From 35109160ca5d439116bedeb3302ec3745e2895d5 Mon Sep 17 00:00:00 2001 From: Ciro Spaciari Date: Sat, 7 Oct 2023 19:22:45 -0300 Subject: feat(KeyObject) (#5940) * oops * createSecretKey but weird error * use the right prototype, do not add a function called export lol * HMAC JWT export + base64 fix * Fix Equals, Fix Get KeySize, add complete export RSA * fix RSA export * add EC exports * X25519 and ED25519 export + fixes * fix default exports * better asymmetricKeyType * fix private exports * fix symmetricKeySize * createPublicKey validations + refactor * jwt + der fixes * oopsies * add PEM into createPublicKey * cleanup * WIP * bunch of fixes * public from private + private OKP * encrypted keys fixes * oops * fix clear tls error, add some support to jwk and other formats on publicEncrypt/publicDecrypt * more fixes and tests working * more fixes more tests * more clear hmac errors * more tests and fixes * add generateKeyPair * more tests passing, some skips * fix EC key from private * fix OKP JWK * nodejs ignores ext and key_ops on KeyObject.exports * add EC sign verify test * some fixes * add crypto.generateKeyPairSync(type, options) * more fixes and more tests * fix hmac tests * jsonwebtoken tests * oops * oops2 * generated files * revert package.json * vm tests * todos instead of failues * toBunString -> toString * undo simdutf * improvements * unlikely * cleanup * cleanup 2 * oops * move _generateKeyPairSync checks to native --- .../jsonwebtoken/rsa-public-key.test.js | 44 ++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 test/js/third_party/jsonwebtoken/rsa-public-key.test.js (limited to 'test/js/third_party/jsonwebtoken/rsa-public-key.test.js') diff --git a/test/js/third_party/jsonwebtoken/rsa-public-key.test.js b/test/js/third_party/jsonwebtoken/rsa-public-key.test.js new file mode 100644 index 000000000..c343cb0a9 --- /dev/null +++ b/test/js/third_party/jsonwebtoken/rsa-public-key.test.js @@ -0,0 +1,44 @@ +const PS_SUPPORTED = true; +import jwt from "jsonwebtoken"; +import { expect, describe, it } from "bun:test"; +import { generateKeyPairSync } from "crypto"; + +describe("public key start with BEGIN RSA PUBLIC KEY", function () { + it("should work for RS family of algorithms", function (done) { + var fs = require("fs"); + var cert_pub = fs.readFileSync(__dirname + "/rsa-public-key.pem"); + var cert_priv = fs.readFileSync(__dirname + "/rsa-private.pem"); + + var token = jwt.sign({ foo: "bar" }, cert_priv, { algorithm: "RS256" }); + + jwt.verify(token, cert_pub, done); + }); + + it("should not work for RS algorithms when modulus length is less than 2048 when allowInsecureKeySizes is false or not set", function (done) { + const { privateKey } = generateKeyPairSync("rsa", { modulusLength: 1024 }); + + expect(function () { + jwt.sign({ foo: "bar" }, privateKey, { algorithm: "RS256" }); + }).toThrow("minimum key size"); + + done(); + }); + + it("should work for RS algorithms when modulus length is less than 2048 when allowInsecureKeySizes is true", function (done) { + const { privateKey } = generateKeyPairSync("rsa", { modulusLength: 1024 }); + + jwt.sign({ foo: "bar" }, privateKey, { algorithm: "RS256", allowInsecureKeySizes: true }, done); + }); + + if (PS_SUPPORTED) { + it("should work for PS family of algorithms", function (done) { + var fs = require("fs"); + var cert_pub = fs.readFileSync(__dirname + "/rsa-public-key.pem"); + var cert_priv = fs.readFileSync(__dirname + "/rsa-private.pem"); + + var token = jwt.sign({ foo: "bar" }, cert_priv, { algorithm: "PS256" }); + + jwt.verify(token, cert_pub, done); + }); + } +}); -- cgit v1.2.3