From 27508a38de7041adeb4ca5e56af69fbce975f789 Mon Sep 17 00:00:00 2001 From: Artur Troian Date: Thu, 19 Mar 2020 22:08:43 -0400 Subject: [PATCH] feat: implement EdDSA Signed-off-by: Artur Troian --- CMakeLists.txt | 66 +++++++++++++++------ README.md | 1 + include/export/jwtpp/jwtpp.hh | 59 +++++++++++++++---- src/crypto.cpp | 12 ++++ src/ecdsa.cpp | 2 +- src/eddsa.cpp | 105 ++++++++++++++++++++++++++++++++++ src/hmac.cpp | 2 +- src/pss.cpp | 2 +- src/rsa.cpp | 2 +- tests/ecdsa.cpp | 12 ++-- tests/eddsa.cpp | 85 +++++++++++++++++++++++++++ tests/hmac.cpp | 42 +++++++------- tests/pss.cpp | 46 +++++++-------- tests/rsa.cpp | 46 +++++++-------- 14 files changed, 377 insertions(+), 105 deletions(-) create mode 100644 src/eddsa.cpp create mode 100644 tests/eddsa.cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index aa86212..0ace691 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -34,6 +34,12 @@ if (NOT WIN32 AND NOT JsonCPP_FOUND) pkg_check_modules(JsonCPP REQUIRED jsoncpp) endif () +set(eddsa_support OFF) + +if (OPENSSL_VERSION VERSION_GREATER_EQUAL 1.1.1) + set(eddsa_support ON) +endif() + include_directories(SYSTEM ${OPENSSL_INCLUDE_DIR}) include_directories(SYSTEM ${JsonCPP_INCLUDE_DIRS}) link_directories(${JsonCPP_LIBRARY_DIRS}) @@ -56,6 +62,7 @@ if (NOT MSVC) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-deprecated") endif () + set(LIB_SOURCES src/b64.cpp src/claims.cpp @@ -65,15 +72,27 @@ set(LIB_SOURCES src/header.cpp src/hmac.cpp src/jwtpp.cpp - src/rsa.cpp - src/tools.cpp src/pss.cpp + src/rsa.cpp src/statics.cpp + src/tools.cpp + include/export/jwtpp/jwtpp.hh include/local/jwtpp/statics.hh ) -add_library(${PROJECT_NAME}-static STATIC ${LIB_SOURCES}) +add_library( + ${PROJECT_NAME}-static + STATIC ${LIB_SOURCES} +) +if (eddsa_support) + target_sources( + ${PROJECT_NAME}-static + PRIVATE + src/eddsa.cpp + ) +endif() + set_target_properties(${PROJECT_NAME}-static PROPERTIES OUTPUT_NAME ${PROJECT_NAME} CLEAN_DIRECT_OUTPUT 1) target_include_directories( @@ -103,6 +122,14 @@ endif () if (BUILD_SHARED_LIBS) add_library(${PROJECT_NAME}-shared SHARED ${LIB_SOURCES}) + if (eddsa_support) + target_sources( + ${PROJECT_NAME}-shared + PRIVATE + src/eddsa.cpp + ) + endif() + set_target_properties(${PROJECT_NAME}-shared PROPERTIES POSITION_INDEPENDENT_CODE TRUE) set_target_properties(${PROJECT_NAME}-shared PROPERTIES OUTPUT_NAME ${PROJECT_NAME} CLEAN_DIRECT_OUTPUT 1) target_include_directories( @@ -159,18 +186,24 @@ if (WITH_TESTS) include_directories(${PROJECT_SOURCE_DIR}/gtest/googletest/include) - set(JOSEPP_TEST_SRS + add_executable(jwtpp_test tests/b64.cpp tests/claims.cpp + tests/digest.cpp tests/ecdsa.cpp + tests/header.cpp tests/hmac.cpp - tests/rsa.cpp tests/pss.cpp - tests/digest.cpp - tests/header.cpp + tests/rsa.cpp ) - add_executable(jwtpp_test ${JOSEPP_TEST_SRS}) + if (eddsa_support) + target_sources( + jwtpp_test + PRIVATE + tests/eddsa.cpp + ) + endif() if (WIN32) set(WIN32_DEP_LIBS crypt32.lib ws2_32.lib) @@ -190,12 +223,13 @@ if (WITH_TESTS) PRIVATE -DTEST_RSA_KEY_PATH=\"${CMAKE_SOURCE_DIR}/tests/rsa.pem\" ) - if (CMAKE_BUILD_TYPE STREQUAL "Debug") - append_coverage_compiler_flags() - - setup_target_for_coverage_lcov( - NAME coverage - EXECUTABLE jwtpp_test - ) - endif () +# +# if (CMAKE_BUILD_TYPE STREQUAL "Debug") +# append_coverage_compiler_flags() +# +# setup_target_for_coverage_lcov( +# NAME coverage +# EXECUTABLE jwtpp_test +# ) +# endif () endif () diff --git a/README.md b/README.md index 98d54e9..4c41a68 100644 --- a/README.md +++ b/README.md @@ -39,6 +39,7 @@ JSON Object Signing and Encryption library for C++ | PS256 | **Supported** | | PS384 | **Supported** | | PS512 | **Supported** | +| EdDSA | **Supported** | #### Claims |Claim|Options|Status| diff --git a/include/export/jwtpp/jwtpp.hh b/include/export/jwtpp/jwtpp.hh index 602cc30..1f4c765 100644 --- a/include/export/jwtpp/jwtpp.hh +++ b/include/export/jwtpp/jwtpp.hh @@ -71,6 +71,9 @@ enum class alg_t { PS256, PS384, PS512, +#if OPENSSL_VERSION_NUMBER >= 0x10101000L + EdDSA, +#endif // OPENSSL_VERSION_NUMBER >= 0x10101000L UNKNOWN }; @@ -92,14 +95,18 @@ enum class alg_t { typedef std::shared_ptr sp_rsa_key; typedef std::shared_ptr sp_ecdsa_key; #else - using sp_claims = typename std::shared_ptr; - using up_claims = typename std::unique_ptr; - using sp_crypto = typename std::shared_ptr; - using sp_hmac = typename std::shared_ptr; - using sp_rsa = typename std::shared_ptr; - using sp_ecdsa = typename std::shared_ptr; - using sp_rsa_key = typename std::shared_ptr; - using sp_ecdsa_key = typename std::shared_ptr; + using sp_claims = typename std::shared_ptr; + using up_claims = typename std::unique_ptr; + using sp_crypto = typename std::shared_ptr; + using sp_hmac = typename std::shared_ptr; + using sp_rsa = typename std::shared_ptr; + using sp_ecdsa = typename std::shared_ptr; + using sp_rsa_key = typename std::shared_ptr; + using sp_ecdsa_key = typename std::shared_ptr; + using sp_evp_key = typename std::shared_ptr; + + using sp_evp_md_ctx = typename std::shared_ptr; + using sp_evp_pkey_ctx = typename std::shared_ptr; #endif // defined(_MSC_VER) && (_MSC_VER < 1700) template @@ -559,7 +566,7 @@ protected: class hmac : public crypto { public: - explicit hmac(alg_t a, const secure_string &secret); + explicit hmac(const secure_string &secret, alg_t a = alg_t::HS256); ~hmac() override = default; @@ -581,7 +588,7 @@ private: class rsa : public crypto { public: - explicit rsa(alg_t a, sp_rsa_key key); + explicit rsa(sp_rsa_key key, alg_t a = alg_t::RS256); ~rsa() override; @@ -617,7 +624,7 @@ private: class ecdsa : public crypto { public: - explicit ecdsa(alg_t a, sp_ecdsa_key key); + explicit ecdsa(sp_ecdsa_key key, alg_t a = alg_t::ES256); ~ecdsa() override = default; @@ -640,9 +647,37 @@ private: sp_ecdsa_key _e; }; +#if OPENSSL_VERSION_NUMBER >= 0x10101000L +class eddsa : public crypto { +public: + explicit eddsa(sp_evp_key key, alg_t a = alg_t::EdDSA); + + ~eddsa() override = default; + +public: + std::string sign(const std::string &data) override; + bool verify(const std::string &data, const std::string &sig) override; + +public: + +#if !(defined(_MSC_VER) && (_MSC_VER < 1700)) + template + static sp_ecdsa make_shared(_Args&&... __args) { + return std::make_shared(__args...); + } +#endif // !(defined(_MSC_VER) && (_MSC_VER < 1700)) + + static sp_evp_key gen(); + static sp_evp_key get_pub(sp_evp_key priv); + +private: + sp_evp_key _e; +}; +#endif // OPENSSL_VERSION_NUMBER >= 0x10101000L + class pss : public crypto { public: - explicit pss(alg_t a, sp_rsa_key key); + explicit pss(sp_rsa_key key, alg_t a = alg_t::PS256); ~pss() override = default; diff --git a/src/crypto.cpp b/src/crypto.cpp index 3a175de..a1e0f92 100644 --- a/src/crypto.cpp +++ b/src/crypto.cpp @@ -35,6 +35,10 @@ crypto::crypto(alg_t a) _hash_type = digest::type::SHA384; } else if (a == alg_t::HS512 || a == alg_t::RS512 || a == alg_t::ES512 || a == alg_t::PS512) { _hash_type = digest::type::SHA512; +#if OPENSSL_VERSION_NUMBER >= 0x10101000L + } else if (a == alg_t::EdDSA) { + // ED25519 does not support digests +#endif // OPENSSL_VERSION_NUMBER >= 0x10101000L } else { throw std::runtime_error("invalid algorithm"); } @@ -70,6 +74,10 @@ const char *crypto::alg2str(alg_t a) { return "PS384"; case alg_t::PS512: return "PS512"; +#if OPENSSL_VERSION_NUMBER >= 0x10101000L + case alg_t::EdDSA: + return "EdDSA"; +#endif // OPENSSL_VERSION_NUMBER >= 0x10101000L default: return nullptr; } @@ -102,6 +110,10 @@ alg_t crypto::str2alg(const std::string &a) { return alg_t::PS384; } else if (a == "PS512") { return alg_t::PS512; + } else if (a == "EdDSA") { +#if OPENSSL_VERSION_NUMBER >= 0x10101000L + return alg_t::EdDSA; +#endif // OPENSSL_VERSION_NUMBER >= 0x10101000L } else { return alg_t::UNKNOWN; } diff --git a/src/ecdsa.cpp b/src/ecdsa.cpp index 5ea8b59..91cdd93 100644 --- a/src/ecdsa.cpp +++ b/src/ecdsa.cpp @@ -26,7 +26,7 @@ namespace jwtpp { -ecdsa::ecdsa(alg_t a, sp_ecdsa_key key) +ecdsa::ecdsa(sp_ecdsa_key key, alg_t a) : crypto(a) , _e(key) { diff --git a/src/eddsa.cpp b/src/eddsa.cpp new file mode 100644 index 0000000..204f175 --- /dev/null +++ b/src/eddsa.cpp @@ -0,0 +1,105 @@ +// The MIT License (MIT) +// +// Copyright (c) 2016-2020 Artur Troian +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. + +#include +#include +#include + +#include + +namespace jwtpp { + +eddsa::eddsa(sp_evp_key key, alg_t a) + : crypto(a) + , _e(key) +{ + if (a != alg_t::EdDSA) { + throw std::invalid_argument("Invalid algorithm"); + } +} + +std::string eddsa::sign(const std::string &data) { + auto md = sp_evp_md_ctx(EVP_MD_CTX_new(), ::EVP_MD_CTX_free); + + EVP_MD_CTX_init(md.get()); + + if (EVP_DigestSignInit(md.get(), nullptr, nullptr, nullptr, _e.get()) != 1) { + throw std::runtime_error("eddsa: digest sign init"); + } + + size_t sig_len = EVP_PKEY_size(_e.get()); + + auto sig = std::shared_ptr(new uint8_t[sig_len], std::default_delete()); + + if (EVP_DigestSign(md.get(), sig.get(), &sig_len, (const uint8_t *)data.data(), data.size()) != 1) { + throw std::runtime_error("eddsa: digest sign"); + } + + return b64::encode_uri(sig.get(), sig_len); +} + +bool eddsa::verify(const std::string &data, const std::string &sig) { + auto s = b64::decode_uri(sig.data(), sig.length()); + + auto md = sp_evp_md_ctx(EVP_MD_CTX_new(), ::EVP_MD_CTX_free); + + EVP_MD_CTX_init(md.get()); + + if (EVP_DigestVerifyInit(md.get(), nullptr, nullptr, nullptr, _e.get()) != 1) { + throw std::runtime_error("eddsa: digest verify init"); + } + + return EVP_DigestVerify(md.get(), s.data(), s.size(), (const uint8_t *)data.data(), data.size()) == 1; +} + +sp_evp_key eddsa::gen() { + auto ctx = sp_evp_pkey_ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, nullptr), ::EVP_PKEY_CTX_free); + if (EVP_PKEY_keygen_init(ctx.get()) != 1) { + throw std::runtime_error("eddsa: couldn't init evp keygen"); + } + + EVP_PKEY *key = nullptr; + + if (EVP_PKEY_keygen(ctx.get(), &key) != 1) { + throw std::runtime_error("eddsa: couldn't generate ED25519 key"); + } + + return sp_evp_key(key, ::EVP_PKEY_free); +} + +sp_evp_key eddsa::get_pub(sp_evp_key priv) { + size_t key_len; + + if (EVP_PKEY_get_raw_public_key(priv.get(), nullptr, &key_len) != 1) { + throw std::runtime_error("eddsa: couldn't read size of public key"); + } + + auto k = std::shared_ptr(new uint8_t[key_len], std::default_delete()); + + if (EVP_PKEY_get_raw_public_key(priv.get(), k.get(), &key_len) != 1) { + throw std::runtime_error("eddsa: couldn't extract public key"); + } + + return sp_evp_key(EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, nullptr, k.get(), key_len), ::EVP_PKEY_free); +} + +} // namespace jwtpp diff --git a/src/hmac.cpp b/src/hmac.cpp index b64420f..c3919d2 100644 --- a/src/hmac.cpp +++ b/src/hmac.cpp @@ -26,7 +26,7 @@ namespace jwtpp { -hmac::hmac(alg_t a, const secure_string &secret) +hmac::hmac(const secure_string &secret, alg_t a) : crypto(a) , _secret(secret) { diff --git a/src/pss.cpp b/src/pss.cpp index d0c8144..66ad719 100644 --- a/src/pss.cpp +++ b/src/pss.cpp @@ -8,7 +8,7 @@ namespace jwtpp { -pss::pss(alg_t a, sp_rsa_key key) +pss::pss(sp_rsa_key key, alg_t a) : crypto(a) , _r(key) { diff --git a/src/rsa.cpp b/src/rsa.cpp index 51df3cb..4fdeb1b 100644 --- a/src/rsa.cpp +++ b/src/rsa.cpp @@ -27,7 +27,7 @@ namespace jwtpp { -rsa::rsa(alg_t a, sp_rsa_key key) +rsa::rsa(sp_rsa_key key, alg_t a) : crypto(a) , _r(key) { diff --git a/tests/ecdsa.cpp b/tests/ecdsa.cpp index 2342e2d..944fe3b 100644 --- a/tests/ecdsa.cpp +++ b/tests/ecdsa.cpp @@ -48,12 +48,12 @@ TEST(JosePP, sign_verify_ecdsa256) { jwtpp::sp_crypto e384_pub; jwtpp::sp_crypto e512_pub; - EXPECT_NO_THROW(e256 = std::make_shared(jwtpp::alg_t::ES256, key)); - EXPECT_NO_THROW(e384 = std::make_shared(jwtpp::alg_t::ES256, key)); - EXPECT_NO_THROW(e512 = std::make_shared(jwtpp::alg_t::ES256, key)); - EXPECT_NO_THROW(e256_pub = std::make_shared(jwtpp::alg_t::ES256, pubkey)); - EXPECT_NO_THROW(e384_pub = std::make_shared(jwtpp::alg_t::ES256, pubkey)); - EXPECT_NO_THROW(e512_pub = std::make_shared(jwtpp::alg_t::ES256, pubkey)); + EXPECT_NO_THROW(e256 = std::make_shared(key, jwtpp::alg_t::ES256)); + EXPECT_NO_THROW(e384 = std::make_shared(key, jwtpp::alg_t::ES256)); + EXPECT_NO_THROW(e512 = std::make_shared(key, jwtpp::alg_t::ES256)); + EXPECT_NO_THROW(e256_pub = std::make_shared(pubkey, jwtpp::alg_t::ES256)); + EXPECT_NO_THROW(e384_pub = std::make_shared(pubkey, jwtpp::alg_t::ES256)); + EXPECT_NO_THROW(e512_pub = std::make_shared(pubkey, jwtpp::alg_t::ES256)); std::string bearer = jwtpp::jws::sign_bearer(cl, e256); diff --git a/tests/eddsa.cpp b/tests/eddsa.cpp new file mode 100644 index 0000000..579e353 --- /dev/null +++ b/tests/eddsa.cpp @@ -0,0 +1,85 @@ +// The MIT License (MIT) +// +// Copyright (c) 2016-2020 Artur Troian +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. + +#include +#include + +#include + +TEST(JosePP, sign_verify_eddsa) { + jwtpp::claims cl; + + jwtpp::sp_evp_key key; + jwtpp::sp_evp_key pubkey; + + jwtpp::sp_evp_key key_alien; + + // generating 2 keys. + // key used to sign/verify + // key_alien to is expected to fail when validating bearer signed by key + EXPECT_NO_THROW(key = jwtpp::eddsa::gen()); + EXPECT_NO_THROW(pubkey = jwtpp::eddsa::get_pub(key)); + EXPECT_NO_THROW(key_alien = jwtpp::eddsa::gen()); + + jwtpp::sp_crypto ed; + jwtpp::sp_crypto ed_pub; + jwtpp::sp_crypto ed_alien; + + EXPECT_NO_THROW(ed = std::make_shared(key)); + EXPECT_NO_THROW(ed_pub = std::make_shared(pubkey)); + + EXPECT_NO_THROW(ed_alien = std::make_shared(key_alien)); + + std::string bearer; + + EXPECT_NO_THROW(bearer = jwtpp::jws::sign_bearer(cl, ed)); + + EXPECT_TRUE(!bearer.empty()); + + jwtpp::sp_jws jws; + + EXPECT_NO_THROW(jws = jwtpp::jws::parse(bearer)); + + EXPECT_FALSE(jws->verify(ed_alien)); + + EXPECT_TRUE(jws->verify(ed)); + EXPECT_TRUE(jws->verify(ed_pub)); + + auto vf = [](jwtpp::sp_claims cl) { + return !cl->check().iss("troian"); + }; + +#if defined(_MSC_VER) && (_MSC_VER < 1700) + EXPECT_TRUE(jws->verify(ed, vf)); +#else + EXPECT_TRUE(jws->verify(ed, std::bind(vf, std::placeholders::_1))); +#endif // defined(_MSC_VER) && (_MSC_VER < 1700) + + bearer = "ghdfgddf"; + EXPECT_THROW(jws = jwtpp::jws::parse(bearer), std::exception); + + bearer = "Bearer "; + EXPECT_THROW(jws = jwtpp::jws::parse(bearer), std::exception); + + bearer = "Bearer bla.bla.bla"; + EXPECT_THROW(jws = jwtpp::jws::parse(bearer), std::exception); +} diff --git a/tests/hmac.cpp b/tests/hmac.cpp index beb4743..7c4cb49 100644 --- a/tests/hmac.cpp +++ b/tests/hmac.cpp @@ -26,18 +26,18 @@ TEST(JosePP, create_close_hmac_crypto) { - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::HS256, "secret")); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::HS384, "secret")); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::HS512, "secret")); - - EXPECT_THROW(std::make_shared(jwtpp::alg_t::HS256, ""), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::HS384, ""), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::HS512, ""), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::NONE, "secret"), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::UNKNOWN, "secret"), std::exception); - - EXPECT_THROW(std::make_shared(jwtpp::alg_t::ES512, ""), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::RS256, ""), std::exception); + EXPECT_NO_THROW(std::make_shared("secret", jwtpp::alg_t::HS256)); + EXPECT_NO_THROW(std::make_shared("secret", jwtpp::alg_t::HS384)); + EXPECT_NO_THROW(std::make_shared("secret", jwtpp::alg_t::HS512)); + + EXPECT_THROW(std::make_shared("", jwtpp::alg_t::HS256), std::exception); + EXPECT_THROW(std::make_shared("", jwtpp::alg_t::HS384), std::exception); + EXPECT_THROW(std::make_shared("", jwtpp::alg_t::HS512), std::exception); + EXPECT_THROW(std::make_shared("secret", jwtpp::alg_t::NONE), std::exception); + EXPECT_THROW(std::make_shared("secret", jwtpp::alg_t::UNKNOWN), std::exception); + + EXPECT_THROW(std::make_shared("", jwtpp::alg_t::ES512), std::exception); + EXPECT_THROW(std::make_shared("", jwtpp::alg_t::RS256), std::exception); } TEST(JosePP, sign_verify_hmac256) @@ -46,9 +46,9 @@ TEST(JosePP, sign_verify_hmac256) cl.set().iss("troian"); - jwtpp::sp_crypto h256 = std::make_shared(jwtpp::alg_t::HS256, "secret"); - jwtpp::sp_crypto h384 = std::make_shared(jwtpp::alg_t::HS384, "secret"); - jwtpp::sp_crypto h512 = std::make_shared(jwtpp::alg_t::HS512, "secret"); + jwtpp::sp_crypto h256 = std::make_shared("secret", jwtpp::alg_t::HS256); + jwtpp::sp_crypto h384 = std::make_shared("secret", jwtpp::alg_t::HS384); + jwtpp::sp_crypto h512 = std::make_shared("secret", jwtpp::alg_t::HS512); std::string bearer = jwtpp::jws::sign_bearer(cl, h256); @@ -87,9 +87,9 @@ TEST(JosePP, sign_verify_hmac384) cl.set().iss("troian"); - jwtpp::sp_crypto h256 = std::make_shared(jwtpp::alg_t::HS256, "secret"); - jwtpp::sp_crypto h384 = std::make_shared(jwtpp::alg_t::HS384, "secret"); - jwtpp::sp_crypto h512 = std::make_shared(jwtpp::alg_t::HS512, "secret"); + jwtpp::sp_crypto h256 = std::make_shared("secret", jwtpp::alg_t::HS256); + jwtpp::sp_crypto h384 = std::make_shared("secret", jwtpp::alg_t::HS384); + jwtpp::sp_crypto h512 = std::make_shared("secret", jwtpp::alg_t::HS512); std::string bearer = jwtpp::jws::sign_bearer(cl, h384); @@ -128,9 +128,9 @@ TEST(JosePP, sign_verify_hmac512) cl.set().iss("troian"); - jwtpp::sp_crypto h256 = std::make_shared(jwtpp::alg_t::HS256, "secret"); - jwtpp::sp_crypto h384 = std::make_shared(jwtpp::alg_t::HS384, "secret"); - jwtpp::sp_crypto h512 = std::make_shared(jwtpp::alg_t::HS512, "secret"); + jwtpp::sp_crypto h256 = std::make_shared("secret", jwtpp::alg_t::HS256); + jwtpp::sp_crypto h384 = std::make_shared("secret", jwtpp::alg_t::HS384); + jwtpp::sp_crypto h512 = std::make_shared("secret", jwtpp::alg_t::HS512); std::string bearer = jwtpp::jws::sign_bearer(cl, h512); diff --git a/tests/pss.cpp b/tests/pss.cpp index e6a53be..89ce30c 100644 --- a/tests/pss.cpp +++ b/tests/pss.cpp @@ -29,12 +29,12 @@ TEST(JosePP, create_close_pss_crypto) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::PS256, key)); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::PS384, key)); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::PS512, key), std::exception); + EXPECT_NO_THROW(std::make_shared(key, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(std::make_shared(key, jwtpp::alg_t::PS384)); + EXPECT_THROW(std::make_shared(key, jwtpp::alg_t::PS512), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::HS256, key), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::ES384, key), std::exception); + EXPECT_THROW(std::make_shared(key, jwtpp::alg_t::HS256), std::exception); + EXPECT_THROW(std::make_shared(key, jwtpp::alg_t::ES384), std::exception); } TEST(JosePP, sign_verify_pss256) { @@ -51,12 +51,12 @@ TEST(JosePP, sign_verify_pss256) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); EXPECT_NO_THROW(pubkey = jwtpp::sp_rsa_key(RSAPublicKey_dup(key.get()), ::RSA_free)); - EXPECT_NO_THROW(r256 = std::make_shared(jwtpp::alg_t::PS256, key)); - EXPECT_NO_THROW(r256_pub = std::make_shared(jwtpp::alg_t::PS256, pubkey)); - EXPECT_NO_THROW(r384 = std::make_shared(jwtpp::alg_t::PS384, key)); - EXPECT_NO_THROW(r384_pub = std::make_shared(jwtpp::alg_t::PS384, pubkey)); - EXPECT_THROW(r512 = std::make_shared(jwtpp::alg_t::PS512, key), std::exception); - EXPECT_THROW(r512_pub = std::make_shared(jwtpp::alg_t::PS512, pubkey), std::exception); + EXPECT_NO_THROW(r256 = std::make_shared(key, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(r256_pub = std::make_shared(pubkey, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(r384 = std::make_shared(key, jwtpp::alg_t::PS384)); + EXPECT_NO_THROW(r384_pub = std::make_shared(pubkey, jwtpp::alg_t::PS384)); + EXPECT_THROW(r512 = std::make_shared(key, jwtpp::alg_t::PS512), std::exception); + EXPECT_THROW(r512_pub = std::make_shared(pubkey, jwtpp::alg_t::PS512), std::exception); std::string bearer = jwtpp::jws::sign_bearer(cl, r256); @@ -99,12 +99,12 @@ TEST(JosePP, sign_verify_pss384) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); EXPECT_NO_THROW(pubkey = jwtpp::sp_rsa_key(RSAPublicKey_dup(key.get()), ::RSA_free)); - EXPECT_NO_THROW(r256 = std::make_shared(jwtpp::alg_t::PS256, key)); - EXPECT_NO_THROW(r256_pub = std::make_shared(jwtpp::alg_t::PS256, pubkey)); - EXPECT_NO_THROW(r384 = std::make_shared(jwtpp::alg_t::PS384, key)); - EXPECT_NO_THROW(r384_pub = std::make_shared(jwtpp::alg_t::PS384, pubkey)); - EXPECT_THROW(r512 = std::make_shared(jwtpp::alg_t::PS512, key), std::exception); - EXPECT_THROW(r512_pub = std::make_shared(jwtpp::alg_t::PS512, pubkey), std::exception); + EXPECT_NO_THROW(r256 = std::make_shared(key, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(r256_pub = std::make_shared(pubkey, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(r384 = std::make_shared(key, jwtpp::alg_t::PS384)); + EXPECT_NO_THROW(r384_pub = std::make_shared(pubkey, jwtpp::alg_t::PS384)); + EXPECT_THROW(r512 = std::make_shared(key, jwtpp::alg_t::PS512), std::exception); + EXPECT_THROW(r512_pub = std::make_shared(pubkey, jwtpp::alg_t::PS512), std::exception); std::string bearer = jwtpp::jws::sign_bearer(cl, r384); @@ -146,12 +146,12 @@ TEST(JosePP, sign_verify_pss512) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(2048)); EXPECT_NO_THROW(pubkey = jwtpp::sp_rsa_key(RSAPublicKey_dup(key.get()), ::RSA_free)); - EXPECT_NO_THROW(r256 = std::make_shared(jwtpp::alg_t::PS256, key)); - EXPECT_NO_THROW(r256_pub = std::make_shared(jwtpp::alg_t::PS256, pubkey)); - EXPECT_NO_THROW(r384 = std::make_shared(jwtpp::alg_t::PS384, key)); - EXPECT_NO_THROW(r384_pub = std::make_shared(jwtpp::alg_t::PS384, pubkey)); - EXPECT_NO_THROW(r512 = std::make_shared(jwtpp::alg_t::PS512, key)); - EXPECT_NO_THROW(r512_pub = std::make_shared(jwtpp::alg_t::PS512, pubkey)); + EXPECT_NO_THROW(r256 = std::make_shared(key, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(r256_pub = std::make_shared(pubkey, jwtpp::alg_t::PS256)); + EXPECT_NO_THROW(r384 = std::make_shared(key, jwtpp::alg_t::PS384)); + EXPECT_NO_THROW(r384_pub = std::make_shared(pubkey, jwtpp::alg_t::PS384)); + EXPECT_NO_THROW(r512 = std::make_shared(key, jwtpp::alg_t::PS512)); + EXPECT_NO_THROW(r512_pub = std::make_shared(pubkey, jwtpp::alg_t::PS512)); std::string bearer = jwtpp::jws::sign_bearer(cl, r512); diff --git a/tests/rsa.cpp b/tests/rsa.cpp index 547d904..ca80039 100644 --- a/tests/rsa.cpp +++ b/tests/rsa.cpp @@ -37,12 +37,12 @@ TEST(JosePP, create_close_rsa_crypto) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::RS256, key)); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::RS384, key)); - EXPECT_NO_THROW(std::make_shared(jwtpp::alg_t::RS512, key)); + EXPECT_NO_THROW(std::make_shared(key, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(std::make_shared(key, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(std::make_shared(key, jwtpp::alg_t::RS512)); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::HS256, key), std::exception); - EXPECT_THROW(std::make_shared(jwtpp::alg_t::ES384, key), std::exception); + EXPECT_THROW(std::make_shared(key, jwtpp::alg_t::HS256), std::exception); + EXPECT_THROW(std::make_shared(key, jwtpp::alg_t::ES384), std::exception); } TEST(JosePP, sign_verify_rsa256) { @@ -59,12 +59,12 @@ TEST(JosePP, sign_verify_rsa256) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); EXPECT_NO_THROW(pubkey = jwtpp::sp_rsa_key(RSAPublicKey_dup(key.get()), ::RSA_free)); - EXPECT_NO_THROW(r256 = std::make_shared(jwtpp::alg_t::RS256, key)); - EXPECT_NO_THROW(r256_pub = std::make_shared(jwtpp::alg_t::RS256, pubkey)); - EXPECT_NO_THROW(r384 = std::make_shared(jwtpp::alg_t::RS384, key)); - EXPECT_NO_THROW(r384_pub = std::make_shared(jwtpp::alg_t::RS384, pubkey)); - EXPECT_NO_THROW(r512 = std::make_shared(jwtpp::alg_t::RS512, key)); - EXPECT_NO_THROW(r512_pub = std::make_shared(jwtpp::alg_t::RS512, pubkey)); + EXPECT_NO_THROW(r256 = std::make_shared(key, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(r256_pub = std::make_shared(pubkey, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(r384 = std::make_shared(key, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(r384_pub = std::make_shared(pubkey, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(r512 = std::make_shared(key, jwtpp::alg_t::RS512)); + EXPECT_NO_THROW(r512_pub = std::make_shared(pubkey, jwtpp::alg_t::RS512)); std::string bearer = jwtpp::jws::sign_bearer(cl, r256); @@ -106,12 +106,12 @@ TEST(JosePP, sign_verify_rsa384) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); EXPECT_NO_THROW(pubkey = jwtpp::sp_rsa_key(RSAPublicKey_dup(key.get()), ::RSA_free)); - EXPECT_NO_THROW(r256 = std::make_shared(jwtpp::alg_t::RS256, key)); - EXPECT_NO_THROW(r256_pub = std::make_shared(jwtpp::alg_t::RS256, pubkey)); - EXPECT_NO_THROW(r384 = std::make_shared(jwtpp::alg_t::RS384, key)); - EXPECT_NO_THROW(r384_pub = std::make_shared(jwtpp::alg_t::RS384, pubkey)); - EXPECT_NO_THROW(r512 = std::make_shared(jwtpp::alg_t::RS512, key)); - EXPECT_NO_THROW(r512_pub = std::make_shared(jwtpp::alg_t::RS512, pubkey)); + EXPECT_NO_THROW(r256 = std::make_shared(key, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(r256_pub = std::make_shared(pubkey, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(r384 = std::make_shared(key, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(r384_pub = std::make_shared(pubkey, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(r512 = std::make_shared(key, jwtpp::alg_t::RS512)); + EXPECT_NO_THROW(r512_pub = std::make_shared(pubkey, jwtpp::alg_t::RS512)); std::string bearer = jwtpp::jws::sign_bearer(cl, r384); @@ -153,12 +153,12 @@ TEST(JosePP, sign_verify_rsa512) { EXPECT_NO_THROW(key = jwtpp::rsa::gen(1024)); EXPECT_NO_THROW(pubkey = jwtpp::sp_rsa_key(RSAPublicKey_dup(key.get()), ::RSA_free)); - EXPECT_NO_THROW(r256 = std::make_shared(jwtpp::alg_t::RS256, key)); - EXPECT_NO_THROW(r256_pub = std::make_shared(jwtpp::alg_t::RS256, pubkey)); - EXPECT_NO_THROW(r384 = std::make_shared(jwtpp::alg_t::RS384, key)); - EXPECT_NO_THROW(r384_pub = std::make_shared(jwtpp::alg_t::RS384, pubkey)); - EXPECT_NO_THROW(r512 = std::make_shared(jwtpp::alg_t::RS512, key)); - EXPECT_NO_THROW(r512_pub = std::make_shared(jwtpp::alg_t::RS512, pubkey)); + EXPECT_NO_THROW(r256 = std::make_shared(key, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(r256_pub = std::make_shared(pubkey, jwtpp::alg_t::RS256)); + EXPECT_NO_THROW(r384 = std::make_shared(key, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(r384_pub = std::make_shared(pubkey, jwtpp::alg_t::RS384)); + EXPECT_NO_THROW(r512 = std::make_shared(key, jwtpp::alg_t::RS512)); + EXPECT_NO_THROW(r512_pub = std::make_shared(pubkey, jwtpp::alg_t::RS512)); std::string bearer = jwtpp::jws::sign_bearer(cl, r512);