| author | Kim Alvefur <zash@zash.se> |
| Sat, 23 Mar 2024 20:48:19 +0100 | |
| changeset 13465 | c673ff1075bd |
| parent 12845 | 8b06d7c73090 |
| permissions | -rw-r--r-- |
|
12716
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
-- Ignore long lines in this file |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
--luacheck: ignore 631 |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
describe("util.paseto", function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
local paseto = require "util.paseto"; |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
local json = require "util.json"; |
|
12844
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
7 |
local hex = require "util.hex"; |
|
12716
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
|
|
12844
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
9 |
describe("v3.local", function () |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
10 |
local function parse_test_cases(json_test_cases) |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
11 |
local input_cases = json.decode(json_test_cases); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
12 |
local output_cases = {}; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
13 |
for _, case in ipairs(input_cases) do |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
14 |
assert.is_string(case.name, "Bad test case: expected name"); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
15 |
assert.is_nil(output_cases[case.name], "Bad test case: duplicate name"); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
16 |
output_cases[case.name] = function () |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
17 |
local key = hex.decode(case.key); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
18 |
local payload, err = paseto.v3_local.decrypt(case.token, key, case.footer, case["implicit-assertion"]); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
19 |
if case["expect-fail"] then |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
20 |
assert.is_nil(payload); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
21 |
else |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
22 |
assert.is_nil(err); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
23 |
assert.same(json.decode(case.payload), payload); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
24 |
end |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
25 |
end; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
26 |
end |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
27 |
return output_cases; |
|
12716
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
end |
|
12844
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
29 |
|
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
30 |
local test_cases = parse_test_cases [=[[ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
31 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
32 |
"name": "3-E-1", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
33 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
34 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
35 |
"nonce": "0000000000000000000000000000000000000000000000000000000000000000", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
36 |
"token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeg", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
37 |
"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
38 |
"footer": "", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
39 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
40 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
41 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
42 |
"name": "3-E-2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
43 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
44 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
45 |
"nonce": "0000000000000000000000000000000000000000000000000000000000000000", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
46 |
"token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAqhWxBMDgyBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9IzZfaZpReVpHlDSwfuygx1riVXYVs-UjcrG_apl9oz3jCVmmJbRuKn5ZfD8mHz2db0A", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
47 |
"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
48 |
"footer": "", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
49 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
50 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
51 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
52 |
"name": "3-E-3", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
53 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
54 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
55 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
56 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlxnt5xyhQjFJomwnt7WW_7r2VT0G704ifult011-TgLCyQ2X8imQhniG_hAQ4BydM", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
57 |
"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
58 |
"footer": "", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
59 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
60 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
61 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
62 |
"name": "3-E-4", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
63 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
64 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
65 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
66 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlBZa_gOpVj4gv0M9lV6Pwjp8JS_MmaZaTA1LLTULXybOBZ2S4xMbYqYmDRhh3IgEk", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
67 |
"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
68 |
"footer": "", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
69 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
70 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
71 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
72 |
"name": "3-E-5", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
73 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
74 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
75 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
76 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
77 |
"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
78 |
"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
79 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
80 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
81 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
82 |
"name": "3-E-6", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
83 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
84 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
85 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
86 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmSeEMphEWHiwtDKJftg41O1F8Hat-8kQ82ZIAMFqkx9q5VkWlxZke9ZzMBbb3Znfo.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
87 |
"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
88 |
"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
89 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
90 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
91 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
92 |
"name": "3-E-7", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
93 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
94 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
95 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
96 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJkzWACWAIoVa0bz7EWSBoTEnS8MvGBYHHo6t6mJunPrFR9JKXFCc0obwz5N-pxFLOc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
97 |
"payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
98 |
"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
99 |
"implicit-assertion": "{\"test-vector\":\"3-E-7\"}" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
100 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
101 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
102 |
"name": "3-E-8", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
103 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
104 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
105 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
106 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmZHSSKYR6AnPYJV6gpHtx6dLakIG_AOPhu8vKexNyrv5_1qoom6_NaPGecoiz6fR8.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
107 |
"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
108 |
"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
109 |
"implicit-assertion": "{\"test-vector\":\"3-E-8\"}" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
110 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
111 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
112 |
"name": "3-E-9", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
113 |
"expect-fail": false, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
114 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
115 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
116 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlk1nli0_wijTH_vCuRwckEDc82QWK8-lG2fT9wQF271sgbVRVPjm0LwMQZkvvamqU.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
117 |
"payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
118 |
"footer": "arbitrary-string-that-isn't-json", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
119 |
"implicit-assertion": "{\"test-vector\":\"3-E-9\"}" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
120 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
121 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
122 |
"name": "3-F-3", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
123 |
"expect-fail": true, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
124 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
125 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
126 |
"token": "v4.local.1JgN1UG8TFAYS49qsx8rxlwh-9E4ONUm3slJXYi5EibmzxpF0Q-du6gakjuyKCBX8TvnSLOKqCPu8Yh3WSa5yJWigPy33z9XZTJF2HQ9wlLDPtVn_Mu1pPxkTU50ZaBKblJBufRA.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
127 |
"payload": null, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
128 |
"footer": "arbitrary-string-that-isn't-json", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
129 |
"implicit-assertion": "{\"test-vector\":\"3-F-3\"}" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
130 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
131 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
132 |
"name": "3-F-4", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
133 |
"expect-fail": true, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
134 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
135 |
"nonce": "0000000000000000000000000000000000000000000000000000000000000000", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
136 |
"token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeh", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
137 |
"payload": null, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
138 |
"footer": "", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
139 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
140 |
}, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
141 |
{ |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
142 |
"name": "3-F-5", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
143 |
"expect-fail": true, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
144 |
"nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
145 |
"key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
146 |
"token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc=.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
147 |
"payload": null, |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
148 |
"footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}", |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
149 |
"implicit-assertion": "" |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
150 |
} |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
151 |
]]=]; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
152 |
for name, test in pairs(test_cases) do |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
153 |
it("test case "..name, test); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
154 |
end |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
155 |
|
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
156 |
describe("basic sign/verify", function () |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
157 |
local key = paseto.v3_local.new_key(); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
158 |
local sign, verify = paseto.v3_local.init(key); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
159 |
|
|
12845
8b06d7c73090
spec: Suppress some harmless luacheck warnings in tests
Matthew Wild <mwild1@gmail.com>
parents:
12844
diff
changeset
|
160 |
--luacheck: ignore 211/sign2 |
|
12844
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
161 |
local key2 = paseto.v3_local.new_key(); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
162 |
local sign2, verify2 = paseto.v3_local.init(key2); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
163 |
|
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
164 |
it("works", function () |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
165 |
local payload = { foo = "hello world", b = { 1, 2, 3 } }; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
166 |
|
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
167 |
local tok = sign(payload); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
168 |
assert.same(payload, verify(tok)); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
169 |
assert.is_nil(verify2(tok)); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
170 |
end); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
171 |
|
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
172 |
it("rejects tokens if implicit assertion fails", function () |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
173 |
local payload = { foo = "hello world", b = { 1, 2, 3 } }; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
174 |
local tok = sign(payload, nil, "my-custom-assertion"); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
175 |
assert.is_nil(verify(tok, nil, "my-incorrect-assertion")); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
176 |
assert.is_nil(verify(tok, nil, nil)); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
177 |
assert.same(payload, verify(tok, nil, "my-custom-assertion")); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
178 |
end); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
179 |
end); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
180 |
end); |
|
12716
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
181 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
182 |
describe("v4.public", function () |
|
12844
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
183 |
local function parse_test_cases(json_test_cases) |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
184 |
local input_cases = json.decode(json_test_cases); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
185 |
local output_cases = {}; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
186 |
for _, case in ipairs(input_cases) do |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
187 |
assert.is_string(case.name, "Bad test case: expected name"); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
188 |
assert.is_nil(output_cases[case.name], "Bad test case: duplicate name"); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
189 |
output_cases[case.name] = function () |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
190 |
local verify_key = paseto.v4_public.import_public_key(case["public-key-pem"]); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
191 |
local payload, err = paseto.v4_public.verify(case.token, verify_key, case.footer, case["implicit-assertion"]); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
192 |
if case["expect-fail"] then |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
193 |
assert.is_nil(payload); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
194 |
else |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
195 |
assert.is_nil(err); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
196 |
assert.same(json.decode(case.payload), payload); |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
197 |
end |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
198 |
end; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
199 |
end |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
200 |
return output_cases; |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
201 |
end |
|
33d902b093f0
util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents:
12717
diff
changeset
|
202 |
|
|
12716
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
203 |
local test_cases = parse_test_cases [=[[ |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
204 |
{ |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
205 |
"name": "4-S-1", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
206 |
"expect-fail": false, |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
207 |
"public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
208 |
"secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
209 |
"secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
210 |
"secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
211 |
"public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
212 |
"token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9bg_XBBzds8lTZShVlwwKSgeKpLT3yukTw6JUz3W4h_ExsQV-P0V54zemZDcAxFaSeef1QlXEFtkqxT1ciiQEDA", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
213 |
"payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
214 |
"footer": "", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
215 |
"implicit-assertion": "" |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
216 |
}, |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 |
{ |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 |
"name": "4-S-2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
219 |
"expect-fail": false, |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
220 |
"public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 |
"secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 |
"secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 |
"secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 |
"public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
225 |
"token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9v3Jt8mx_TdM2ceTGoqwrh4yDFn0XsHvvV_D0DtwQxVrJEBMl0F2caAdgnpKlt4p7xBnx1HcO-SPo8FPp214HDw.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
226 |
"payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
227 |
"footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
228 |
"implicit-assertion": "" |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 |
}, |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
230 |
{ |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 |
"name": "4-S-3", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 |
"expect-fail": false, |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 |
"public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 |
"secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 |
"secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 |
"secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
237 |
"public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 |
"token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9NPWciuD3d0o5eXJXG5pJy-DiVEoyPYWs1YSTwWHNJq6DZD3je5gf-0M4JR9ipdUSJbIovzmBECeaWmaqcaP0DQ.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 |
"payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
240 |
"footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}", |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
241 |
"implicit-assertion": "{\"test-vector\":\"4-S-3\"}" |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
242 |
}]]=]; |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 |
for name, test in pairs(test_cases) do |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 |
it("test case "..name, test); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
245 |
end |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
246 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
247 |
describe("basic sign/verify", function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
248 |
local function new_keypair() |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
249 |
local kp = paseto.v4_public.new_keypair(); |
|
12717
52eead170bb8
util.paseto: Drop custom wrappers around key objects
Matthew Wild <mwild1@gmail.com>
parents:
12716
diff
changeset
|
250 |
return kp:private_pem(), kp:public_pem(); |
|
12716
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
251 |
end |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
252 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
253 |
local privkey1, pubkey1 = new_keypair(); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
254 |
local privkey2, pubkey2 = new_keypair(); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
255 |
local sign1, verify1 = paseto.v4_public.init(privkey1, pubkey1); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
256 |
local sign2, verify2 = paseto.v4_public.init(privkey2, pubkey2); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
257 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
258 |
it("works", function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
259 |
local payload = { foo = "hello world", b = { 1, 2, 3 } }; |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
260 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
261 |
local tok1 = sign1(payload); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
262 |
assert.same(payload, verify1(tok1)); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
263 |
assert.is_nil(verify2(tok1)); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
264 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
265 |
local tok2 = sign2(payload); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
266 |
assert.same(payload, verify2(tok2)); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
267 |
assert.is_nil(verify1(tok2)); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
268 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
269 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
270 |
it("rejects tokens if implicit assertion fails", function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
271 |
local payload = { foo = "hello world", b = { 1, 2, 3 } }; |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
272 |
local tok = sign1(payload, nil, "my-custom-assertion"); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
273 |
assert.is_nil(verify1(tok, nil, "my-incorrect-assertion")); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
274 |
assert.is_nil(verify1(tok, nil, nil)); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
275 |
assert.same(payload, verify1(tok, nil, "my-custom-assertion")); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
276 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
277 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
278 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
279 |
|
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
280 |
describe("pae", function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
281 |
it("encodes correctly", function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
282 |
-- These test cases are taken from the PASETO docs |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
283 |
-- https://github.com/paseto-standard/paseto-spec/blob/master/docs/01-Protocol-Versions/Common.md |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
284 |
assert.equal("\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{}); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
285 |
assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{''}); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
286 |
assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00test", paseto.pae{'test'}); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
287 |
assert.has_errors(function () |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
288 |
paseto.pae("test"); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
289 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
290 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
291 |
end); |
|
719a72f14e90
util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
292 |
end); |