golang-github-coreos-go-oidc-dev 0.0~git20151022.0.e9c0807-1 / usr / share / gocode / src / github.com / coreos / go-oidc / jose / sig_hmac_test.go

This file is indexed.

/usr/share/gocode/src/github.com/coreos/go-oidc/jose/sig_hmac_test.go is in golang-github-coreos-go-oidc-dev 0.0~git20151022.0.e9c0807-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package jose

import (
	"bytes"
	"encoding/base64"
	"testing"
)

var hmacTestCases = []struct {
	data  string
	sig   string
	jwk   JWK
	valid bool
	desc  string
}{
	{
		"test",
		"Aymga2LNFrM-tnkr6MYLFY2Jou46h2_Omogeu0iMCRQ=",
		JWK{
			ID:     "fake-key",
			Alg:    "HS256",
			Secret: []byte("secret"),
		},
		true,
		"valid case",
	},
	{
		"test",
		"Aymga2LNFrM-tnkr6MYLFY2Jou46h2_Omogeu0iMCRQ=",
		JWK{
			ID:     "different-key",
			Alg:    "HS256",
			Secret: []byte("secret"),
		},
		true,
		"invalid: different key, should not match",
	},
	{
		"test sig and non-matching data",
		"Aymga2LNFrM-tnkr6MYLFY2Jou46h2_Omogeu0iMCRQ=",
		JWK{
			ID:     "fake-key",
			Alg:    "HS256",
			Secret: []byte("secret"),
		},
		false,
		"invalid: sig and data should not match",
	},
}

func TestVerify(t *testing.T) {
	for _, tt := range hmacTestCases {
		v, err := NewVerifierHMAC(tt.jwk)
		if err != nil {
			t.Errorf("should construct hmac verifier. test: %s. err=%v", tt.desc, err)
		}

		decSig, _ := base64.URLEncoding.DecodeString(tt.sig)
		err = v.Verify(decSig, []byte(tt.data))
		if err == nil && !tt.valid {
			t.Errorf("verify failure. test: %s. expected: invalid, actual: valid.", tt.desc)
		}
		if err != nil && tt.valid {
			t.Errorf("verify failure. test: %s. expected: valid, actual: invalid. err=%v", tt.desc, err)
		}
	}
}

func TestSign(t *testing.T) {
	for _, tt := range hmacTestCases {
		s := NewSignerHMAC("test", tt.jwk.Secret)
		sig, err := s.Sign([]byte(tt.data))
		if err != nil {
			t.Errorf("sign failure. test: %s. err=%v", tt.desc, err)
		}

		expSig, _ := base64.URLEncoding.DecodeString(tt.sig)
		if tt.valid && !bytes.Equal(sig, expSig) {
			t.Errorf("sign failure. test: %s. expected: %s, actual: %s.", tt.desc, tt.sig, base64.URLEncoding.EncodeToString(sig))
		}
		if !tt.valid && bytes.Equal(sig, expSig) {
			t.Errorf("sign failure. test: %s. expected: invalid signature.", tt.desc)
		}
	}
}

APT Browse - Built by Thomas Orozco.