Annotate

spec/util_paseto_spec.lua @ 13069:45caa4e43775

mod_http: Fix reliance on previous tostring() format of util.set a863e4237b91 unintentionally changed the format of HTTP CORS headers, which were apparently relying on the output of tostring(), which it shouldn't have. Explicitly serializing it this time.
author Kim Alvefur <zash@zash.se>
date Mon, 10 Apr 2023 11:50:27 +0200
parent 12841:8b06d7c73090
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 -- Ignore long lines in this file
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 --luacheck: ignore 631
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 describe("util.paseto", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local paseto = require "util.paseto";
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local json = require "util.json";
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
7 local hex = require "util.hex";
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
9 describe("v3.local", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
10 local function parse_test_cases(json_test_cases)
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
11 local input_cases = json.decode(json_test_cases);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
12 local output_cases = {};
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
13 for _, case in ipairs(input_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
14 assert.is_string(case.name, "Bad test case: expected name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
15 assert.is_nil(output_cases[case.name], "Bad test case: duplicate name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
16 output_cases[case.name] = function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
17 local key = hex.decode(case.key);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
18 local payload, err = paseto.v3_local.decrypt(case.token, key, case.footer, case["implicit-assertion"]);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
19 if case["expect-fail"] then
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
20 assert.is_nil(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
21 else
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
22 assert.is_nil(err);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
23 assert.same(json.decode(case.payload), payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
24 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
25 end;
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
26 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
27 return output_cases;
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 end
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
29
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
30 local test_cases = parse_test_cases [=[[
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
31 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
32 "name": "3-E-1",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
33 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
34 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
35 "nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
36 "token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeg",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
37 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
38 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
39 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
40 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
41 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
42 "name": "3-E-2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
43 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
44 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
45 "nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
46 "token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAqhWxBMDgyBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9IzZfaZpReVpHlDSwfuygx1riVXYVs-UjcrG_apl9oz3jCVmmJbRuKn5ZfD8mHz2db0A",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
47 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
48 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
49 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
50 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
51 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
52 "name": "3-E-3",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
53 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
54 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
55 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
56 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlxnt5xyhQjFJomwnt7WW_7r2VT0G704ifult011-TgLCyQ2X8imQhniG_hAQ4BydM",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
57 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
58 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
59 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
60 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
61 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
62 "name": "3-E-4",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
63 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
64 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
65 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
66 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlBZa_gOpVj4gv0M9lV6Pwjp8JS_MmaZaTA1LLTULXybOBZ2S4xMbYqYmDRhh3IgEk",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
67 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
68 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
69 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
70 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
71 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
72 "name": "3-E-5",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
73 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
74 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
75 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
76 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
77 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
78 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
79 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
80 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
81 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
82 "name": "3-E-6",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
83 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
84 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
85 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
86 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmSeEMphEWHiwtDKJftg41O1F8Hat-8kQ82ZIAMFqkx9q5VkWlxZke9ZzMBbb3Znfo.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
87 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
88 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
89 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
90 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
91 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
92 "name": "3-E-7",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
93 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
94 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
95 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
96 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJkzWACWAIoVa0bz7EWSBoTEnS8MvGBYHHo6t6mJunPrFR9JKXFCc0obwz5N-pxFLOc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
97 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
98 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
99 "implicit-assertion": "{\"test-vector\":\"3-E-7\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
100 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
101 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
102 "name": "3-E-8",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
103 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
104 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
105 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
106 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmZHSSKYR6AnPYJV6gpHtx6dLakIG_AOPhu8vKexNyrv5_1qoom6_NaPGecoiz6fR8.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
107 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
108 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
109 "implicit-assertion": "{\"test-vector\":\"3-E-8\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
110 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
111 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
112 "name": "3-E-9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
113 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
114 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
115 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
116 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlk1nli0_wijTH_vCuRwckEDc82QWK8-lG2fT9wQF271sgbVRVPjm0LwMQZkvvamqU.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
117 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
118 "footer": "arbitrary-string-that-isn't-json",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
119 "implicit-assertion": "{\"test-vector\":\"3-E-9\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
120 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
121 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
122 "name": "3-F-3",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
123 "expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
124 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
125 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
126 "token": "v4.local.1JgN1UG8TFAYS49qsx8rxlwh-9E4ONUm3slJXYi5EibmzxpF0Q-du6gakjuyKCBX8TvnSLOKqCPu8Yh3WSa5yJWigPy33z9XZTJF2HQ9wlLDPtVn_Mu1pPxkTU50ZaBKblJBufRA.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
127 "payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
128 "footer": "arbitrary-string-that-isn't-json",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
129 "implicit-assertion": "{\"test-vector\":\"3-F-3\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
130 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
131 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
132 "name": "3-F-4",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
133 "expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
134 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
135 "nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
136 "token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeh",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
137 "payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
138 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
139 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
140 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
141 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
142 "name": "3-F-5",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
143 "expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
144 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
145 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
146 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc=.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
147 "payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
148 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
149 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
150 }
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
151 ]]=];
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
152 for name, test in pairs(test_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
153 it("test case "..name, test);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
154 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
155
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
156 describe("basic sign/verify", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
157 local key = paseto.v3_local.new_key();
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
158 local sign, verify = paseto.v3_local.init(key);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
159
12841
8b06d7c73090 spec: Suppress some harmless luacheck warnings in tests
Matthew Wild <mwild1@gmail.com>
parents: 12840
diff changeset
160 --luacheck: ignore 211/sign2
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
161 local key2 = paseto.v3_local.new_key();
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
162 local sign2, verify2 = paseto.v3_local.init(key2);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
163
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
164 it("works", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
165 local payload = { foo = "hello world", b = { 1, 2, 3 } };
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
166
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
167 local tok = sign(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
168 assert.same(payload, verify(tok));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
169 assert.is_nil(verify2(tok));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
170 end);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
171
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
172 it("rejects tokens if implicit assertion fails", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
173 local payload = { foo = "hello world", b = { 1, 2, 3 } };
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
174 local tok = sign(payload, nil, "my-custom-assertion");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
175 assert.is_nil(verify(tok, nil, "my-incorrect-assertion"));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
176 assert.is_nil(verify(tok, nil, nil));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
177 assert.same(payload, verify(tok, nil, "my-custom-assertion"));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
178 end);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
179 end);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
180 end);
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
181
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
182 describe("v4.public", function ()
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
183 local function parse_test_cases(json_test_cases)
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
184 local input_cases = json.decode(json_test_cases);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
185 local output_cases = {};
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
186 for _, case in ipairs(input_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
187 assert.is_string(case.name, "Bad test case: expected name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
188 assert.is_nil(output_cases[case.name], "Bad test case: duplicate name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
189 output_cases[case.name] = function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
190 local verify_key = paseto.v4_public.import_public_key(case["public-key-pem"]);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
191 local payload, err = paseto.v4_public.verify(case.token, verify_key, case.footer, case["implicit-assertion"]);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
192 if case["expect-fail"] then
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
193 assert.is_nil(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
194 else
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
195 assert.is_nil(err);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
196 assert.same(json.decode(case.payload), payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
197 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
198 end;
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
199 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
200 return output_cases;
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
201 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
202
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
203 local test_cases = parse_test_cases [=[[
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
204 {
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
205 "name": "4-S-1",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
206 "expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
207 "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
208 "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
209 "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
210 "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
211 "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
212 "token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9bg_XBBzds8lTZShVlwwKSgeKpLT3yukTw6JUz3W4h_ExsQV-P0V54zemZDcAxFaSeef1QlXEFtkqxT1ciiQEDA",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
213 "payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
214 "footer": "",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
215 "implicit-assertion": ""
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
216 },
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
217 {
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
218 "name": "4-S-2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
219 "expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
220 "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
221 "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
222 "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
223 "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
224 "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
225 "token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9v3Jt8mx_TdM2ceTGoqwrh4yDFn0XsHvvV_D0DtwQxVrJEBMl0F2caAdgnpKlt4p7xBnx1HcO-SPo8FPp214HDw.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
226 "payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
227 "footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
228 "implicit-assertion": ""
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
229 },
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
230 {
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
231 "name": "4-S-3",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
232 "expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
233 "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
234 "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
235 "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
236 "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
237 "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
238 "token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9NPWciuD3d0o5eXJXG5pJy-DiVEoyPYWs1YSTwWHNJq6DZD3je5gf-0M4JR9ipdUSJbIovzmBECeaWmaqcaP0DQ.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
239 "payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
240 "footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
241 "implicit-assertion": "{\"test-vector\":\"4-S-3\"}"
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
242 }]]=];
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
243 for name, test in pairs(test_cases) do
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
244 it("test case "..name, test);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
245 end
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
246
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
247 describe("basic sign/verify", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
248 local function new_keypair()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
249 local kp = paseto.v4_public.new_keypair();
12713
52eead170bb8 util.paseto: Drop custom wrappers around key objects
Matthew Wild <mwild1@gmail.com>
parents: 12712
diff changeset
250 return kp:private_pem(), kp:public_pem();
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
251 end
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
252
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
253 local privkey1, pubkey1 = new_keypair();
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
254 local privkey2, pubkey2 = new_keypair();
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
255 local sign1, verify1 = paseto.v4_public.init(privkey1, pubkey1);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
256 local sign2, verify2 = paseto.v4_public.init(privkey2, pubkey2);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
257
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
258 it("works", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
259 local payload = { foo = "hello world", b = { 1, 2, 3 } };
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
260
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
261 local tok1 = sign1(payload);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
262 assert.same(payload, verify1(tok1));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
263 assert.is_nil(verify2(tok1));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
264
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
265 local tok2 = sign2(payload);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
266 assert.same(payload, verify2(tok2));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
267 assert.is_nil(verify1(tok2));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
268 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
269
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
270 it("rejects tokens if implicit assertion fails", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
271 local payload = { foo = "hello world", b = { 1, 2, 3 } };
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
272 local tok = sign1(payload, nil, "my-custom-assertion");
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
273 assert.is_nil(verify1(tok, nil, "my-incorrect-assertion"));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
274 assert.is_nil(verify1(tok, nil, nil));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
275 assert.same(payload, verify1(tok, nil, "my-custom-assertion"));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
276 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
277 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
278 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
279
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
280 describe("pae", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
281 it("encodes correctly", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
282 -- These test cases are taken from the PASETO docs
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
283 -- https://github.com/paseto-standard/paseto-spec/blob/master/docs/01-Protocol-Versions/Common.md
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
284 assert.equal("\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
285 assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{''});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
286 assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00test", paseto.pae{'test'});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
287 assert.has_errors(function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
288 paseto.pae("test");
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
289 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
290 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
291 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
292 end);