From 7017e74db9b194448ff488b3e16468ada60c4ee5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jose=CC=81=20F=2E=20Romaniello?= Date: Tue, 17 Mar 2015 12:04:36 -0300 Subject: [PATCH] fix issue when public key start with BEING PUBLIC KEY. closes #70 --- index.js | 8 +++++--- test/issue_70.tests.js | 15 +++++++++++++++ test/rsa-private.pem | 27 +++++++++++++++++++++++++++ test/rsa-public.pem | 9 +++++++++ 4 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 test/issue_70.tests.js create mode 100644 test/rsa-private.pem create mode 100644 test/rsa-public.pem diff --git a/index.js b/index.js index 7bd3d2d..c8b57d8 100644 --- a/index.js +++ b/index.js @@ -108,9 +108,11 @@ module.exports.verify = function(jwtString, secretOrPublicKey, options, callback } if (!options.algorithms) { - options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') ? - [ 'RS256','RS384','RS512','ES256','ES384','ES512' ] : - [ 'HS256','HS384','HS512' ]; + options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') || + ~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ? + [ 'RS256','RS384','RS512','ES256','ES384','ES512' ] : + [ 'HS256','HS384','HS512' ]; + } var valid; diff --git a/test/issue_70.tests.js b/test/issue_70.tests.js new file mode 100644 index 0000000..90d8581 --- /dev/null +++ b/test/issue_70.tests.js @@ -0,0 +1,15 @@ +var jwt = require('../'); + +describe('issue 70 - public key start with BEING PUBLIC KEY', function () { + + it('should work', function (done) { + var fs = require('fs'); + var cert_pub = fs.readFileSync(__dirname + '/rsa-public.pem'); + var cert_priv = fs.readFileSync(__dirname + '/rsa-private.pem'); + + var token = jwt.sign({ foo: 'bar' }, cert_priv, { algorithm: 'RS256'}); + + jwt.verify(token, cert_pub, done); + }); + +}); \ No newline at end of file diff --git a/test/rsa-private.pem b/test/rsa-private.pem new file mode 100644 index 0000000..746366b --- /dev/null +++ b/test/rsa-private.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAvzoCEC2rpSpJQaWZbUmlsDNwp83Jr4fi6KmBWIwnj1MZ6CUQ +7rBasuLI8AcfX5/10scSfQNCsTLV2tMKQaHuvyrVfwY0dINk+nkqB74QcT2oCCH9 +XduJjDuwWA4xLqAKuF96FsIes52opEM50W7/W7DZCKXkC8fFPFj6QF5ZzApDw2Qs +u3yMRmr7/W9uWeaTwfPx24YdY7Ah+fdLy3KN40vXv9c4xiSafVvnx9BwYL7H1Q8N +iK9LGEN6+JSWfgckQCs6UUBOXSZdreNN9zbQCwyzee7bOJqXUDAuLcFARzPw1EsZ +AyjVtGCKIQ0/btqK+jFunT2NBC8RItanDZpptQIDAQABAoIBAQCsssO4Pra8hFMC +gX7tr0x+tAYy1ewmpW8stiDFilYT33YPLKJ9HjHbSms0MwqHftwwTm8JDc/GXmW6 +qUui+I64gQOtIzpuW1fvyUtHEMSisI83QRMkF6fCSQm6jJ6oQAtOdZO6R/gYOPNb +3gayeS8PbMilQcSRSwp6tNTVGyC33p43uUUKAKHnpvAwUSc61aVOtw2wkD062XzM +hJjYpHm65i4V31AzXo8HF42NrAtZ8K/AuQZne5F/6F4QFVlMKzUoHkSUnTp60XZx +X77GuyDeDmCgSc2J7xvR5o6VpjsHMo3ek0gJk5ZBnTgkHvnpbULCRxTmDfjeVPue +v3NN2TBFAoGBAPxbqNEsXPOckGTvG3tUOAAkrK1hfW3TwvrW/7YXg1/6aNV4sklc +vqn/40kCK0v9xJIv9FM/l0Nq+CMWcrb4sjLeGwHAa8ASfk6hKHbeiTFamA6FBkvQ +//7GP5khD+y62RlWi9PmwJY21lEkn2mP99THxqvZjQiAVNiqlYdwiIc7AoGBAMH8 +f2Ay7Egc2KYRYU2qwa5E/Cljn/9sdvUnWM+gOzUXpc5sBi+/SUUQT8y/rY4AUVW6 +YaK7chG9YokZQq7ZwTCsYxTfxHK2pnG/tXjOxLFQKBwppQfJcFSRLbw0lMbQoZBk +S+zb0ufZzxc2fJfXE+XeJxmKs0TS9ltQuJiSqCPPAoGBALEc84K7DBG+FGmCl1sb +ZKJVGwwknA90zCeYtadrIT0/VkxchWSPvxE5Ep+u8gxHcqrXFTdILjWW4chefOyF +5ytkTrgQAI+xawxsdyXWUZtd5dJq8lxLtx9srD4gwjh3et8ZqtFx5kCHBCu29Fr2 +PA4OmBUMfrs0tlfKgV+pT2j5AoGBAKnA0Z5XMZlxVM0OTH3wvYhI6fk2Kx8TxY2G +nxsh9m3hgcD/mvJRjEaZnZto6PFoqcRBU4taSNnpRr7+kfH8sCht0k7D+l8AIutL +ffx3xHv9zvvGHZqQ1nHKkaEuyjqo+5kli6N8QjWNzsFbdvBQ0CLJoqGhVHsXuWnz +W3Z4cBbVAoGAEtnwY1OJM7+R2u1CW0tTjqDlYU2hUNa9t1AbhyGdI2arYp+p+umA +b5VoYLNsdvZhqjVFTrYNEuhTJFYCF7jAiZLYvYm0C99BqcJnJPl7JjWynoNHNKw3 +9f6PIOE1rAmPE8Cfz/GFF5115ZKVlq+2BY8EKNxbCIy2d/vMEvisnXI= +-----END RSA PRIVATE KEY----- diff --git a/test/rsa-public.pem b/test/rsa-public.pem new file mode 100644 index 0000000..9307812 --- /dev/null +++ b/test/rsa-public.pem @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzoCEC2rpSpJQaWZbUml +sDNwp83Jr4fi6KmBWIwnj1MZ6CUQ7rBasuLI8AcfX5/10scSfQNCsTLV2tMKQaHu +vyrVfwY0dINk+nkqB74QcT2oCCH9XduJjDuwWA4xLqAKuF96FsIes52opEM50W7/ +W7DZCKXkC8fFPFj6QF5ZzApDw2Qsu3yMRmr7/W9uWeaTwfPx24YdY7Ah+fdLy3KN +40vXv9c4xiSafVvnx9BwYL7H1Q8NiK9LGEN6+JSWfgckQCs6UUBOXSZdreNN9zbQ +Cwyzee7bOJqXUDAuLcFARzPw1EsZAyjVtGCKIQ0/btqK+jFunT2NBC8RItanDZpp +tQIDAQAB +-----END PUBLIC KEY-----