From c5db9fbe32eefc1d9b8d7cb62bb40fc5d2ea5fe7 Mon Sep 17 00:00:00 2001 From: Jake Shadle Date: Wed, 15 May 2019 16:20:25 +0200 Subject: [PATCH] Fix tests --- tests/ecdsa.rs | 14 +++++++++++--- tests/lib.rs | 10 +++++----- tests/rsa.rs | 17 ++++++++++++----- 3 files changed, 28 insertions(+), 13 deletions(-) diff --git a/tests/ecdsa.rs b/tests/ecdsa.rs index 72f13df..5c1b315 100644 --- a/tests/ecdsa.rs +++ b/tests/ecdsa.rs @@ -4,7 +4,7 @@ extern crate serde_derive; extern crate chrono; use chrono::Utc; -use jsonwebtoken::{decode, encode, sign, verify, Algorithm, Header, Validation}; +use jsonwebtoken::{decode, encode, sign, verify, Algorithm, Der, Header, Pkcs8, Validation}; #[derive(Debug, PartialEq, Clone, Serialize, Deserialize)] struct Claims { @@ -16,7 +16,7 @@ struct Claims { #[test] fn round_trip_sign_verification() { let privkey = include_bytes!("private_ecdsa_key.pk8"); - let encrypted = sign("hello world", privkey, Algorithm::ES256).unwrap(); + let encrypted = sign("hello world", Pkcs8::from(&&privkey[..]), Algorithm::ES256).unwrap(); let pubkey = include_bytes!("public_ecdsa_key.pk8"); let is_valid = verify(&encrypted, "hello world", pubkey, Algorithm::ES256).unwrap(); assert!(is_valid); @@ -30,9 +30,17 @@ fn round_trip_claim() { exp: Utc::now().timestamp() + 10000, }; let privkey = include_bytes!("private_ecdsa_key.pk8"); - let token = encode(&Header::new(Algorithm::ES256), &my_claims, privkey).unwrap(); + let token = + encode(&Header::new(Algorithm::ES256), &my_claims, Pkcs8::from(&&privkey[..])).unwrap(); let pubkey = include_bytes!("public_ecdsa_key.pk8"); let token_data = decode::(&token, pubkey, &Validation::new(Algorithm::ES256)).unwrap(); assert_eq!(my_claims, token_data.claims); assert!(token_data.header.kid.is_none()); } + +#[test] +#[should_panic(expected = "InvalidKeyFormat")] +fn fails_with_non_pkcs8_key_format() { + let privkey = include_bytes!("private_rsa_key.der"); + let _encrypted = sign("hello world", Der::from(&&privkey[..]), Algorithm::ES256).unwrap(); +} diff --git a/tests/lib.rs b/tests/lib.rs index 129ee3d..f489477 100644 --- a/tests/lib.rs +++ b/tests/lib.rs @@ -5,7 +5,7 @@ extern crate chrono; use chrono::Utc; use jsonwebtoken::{ - dangerous_unsafe_decode, decode, decode_header, encode, sign, verify, Algorithm, Header, + dangerous_unsafe_decode, decode, decode_header, encode, sign, verify, Algorithm, Header, Hmac, Validation, }; use std::str::FromStr; @@ -19,7 +19,7 @@ struct Claims { #[test] fn sign_hs256() { - let result = sign("hello world", b"secret", Algorithm::HS256).unwrap(); + let result = sign("hello world", Hmac::from(b"secret"), Algorithm::HS256).unwrap(); let expected = "c0zGLzKEFWj0VxWuufTXiRMk5tlI5MbGDAYhzaxIYjo"; assert_eq!(result, expected); } @@ -40,7 +40,7 @@ fn encode_with_custom_header() { }; let mut header = Header::default(); header.kid = Some("kid".to_string()); - let token = encode(&header, &my_claims, "secret".as_ref()).unwrap(); + let token = encode(&header, &my_claims, Hmac::from(b"secret")).unwrap(); let token_data = decode::(&token, "secret".as_ref(), &Validation::default()).unwrap(); assert_eq!(my_claims, token_data.claims); assert_eq!("kid", token_data.header.kid.unwrap()); @@ -53,7 +53,7 @@ fn round_trip_claim() { company: "ACME".to_string(), exp: Utc::now().timestamp() + 10000, }; - let token = encode(&Header::default(), &my_claims, "secret".as_ref()).unwrap(); + let token = encode(&Header::default(), &my_claims, Hmac::from(b"secret")).unwrap(); let token_data = decode::(&token, "secret".as_ref(), &Validation::default()).unwrap(); assert_eq!(my_claims, token_data.claims); assert!(token_data.header.kid.is_none()); @@ -144,7 +144,7 @@ fn does_validation_in_right_order() { company: "ACME".to_string(), exp: Utc::now().timestamp() + 10000, }; - let token = encode(&Header::default(), &my_claims, "secret".as_ref()).unwrap(); + let token = encode(&Header::default(), &my_claims, Hmac::from(b"secret")).unwrap(); let v = Validation { leeway: 5, validate_exp: true, diff --git a/tests/rsa.rs b/tests/rsa.rs index def1f9f..4f2111a 100644 --- a/tests/rsa.rs +++ b/tests/rsa.rs @@ -4,7 +4,7 @@ extern crate serde_derive; extern crate chrono; use chrono::Utc; -use jsonwebtoken::{decode, encode, sign, verify, Algorithm, Header, Validation}; +use jsonwebtoken::{decode, encode, sign, verify, Algorithm, Der, Header, Pkcs8, Validation}; #[derive(Debug, PartialEq, Clone, Serialize, Deserialize)] struct Claims { @@ -15,8 +15,8 @@ struct Claims { #[test] fn round_trip_sign_verification() { - let encrypted = - sign("hello world", include_bytes!("private_rsa_key.der"), Algorithm::RS256).unwrap(); + let privkey = include_bytes!("private_rsa_key.der"); + let encrypted = sign("hello world", Der::from(&&privkey[..]), Algorithm::RS256).unwrap(); let is_valid = verify(&encrypted, "hello world", include_bytes!("public_rsa_key.der"), Algorithm::RS256) .unwrap(); @@ -30,9 +30,9 @@ fn round_trip_claim() { company: "ACME".to_string(), exp: Utc::now().timestamp() + 10000, }; + let privkey = include_bytes!("private_rsa_key.der"); let token = - encode(&Header::new(Algorithm::RS256), &my_claims, include_bytes!("private_rsa_key.der")) - .unwrap(); + encode(&Header::new(Algorithm::RS256), &my_claims, Der::from(&&privkey[..])).unwrap(); let token_data = decode::( &token, include_bytes!("public_rsa_key.der"), @@ -42,3 +42,10 @@ fn round_trip_claim() { assert_eq!(my_claims, token_data.claims); assert!(token_data.header.kid.is_none()); } + +#[test] +#[should_panic(expected = "InvalidRsaKey")] +fn fails_with_different_key_format() { + let privkey = include_bytes!("private_rsa_key.der"); + sign("hello world", Pkcs8::from(&&privkey[..]), Algorithm::RS256).unwrap(); +}