sipp11
/
stdbWeb
forked from rachanon/stdbWeb
1
0
Fork 0
Code
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
3.8 MiB
Tree: 828de39d9d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '828de39d9d'
${ noResults }
stdbWeb/jwt/test/qunit-do-jws-sign-hs.html

195 lines
7.5 KiB
Raw Normal View History Unescape

Please enter the commit message for your changes. Lines starting
9 years ago
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta charset="utf-8">
<title>QUnit JWS sign HS* test of 'jws.js'</title>
<link rel="stylesheet" href="qunit.css" type="text/css" media="screen" />
<script type="text/javascript" src="jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="qunit.js"></script>
<script language="JavaScript" type="text/javascript" src="../jsrsasign-latest-all-min.js"></script>
<script language="JavaScript" type="text/javascript" src="../crypto-1.1.js"></script>
<script language="JavaScript" type="text/javascript" src="../jws-3.3.js"></script>
<script type="text/javascript">
$(document).ready(function(){
var sJWSHS256 = 'eyJhbGciOiJIUzI1NiIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.vcimDRCLttYBHsO7M0S_tCvUIOGz26Ti5nkRuj1QcHc';
var sJWSHS256LP = 'eyJhbGciOiJIUzI1NiIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.cFJ8ICyb1rj_iczWJ2IdNAT7h2rLFFElH7436Ev1ddA'; // long password 40bytes
var sJWSHS256B6 = 'eyJhbGciOiJIUzI1NiIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.Gc9TEuqJtoB5MrxZPwomTFfZ46rJrrs07A4T0VQHFaU'; // base64
test("JWS sign HS* password test (sJWSHS256)", function() {
var sJWS;
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "aaa");
equal(sJWS, sJWSHS256, "pass=aaa");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "616161");
equal(sJWS, sJWSHS256, "pass=616161");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {rstr: "aaa"});
equal(sJWS, sJWSHS256, "pass={rstr: aaa}");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {utf8: "aaa"});
equal(sJWS, sJWSHS256, "pass={utf8: aaa}");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {hex: "616161"});
equal(sJWS, sJWSHS256, "pass={hex: 616161}");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {b64: "YWFh"});
equal(sJWS, sJWSHS256, "pass={b64: YWFh}");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "6161616");
notEqual(sJWS, sJWSHS256, "pass=6161616 **INVALID**");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "61616");
notEqual(sJWS, sJWSHS256, "pass=61616 **INVALID**");
raises(function() {
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {hex: "zzzz"});
}, "pass{hex: zzzz} **EXCEPTION**");
raises(function() {
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {hex: "616"});
}, "pass{hex: 616} **EXCEPTION**");
// long password
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "6162636465666768696a6162636465666768696a6162636465666768696a6162636465666768696a");
equal(sJWS, sJWSHS256LP, "pass=(6162..6a x 4) long");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "abcdefghijabcdefghijabcdefghijabcdefghij");
equal(sJWS, sJWSHS256LP, "pass=(abc..j x 4) long");
// base64 Mbc1/+QrCg==, Mbc1_-QrCg, 31b735ffe42b
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {b64: "Mbc1/+QrCg=="});
equal(sJWS, sJWSHS256B6, "pass=Mbc1/+QrCg== base64");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {b64u: "Mbc1_-QrCg"});
equal(sJWS, sJWSHS256B6, "pass=Mbc1_-QrCg base64url");
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {hex: "31b735ffe42b0a"});
equal(sJWS, sJWSHS256B6, "pass=31b735ffe42b0a base64>hex");
});
test("JWS sign HS* algorithm test (sJWSHS256,384,512)", function() {
var sJWS, sig384, sig512;
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "aaa");
equal(sJWS, sJWSHS256, "HS256");
sig384 = "eyJhbGciOiJIUzM4NCIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.bX10I4Ivadicwp3XA7buwjJXByzrvFWXMNxN3rGOunBxrzNSUNkW8YfTPQordvn2";
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS384", "cty":"JWT"}', '{"age": 21}', "aaa");
equal(sJWS, sig384, "HS384");
sig512 = "eyJhbGciOiJIUzUxMiIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.b6HuF_CTLldXzQwAVhsnpEGkbrtquQfjdr8ie_UyqjPFNnGOz-rEvOvfDC_ex4zvVgsARAixM-6Ug9WcnweTgA";
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS512", "cty":"JWT"}', '{"age": 21}', "aaa");
equal(sJWS, sig512, "HS512");
raises(function() {
sJWS = KJUR.jws.JWS.sign("HS384", '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "aaa");
}, "alg HS384 != header.HS256");
});
test("JWS sign header and/or payload by object test", function() {
var sJWS, pHeader, pPayload;
equal(JSON.stringify({alg: "HS256", cty: "JWT"}), '{"alg":"HS256","cty":"JWT"}',
"if this sub test fails, there is NO PROBLEM that all of following sub test fail.");
sJWS = KJUR.jws.JWS.sign(null, {"alg":"HS256", "cty":"JWT"}, {"age": 21}, "aaa");
equal(sJWS, 'eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJhZ2UiOjIxfQ.pLem30ReEpeXgMt6e3gjZ6QYSpLBbhd_NB-Afud1m4A', 'by header, payload object {}');
pHeader = {};
pHeader.alg = "HS256";
pHeader.cty = "JWT";
pPayload = {};
pPayload.age = 21;
sJWS = KJUR.jws.JWS.sign(null, pHeader, pPayload, "aaa");
equal(sJWS, 'eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJhZ2UiOjIxfQ.pLem30ReEpeXgMt6e3gjZ6QYSpLBbhd_NB-Afud1m4A', 'by header, payload object p.age=21');
});
var hJWSHSPass = "616161";
var sJWSHS256 = 'eyJhbGciOiJIUzI1NiIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.vcimDRCLttYBHsO7M0S_tCvUIOGz26Ti5nkRuj1QcHc';
var sJWSHS512 = 'eyJhbGciOiJIUzUxMiIsICJjdHkiOiJKV1QifQ.eyJhZ2UiOiAyMX0.b6HuF_CTLldXzQwAVhsnpEGkbrtquQfjdr8ie_UyqjPFNnGOz-rEvOvfDC_ex4zvVgsARAixM-6Ug9WcnweTgA';
// *** VERIFICATION TESTS *****************************************
test("verify test for algorithm HS256", function() {
var result = KJUR.jws.JWS.verify(sJWSHS256, hJWSHSPass);
equal(result, true, "pass=616161");
var result = KJUR.jws.JWS.verify(sJWSHS256, "aaa");
equal(result, true, "pass=aaa");
var result = KJUR.jws.JWS.verify(sJWSHS256, {hex: "616161"});
equal(result, true, "pass={hex:616161}");
var result = KJUR.jws.JWS.verify(sJWSHS256, {utf8: "aaa"});
equal(result, true, "pass={utf8:aaa}");
var result = KJUR.jws.JWS.verify(sJWSHS256, {rstr: "aaa"});
equal(result, true, "pass={rstr:aaa}");
var result = KJUR.jws.JWS.verify(sJWSHS256, {b64: "YWFh"});
equal(result, true, "pass={b64:YWFh}");
var result = KJUR.jws.JWS.verify(sJWSHS256, {b64u: "YWFh"});
equal(result, true, "pass={b64u:YWFh}");
var result = KJUR.jws.JWS.verify(sJWSHS256, "aab");
equal(result, false, "pass=aab FALSE");
});
test("verify test for algorithm HS512", function() {
var result = KJUR.jws.JWS.verify(sJWSHS512, hJWSHSPass);
equal(result, true, "");
});
// *** ALGORITHM ACCEPTANCE TESTS *****************************************
test("arg acceptAlgs test (HS256 not in [HS512])", function() {
expect(1);
var msg = "";
try {
var result = KJUR.jws.JWS.verify(sJWSHS256, hJWSHSPass, ["HS512"]);
} catch(ex) {
msg = ex;
}
equal(msg, "algorithm 'HS256' not accepted in the list", "");
});
test("arg acceptAlgs test (HS256 in [HS256])", function() {
expect(1);
var msg = "";
try {
var result = KJUR.jws.JWS.verify(sJWSHS256, hJWSHSPass, ["HS256"]);
} catch(ex) {
msg = ex;
}
equal(msg, "", "");
});
});
</script>
</head>
<body>
<div id="qunit"></div>
<div id="qunit-fixture">test markup</div>
<p>
<a href="../">TOP</a> |
<a href="index.html">TEST INDEX</a> |
<a href="qunit-do-jws-sign.html">asynmetric key(RS/PS/ES) sign/verify</a> |
<a href="qunit-do-jws-sign-hs.html">Hmac(HS) sign/verify</a> |
<a href="qunit-do-jws-sign-slow.html">sign/verify slow</a> |
<a href="qunit-do-jws-intdate.html">IntDate</a> |
</p>
</body>
</html>