248	local function new_keypair()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	249	local kp = paseto.v4_public.new_keypair();
12717 52eead170bb8 util.paseto: Drop custom wrappers around key objects Matthew Wild <mwild1@gmail.com> parents: 12716 diff changeset	250	return kp:private_pem(), kp:public_pem();
12716 719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	251	end
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	252
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	253	local privkey1, pubkey1 = new_keypair();
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	254	local privkey2, pubkey2 = new_keypair();
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	255	local sign1, verify1 = paseto.v4_public.init(privkey1, pubkey1);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	256	local sign2, verify2 = paseto.v4_public.init(privkey2, pubkey2);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	257
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	258	it("works", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	259	local payload = { foo = "hello world", b = { 1, 2, 3 } };
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	260
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	261	local tok1 = sign1(payload);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	262	assert.same(payload, verify1(tok1));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	263	assert.is_nil(verify2(tok1));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	264
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	265	local tok2 = sign2(payload);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	266	assert.same(payload, verify2(tok2));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	267	assert.is_nil(verify1(tok2));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	268	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	269
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	270	it("rejects tokens if implicit assertion fails", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	271	local payload = { foo = "hello world", b = { 1, 2, 3 } };
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	272	local tok = sign1(payload, nil, "my-custom-assertion");
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	273	assert.is_nil(verify1(tok, nil, "my-incorrect-assertion"));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	274	assert.is_nil(verify1(tok, nil, nil));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	275	assert.same(payload, verify1(tok, nil, "my-custom-assertion"));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	276	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	277	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	278	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	279
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	280	describe("pae", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	281	it("encodes correctly", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	282	-- These test cases are taken from the PASETO docs
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	283	-- https://github.com/paseto-standard/paseto-spec/blob/master/docs/01-Protocol-Versions/Common.md
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	284	assert.equal("\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	285	assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{''});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	286	assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00test", paseto.pae{'test'});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	287	assert.has_errors(function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	288	paseto.pae("test");
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	289	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	290	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	291	end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors Matthew Wild <mwild1@gmail.com> parents: diff changeset	292	end);

author	Kim Alvefur <zash@zash.se>
	Thu, 28 Mar 2024 15:26:57 +0100
changeset 13472	98806cac64c3
parent 12845	8b06d7c73090
permissions	-rw-r--r--