Annotate

spec/util_paseto_spec.lua @ 13124:f15e23840780

util.http: Implement parser for RFC 7239 Forwarded header Standardized and structured replacement for the X-Forwarded-For, X-Forwarded-Proto set of headers. Notably, this allows per-hop protocol information, unlike X-Forwarded-Proto which is always a single value for some reason.
author Kim Alvefur <zash@zash.se>
date Sat, 03 Jun 2023 16:15:52 +0200
parent 12841:8b06d7c73090
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 -- Ignore long lines in this file
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 --luacheck: ignore 631
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 describe("util.paseto", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local paseto = require "util.paseto";
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local json = require "util.json";
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
7 local hex = require "util.hex";
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
9 describe("v3.local", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
10 local function parse_test_cases(json_test_cases)
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
11 local input_cases = json.decode(json_test_cases);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
12 local output_cases = {};
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
13 for _, case in ipairs(input_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
14 assert.is_string(case.name, "Bad test case: expected name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
15 assert.is_nil(output_cases[case.name], "Bad test case: duplicate name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
16 output_cases[case.name] = function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
17 local key = hex.decode(case.key);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
18 local payload, err = paseto.v3_local.decrypt(case.token, key, case.footer, case["implicit-assertion"]);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
19 if case["expect-fail"] then
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
20 assert.is_nil(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
21 else
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
22 assert.is_nil(err);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
23 assert.same(json.decode(case.payload), payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
24 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
25 end;
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
26 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
27 return output_cases;
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 end
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
29
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
30 local test_cases = parse_test_cases [=[[
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
31 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
32 "name": "3-E-1",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
33 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
34 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
35 "nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
36 "token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeg",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
37 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
38 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
39 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
40 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
41 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
42 "name": "3-E-2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
43 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
44 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
45 "nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
46 "token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAqhWxBMDgyBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9IzZfaZpReVpHlDSwfuygx1riVXYVs-UjcrG_apl9oz3jCVmmJbRuKn5ZfD8mHz2db0A",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
47 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
48 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
49 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
50 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
51 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
52 "name": "3-E-3",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
53 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
54 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
55 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
56 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlxnt5xyhQjFJomwnt7WW_7r2VT0G704ifult011-TgLCyQ2X8imQhniG_hAQ4BydM",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
57 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
58 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
59 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
60 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
61 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
62 "name": "3-E-4",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
63 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
64 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
65 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
66 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlBZa_gOpVj4gv0M9lV6Pwjp8JS_MmaZaTA1LLTULXybOBZ2S4xMbYqYmDRhh3IgEk",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
67 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
68 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
69 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
70 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
71 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
72 "name": "3-E-5",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
73 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
74 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
75 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
76 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
77 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
78 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
79 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
80 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
81 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
82 "name": "3-E-6",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
83 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
84 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
85 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
86 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmSeEMphEWHiwtDKJftg41O1F8Hat-8kQ82ZIAMFqkx9q5VkWlxZke9ZzMBbb3Znfo.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
87 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
88 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
89 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
90 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
91 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
92 "name": "3-E-7",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
93 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
94 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
95 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
96 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJkzWACWAIoVa0bz7EWSBoTEnS8MvGBYHHo6t6mJunPrFR9JKXFCc0obwz5N-pxFLOc.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
97 "payload": "{\"data\":\"this is a secret message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
98 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
99 "implicit-assertion": "{\"test-vector\":\"3-E-7\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
100 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
101 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
102 "name": "3-E-8",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
103 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
104 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
105 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
106 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJmZHSSKYR6AnPYJV6gpHtx6dLakIG_AOPhu8vKexNyrv5_1qoom6_NaPGecoiz6fR8.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
107 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
108 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
109 "implicit-assertion": "{\"test-vector\":\"3-E-8\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
110 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
111 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
112 "name": "3-E-9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
113 "expect-fail": false,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
114 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
115 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
116 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0X-4P3EcxGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlk1nli0_wijTH_vCuRwckEDc82QWK8-lG2fT9wQF271sgbVRVPjm0LwMQZkvvamqU.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
117 "payload": "{\"data\":\"this is a hidden message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
118 "footer": "arbitrary-string-that-isn't-json",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
119 "implicit-assertion": "{\"test-vector\":\"3-E-9\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
120 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
121 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
122 "name": "3-F-3",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
123 "expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
124 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
125 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
126 "token": "v4.local.1JgN1UG8TFAYS49qsx8rxlwh-9E4ONUm3slJXYi5EibmzxpF0Q-du6gakjuyKCBX8TvnSLOKqCPu8Yh3WSa5yJWigPy33z9XZTJF2HQ9wlLDPtVn_Mu1pPxkTU50ZaBKblJBufRA.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
127 "payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
128 "footer": "arbitrary-string-that-isn't-json",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
129 "implicit-assertion": "{\"test-vector\":\"3-F-3\"}"
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
130 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
131 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
132 "name": "3-F-4",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
133 "expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
134 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
135 "nonce": "0000000000000000000000000000000000000000000000000000000000000000",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
136 "token": "v3.local.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbfcIURX_0pVZVU1mAESUzrKZAsRm2EsD6yBoZYn6cpVZNzSJOhSDN-sRaWjfLU-yn9OJH1J_B8GKtOQ9gSQlb8yk9Iza7teRdkiR89ZFyvPPsVjjFiepFUVcMa-LP18zV77f_crJrVXWa5PDNRkCSeHfBBeh",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
137 "payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
138 "footer": "",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
139 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
140 },
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
141 {
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
142 "name": "3-F-5",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
143 "expect-fail": true,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
144 "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
145 "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
146 "token": "v3.local.JvdVM1RIKh2R1HhGJ4VLjaa4BCp5ZlI8K0BOjbvn9_LwY78vQnDait-Q-sjhF88dG2B0ROIIykcrGHn8wzPbTrqObHhyoKpjy3cwZQzLdiwRsdEK5SDvl02_HjWKJW2oqGMOQJlkYSIbXOgVuIQL65UMdW9WcjOpmqvjqD40NNzed-XPqn1T3w-bJvitYpUJL_rmihc=.eyJraWQiOiJVYmtLOFk2aXY0R1poRnA2VHgzSVdMV0xmTlhTRXZKY2RUM3pkUjY1WVp4byJ9",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
147 "payload": null,
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
148 "footer": "{\"kid\":\"UbkK8Y6iv4GZhFp6Tx3IWLWLfNXSEvJcdT3zdR65YZxo\"}",
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
149 "implicit-assertion": ""
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
150 }
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
151 ]]=];
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
152 for name, test in pairs(test_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
153 it("test case "..name, test);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
154 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
155
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
156 describe("basic sign/verify", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
157 local key = paseto.v3_local.new_key();
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
158 local sign, verify = paseto.v3_local.init(key);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
159
12841
8b06d7c73090 spec: Suppress some harmless luacheck warnings in tests
Matthew Wild <mwild1@gmail.com>
parents: 12840
diff changeset
160 --luacheck: ignore 211/sign2
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
161 local key2 = paseto.v3_local.new_key();
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
162 local sign2, verify2 = paseto.v3_local.init(key2);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
163
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
164 it("works", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
165 local payload = { foo = "hello world", b = { 1, 2, 3 } };
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
166
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
167 local tok = sign(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
168 assert.same(payload, verify(tok));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
169 assert.is_nil(verify2(tok));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
170 end);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
171
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
172 it("rejects tokens if implicit assertion fails", function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
173 local payload = { foo = "hello world", b = { 1, 2, 3 } };
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
174 local tok = sign(payload, nil, "my-custom-assertion");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
175 assert.is_nil(verify(tok, nil, "my-incorrect-assertion"));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
176 assert.is_nil(verify(tok, nil, nil));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
177 assert.same(payload, verify(tok, nil, "my-custom-assertion"));
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
178 end);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
179 end);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
180 end);
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
181
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
182 describe("v4.public", function ()
12840
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
183 local function parse_test_cases(json_test_cases)
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
184 local input_cases = json.decode(json_test_cases);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
185 local output_cases = {};
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
186 for _, case in ipairs(input_cases) do
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
187 assert.is_string(case.name, "Bad test case: expected name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
188 assert.is_nil(output_cases[case.name], "Bad test case: duplicate name");
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
189 output_cases[case.name] = function ()
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
190 local verify_key = paseto.v4_public.import_public_key(case["public-key-pem"]);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
191 local payload, err = paseto.v4_public.verify(case.token, verify_key, case.footer, case["implicit-assertion"]);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
192 if case["expect-fail"] then
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
193 assert.is_nil(payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
194 else
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
195 assert.is_nil(err);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
196 assert.same(json.decode(case.payload), payload);
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
197 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
198 end;
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
199 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
200 return output_cases;
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
201 end
33d902b093f0 util.paseto: Add support for v3.local tokens
Matthew Wild <mwild1@gmail.com>
parents: 12713
diff changeset
202
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
203 local test_cases = parse_test_cases [=[[
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
204 {
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
205 "name": "4-S-1",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
206 "expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
207 "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
208 "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
209 "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
210 "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
211 "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
212 "token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9bg_XBBzds8lTZShVlwwKSgeKpLT3yukTw6JUz3W4h_ExsQV-P0V54zemZDcAxFaSeef1QlXEFtkqxT1ciiQEDA",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
213 "payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
214 "footer": "",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
215 "implicit-assertion": ""
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
216 },
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
217 {
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
218 "name": "4-S-2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
219 "expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
220 "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
221 "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
222 "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
223 "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
224 "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
225 "token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9v3Jt8mx_TdM2ceTGoqwrh4yDFn0XsHvvV_D0DtwQxVrJEBMl0F2caAdgnpKlt4p7xBnx1HcO-SPo8FPp214HDw.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
226 "payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
227 "footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
228 "implicit-assertion": ""
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
229 },
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
230 {
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
231 "name": "4-S-3",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
232 "expect-fail": false,
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
233 "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
234 "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
235 "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
236 "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
237 "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
238 "token": "v4.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ9NPWciuD3d0o5eXJXG5pJy-DiVEoyPYWs1YSTwWHNJq6DZD3je5gf-0M4JR9ipdUSJbIovzmBECeaWmaqcaP0DQ.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
239 "payload": "{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
240 "footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
241 "implicit-assertion": "{\"test-vector\":\"4-S-3\"}"
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
242 }]]=];
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
243 for name, test in pairs(test_cases) do
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
244 it("test case "..name, test);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
245 end
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
246
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
247 describe("basic sign/verify", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
248 local function new_keypair()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
249 local kp = paseto.v4_public.new_keypair();
12713
52eead170bb8 util.paseto: Drop custom wrappers around key objects
Matthew Wild <mwild1@gmail.com>
parents: 12712
diff changeset
250 return kp:private_pem(), kp:public_pem();
12712
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
251 end
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
252
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
253 local privkey1, pubkey1 = new_keypair();
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
254 local privkey2, pubkey2 = new_keypair();
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
255 local sign1, verify1 = paseto.v4_public.init(privkey1, pubkey1);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
256 local sign2, verify2 = paseto.v4_public.init(privkey2, pubkey2);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
257
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
258 it("works", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
259 local payload = { foo = "hello world", b = { 1, 2, 3 } };
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
260
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
261 local tok1 = sign1(payload);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
262 assert.same(payload, verify1(tok1));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
263 assert.is_nil(verify2(tok1));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
264
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
265 local tok2 = sign2(payload);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
266 assert.same(payload, verify2(tok2));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
267 assert.is_nil(verify1(tok2));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
268 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
269
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
270 it("rejects tokens if implicit assertion fails", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
271 local payload = { foo = "hello world", b = { 1, 2, 3 } };
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
272 local tok = sign1(payload, nil, "my-custom-assertion");
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
273 assert.is_nil(verify1(tok, nil, "my-incorrect-assertion"));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
274 assert.is_nil(verify1(tok, nil, nil));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
275 assert.same(payload, verify1(tok, nil, "my-custom-assertion"));
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
276 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
277 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
278 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
279
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
280 describe("pae", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
281 it("encodes correctly", function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
282 -- These test cases are taken from the PASETO docs
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
283 -- https://github.com/paseto-standard/paseto-spec/blob/master/docs/01-Protocol-Versions/Common.md
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
284 assert.equal("\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
285 assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", paseto.pae{''});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
286 assert.equal("\x01\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00test", paseto.pae{'test'});
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
287 assert.has_errors(function ()
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
288 paseto.pae("test");
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
289 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
290 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
291 end);
719a72f14e90 util.paseto: Add tests based on official PASETO test vectors
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
292 end);