Add rsa256 signing

.travis.yml

@@ -4,13 +4,7 @@ sudo: false
 os:
 - linux
 
-matrix:
-  include:
-    - smalltalk: Pharo64-7.0
-      smalltalk_config: .smalltalk.ston
-    - smalltalk: Pharo32-7.0
-      smalltalk_config: .smalltalk.ston
-    - smalltalk: Pharo32-6.1
-      smalltalk_config: .smalltalk-legacy.ston
-    - smalltalk: Pharo32-5.0
-      smalltalk_config: .smalltalk-legacy.ston
+smalltalk:
+  - Pharo64-8.0
+  - Pharo64-7.0
+  - Pharo32-6.1

source/BaselineOfJSONWebToken.package/BaselineOfJSONWebToken.class/instance/baseline..st

@@ -1,12 +1,25 @@
 baselines
 baseline: spec
 	<baseline>
-
-	spec for: #'common' do: [
-		spec baseline: 'NeoJSON' 
-			with: [ spec repository: 'github://svenvc/NeoJSON:master/repository' ].
-		spec 
-			package: #'JSONWebToken-Core' with: [
-				spec requires: #( 'NeoJSON' ) ];
-			package: 'JSONWebToken-Tests' with: [
-				spec requires: #(#'JSONWebToken-Core' ) ] ]
+	spec
+		for: #common
+		do: [ spec
+				baseline: 'NeoJSON'
+				with: [ spec repository: 'github://svenvc/NeoJSON:master/repository' ].
+			spec
+				baseline: 'OpenSSL'
+				with: [ spec repository: 'github://PierceNg/OpenSSL-Pharo/src-st' ].
+			spec
+				package: #'JSONWebToken-Core'
+					with: [ spec requires: #('NeoJSON') ];
+				package: 'JSONWebToken-Core-Tests'
+					with: [ spec requires: #(#'JSONWebToken-Core') ];
+				package: 'JSONWebToken-OpenSSL'
+					with: [ spec requires: #(#'JSONWebToken-Core' 'OpenSSL') ];
+				package: 'JSONWebToken-OpenSSL-Tests'
+					with: [ spec requires: #(#'JSONWebToken-OpenSSL') ].
+			spec
+			group: 'Core' with: #('JSONWebToken-Core');
+			group: 'SSL' with: #('JSONWebToken-OpenSSL');
+			group: 'Tests' with: #('JSONWebToken-Core-Tests' 'JSONWebToken-OpenSSL-Tests');
+			group: 'default' with: #('Core' 'SSL' 'Tests') ]

source/JSONWebToken-Core-Tests.package/.filetree

@@ -0,0 +1,5 @@
+{
+	"separateMethodMetaAndSource" : false,
+	"noMethodMetaData" : true,
+	"useCypressPropertiesFile" : true
+}

source/JSONWebToken-Core-Tests.package/Base64UrlEncoderTest.class/README.md

@@ -0,0 +1 @@
+A Base64UrlEncoderTest is a test class for testing the behavior of Base64UrlEncoder

source/JSONWebToken-Core-Tests.package/Base64UrlEncoderTest.class/instance/setUp.st

@@ -0,0 +1,5 @@
+running
+setUp
+
+	super setUp.
+	encoder := Base64UrlEncoder new

source/JSONWebToken-Core-Tests.package/Base64UrlEncoderTest.class/instance/testComparisonAgainstBase64.st

@@ -0,0 +1,6 @@
+tests
+testComparisonAgainstBase64
+
+	self
+		assert: #[87 6 86 119 38 150 198 198 254 255] base64Encoded equals: 'VwZWdyaWxsb+/w==';
+		assert: ( encoder encode: #[87 6 86 119 38 150 198 198 254 255] ) equals: 'VwZWdyaWxsb-_w=='

source/JSONWebToken-Core-Tests.package/Base64UrlEncoderTest.class/instance/testDecode.st

@@ -0,0 +1,4 @@
+tests
+testDecode
+
+	self assert: ( encoder decode: 'VwZWdyaWxsb-_w==' ) equals: #[87 6 86 119 38 150 198 198 254 255]

source/JSONWebToken-Core-Tests.package/Base64UrlEncoderTest.class/instance/testEncode.st

@@ -0,0 +1,4 @@
+tests
+testEncode
+
+	self assert: ( encoder encode: #[87 6 86 119 38 150 198 198 254 255] ) equals: 'VwZWdyaWxsb-_w=='

source/JSONWebToken-Core-Tests.package/Base64UrlEncoderTest.class/properties.json

@@ -0,0 +1,13 @@
+{
+	"commentStamp" : "<historical>",
+	"super" : "TestCase",
+	"category" : "JSONWebToken-Core-Tests",
+	"classinstvars" : [ ],
+	"pools" : [ ],
+	"classvars" : [ ],
+	"instvars" : [
+		"encoder"
+	],
+	"name" : "Base64UrlEncoderTest",
+	"type" : "normal"
+}

source/JSONWebToken-Core-Tests.package/JSONWebTokenTest.class/README.md

@@ -0,0 +1 @@
+Unit tests for JSON web tokens

source/JSONWebToken-Core-Tests.package/JSONWebTokenTest.class/instance/testEncoding.st

@@ -0,0 +1,23 @@
+tests
+testEncoding
+
+	"This test verifies the token serialization against https://jwt.io/"
+
+	| jws tokenString |
+
+	jws := JsonWebSignature new
+		algorithmName: 'HS256';
+		payload:
+			( JWTClaimsSet new
+				at: 'scope'
+					put:
+					'read:operations read:metrics execute:health-check read:application-info execute:application-control read:application-configuration';
+				yourself ).
+	jws key: '69YLYMC02jLExrrkcR@NhrZaj%Xw^VFfK*r34uRWvl3e91N3es'.
+
+	tokenString := jws compactSerialized.
+
+	self
+		assert: tokenString
+		equals:
+			'eyJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6InJlYWQ6b3BlcmF0aW9ucyByZWFkOm1ldHJpY3MgZXhlY3V0ZTpoZWFsdGgtY2hlY2sgcmVhZDphcHBsaWNhdGlvbi1pbmZvIGV4ZWN1dGU6YXBwbGljYXRpb24tY29udHJvbCByZWFkOmFwcGxpY2F0aW9uLWNvbmZpZ3VyYXRpb24ifQ.-3meQq_ATpkE4FwFefP0AEBrFh9_llQxVXjnf-HLrIU'

source/JSONWebToken-Core-Tests.package/JSONWebTokenTest.class/instance/testPadding.st

@@ -0,0 +1,8 @@
+tests
+testPadding
+
+	self 
+		assert: '4'   base64Padded equals: '4===';
+		assert: '42'  base64Padded equals: '42==';
+		assert: '424' base64Padded equals: '424=';
+		assert: '4242' base64Padded equals: '4242'

source/JSONWebToken-Core-Tests.package/JSONWebTokenTest.class/instance/testRoundtrip.st

@@ -0,0 +1,15 @@
+tests
+testRoundtrip
+	| jws tokenString materialized |
+
+	jws := JsonWebSignature new
+				algorithmName: 'HS256';
+				payload: (JWTClaimsSet new
+				at: 'bar' put: 'foo').
+	jws key: 'foobar'.
+
+	tokenString := jws compactSerialized.
+
+	materialized := JsonWebSignature materializeCompact: tokenString key: 'foobar'.
+
+	self assert: jws equals: materialized

source/JSONWebToken-Core-Tests.package/JSONWebTokenTest.class/instance/testUnsecuredJWT.st

@@ -0,0 +1,15 @@
+tests
+testUnsecuredJWT
+
+	| jws tokenString materialized |
+
+	jws := JsonWebSignature new
+		algorithmName: 'none';
+		payload: ( JWTClaimsSet new at: 'bar' put: 'foo' ).
+	jws key: 'foobar'.
+
+	tokenString := jws compactSerialized.
+
+	materialized := JsonWebSignature materializeCompact: tokenString key: 'foobar'.
+
+	self assert: jws equals: materialized

source/JSONWebToken-Core-Tests.package/JSONWebTokenTest.class/properties.json

@@ -0,0 +1,11 @@
+{
+	"commentStamp" : "TorstenBergmann 8/13/2018 15:30",
+	"super" : "TestCase",
+	"category" : "JSONWebToken-Core-Tests",
+	"classinstvars" : [ ],
+	"pools" : [ ],
+	"classvars" : [ ],
+	"instvars" : [ ],
+	"name" : "JSONWebTokenTest",
+	"type" : "normal"
+}

source/JSONWebToken-Core-Tests.package/monticello.meta/categories.st

@@ -0,0 +1 @@
+SystemOrganization addCategory: #'JSONWebToken-Core-Tests'!

source/JSONWebToken-Core-Tests.package/monticello.meta/package

@@ -0,0 +1 @@
+(name 'JSONWebToken-Core-Tests')

source/JSONWebToken-Core-Tests.package/properties.json

@@ -0,0 +1 @@
+{ }

source/JSONWebToken-Core.package/JWAHMACSHA256.class/class/checkSignature.withKey..st

@@ -0,0 +1,10 @@
+sign
+checkSignature: parts withKey: key
+	(self
+		signMessage:
+			($.
+				join:
+					{parts first.
+					parts second}) withKey: key)
+		= (Base64UrlEncoder new decode: parts third base64Padded)
+		ifFalse: [ Error signal: 'signature does not match' ]

source/JSONWebToken-Core.package/JWANone.class/class/checkSignature.withKey..st

@@ -0,0 +1,3 @@
+sign
+checkSignature: parts withKey: key
+

source/JSONWebToken-Core.package/JsonWebSignature.class/instance/checkSignature..st

@@ -1,5 +1,5 @@
 signature
 checkSignature: parts
 
-	( self signatureFor:( $. join: {parts first. parts second} ) ) = ( self base64Decoded: parts third  )
-		ifFalse: [ Error signal: 'signature does not match' ]
+
+	self protectedHeader algorithm checkSignature: parts withKey: key

source/JSONWebToken-OpenSSL-Tests.package/.filetree

@@ -0,0 +1,5 @@
+{
+	"separateMethodMetaAndSource" : false,
+	"noMethodMetaData" : true,
+	"useCypressPropertiesFile" : true
+}

source/JSONWebToken-OpenSSL-Tests.package/JSONWebTokenOpenSSLTest.class/instance/testRSAEncoding.st

@@ -0,0 +1,49 @@
+tests
+testRSAEncoding
+
+	"This test verifies the token serialization against https://jwt.io/"
+
+	| jws tokenString |
+
+	jws := JsonWebSignature new
+		algorithmName: 'RS256';
+		payload:
+			( JWTClaimsSet new
+				at: 'scope'
+					put:
+					'read:operations read:metrics execute:health-check read:application-info execute:application-control read:application-configuration';
+				yourself ).
+	jws key: '-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAnzyis1ZjfNB0bBgKFMSvvkTtwlvBsaJq7S5wA+kzeVOVpVWw
+kWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHcaT92whREFpLv9cj5lTeJSibyr/Mr
+m/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIytvHWTxZYEcXLgAXFuUuaS3uF9gEi
+NQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0e+lf4s4OxQawWD79J9/5d3Ry0vbV
+3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWbV6L11BWkpzGXSW4Hv43qa+GSYOD2
+QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9MwIDAQABAoIBACiARq2wkltjtcjs
+kFvZ7w1JAORHbEufEO1Eu27zOIlqbgyAcAl7q+/1bip4Z/x1IVES84/yTaM8p0go
+amMhvgry/mS8vNi1BN2SAZEnb/7xSxbflb70bX9RHLJqKnp5GZe2jexw+wyXlwaM
++bclUCrh9e1ltH7IvUrRrQnFJfh+is1fRon9Co9Li0GwoN0x0byrrngU8Ak3Y6D9
+D8GjQA4Elm94ST3izJv8iCOLSDBmzsPsXfcCUZfmTfZ5DbUDMbMxRnSo3nQeoKGC
+0Lj9FkWcfmLcpGlSXTO+Ww1L7EGq+PT3NtRae1FZPwjddQ1/4V905kyQFLamAA5Y
+lSpE2wkCgYEAy1OPLQcZt4NQnQzPz2SBJqQN2P5u3vXl+zNVKP8w4eBv0vWuJJF+
+hkGNnSxXQrTkvDOIUddSKOzHHgSg4nY6K02ecyT0PPm/UZvtRpWrnBjcEVtHEJNp
+bU9pLD5iZ0J9sbzPU/LxPmuAP2Bs8JmTn6aFRspFrP7W0s1Nmk2jsm0CgYEAyH0X
++jpoqxj4efZfkUrg5GbSEhf+dZglf0tTOA5bVg8IYwtmNk/pniLG/zI7c+GlTc9B
+BwfMr59EzBq/eFMI7+LgXaVUsM/sS4Ry+yeK6SJx/otIMWtDfqxsLD8CPMCRvecC
+2Pip4uSgrl0MOebl9XKp57GoaUWRWRHqwV4Y6h8CgYAZhI4mh4qZtnhKjY4TKDjx
+QYufXSdLAi9v3FxmvchDwOgn4L+PRVdMwDNms2bsL0m5uPn104EzM6w1vzz1zwKz
+5pTpPI0OjgWN13Tq8+PKvm/4Ga2MjgOgPWQkslulO/oMcXbPwWC3hcRdr9tcQtn9
+Imf9n2spL/6EDFId+Hp/7QKBgAqlWdiXsWckdE1Fn91/NGHsc8syKvjjk1onDcw0
+NvVi5vcba9oGdElJX3e9mxqUKMrw7msJJv1MX8LWyMQC5L6YNYHDfbPF1q5L4i8j
+8mRex97UVokJQRRA452V2vCO6S5ETgpnad36de3MUxHgCOX3qL382Qx9/THVmbma
+3YfRAoGAUxL/Eu5yvMK8SAt/dJK6FedngcM3JEFNplmtLYVLWhkIlNRGDwkg3I5K
+y18Ae9n7dHVueyslrb6weq7dTkYDi3iOYRW8HRkIQh06wEdbxt0shTzAJvvCQfrB
+jg/3747WSsf/zBTcHihTRBdAv6OmdhV4/dD5YBfLAkLrd+mX7iE=
+-----END RSA PRIVATE KEY-----'.
+
+	tokenString := jws compactSerialized.
+
+	self
+		assert: tokenString
+		equals:
+			'eyJhbGciOiJSUzI1NiJ9.eyJzY29wZSI6InJlYWQ6b3BlcmF0aW9ucyByZWFkOm1ldHJpY3MgZXhlY3V0ZTpoZWFsdGgtY2hlY2sgcmVhZDphcHBsaWNhdGlvbi1pbmZvIGV4ZWN1dGU6YXBwbGljYXRpb24tY29udHJvbCByZWFkOmFwcGxpY2F0aW9uLWNvbmZpZ3VyYXRpb24ifQ.GAOd8yN4b1R85hF4BrI7SUtdrQClMrymg7BaZoSIPezc9j-qBvIzJNcZT0a_hE44v8XUhHQJaaMzCgEoIWvN_i31RhL-NT_d85m2jm1HAd1hdePveS5shgYGVa0YUloRqLUsaTK03spCe3AayHBxG0-IJdw5ZZ85grce1JFc-T3uxGE_meuSBSYoW8QWEQ7hyBkHrJX0Twu1W0VMRGQw1UDnur2xxVZnz66iAYEQVZUQmsbMqgwOPETNvlvfmTQJq4V_hbc9bNmzJwo8TeoH5_lUYkPp5wWtT3H7dZpNEROP8QGgHiO9Y8ByKOBSrlNOID0pBvNlRbOAz_2Vmiir-g'

source/JSONWebToken-OpenSSL-Tests.package/JSONWebTokenOpenSSLTest.class/properties.json

@@ -0,0 +1,11 @@
+{
+	"commentStamp" : "",
+	"super" : "TestCase",
+	"category" : "JSONWebToken-OpenSSL-Tests",
+	"classinstvars" : [ ],
+	"pools" : [ ],
+	"classvars" : [ ],
+	"instvars" : [ ],
+	"name" : "JSONWebTokenOpenSSLTest",
+	"type" : "normal"
+}

source/JSONWebToken-OpenSSL-Tests.package/monticello.meta/categories.st

@@ -0,0 +1 @@
+SystemOrganization addCategory: #'JSONWebToken-OpenSSL-Tests'!

source/JSONWebToken-OpenSSL-Tests.package/monticello.meta/package

@@ -0,0 +1 @@
+(name 'JSONWebToken-OpenSSL-Tests')

source/JSONWebToken-OpenSSL-Tests.package/properties.json

@@ -0,0 +1 @@
+{ }

source/JSONWebToken-OpenSSL.package/.filetree

@@ -0,0 +1,5 @@
+{
+	"separateMethodMetaAndSource" : false,
+	"noMethodMetaData" : true,
+	"useCypressPropertiesFile" : true
+}

source/JSONWebToken-OpenSSL.package/JWARSASHA256.class/class/checkSignature.withKey..st

@@ -0,0 +1,15 @@
+sign
+checkSignature: parts withKey: key
+	| jwtHeaderAndPayload signatureByteArray rsa pubKey |
+	jwtHeaderAndPayload := $.
+		join:
+			{parts first.
+			parts second}.
+	signatureByteArray := parts third base64Padded base64Decoded
+		asByteArray.
+	rsa := LcRSA fromPemString: key.
+	pubKey := LcEvpPublicKey setRSA: rsa.
+
+			(pubKey
+				digestVerifyMessage: jwtHeaderAndPayload
+				with: signatureByteArray) ifFalse: [ Error signal: 'signature does not match' ]

source/JSONWebToken-OpenSSL.package/JWARSASHA256.class/class/signMessage.withKey..st

@@ -0,0 +1,6 @@
+sign
+signMessage: aString withKey: anObject
+	| pkey sig |
+	pkey := LcEvpPublicKey setRSA: (LcRSA fromPemString: anObject).
+	sig := pkey digestSignMessage: aString.
+	^ sig

source/JSONWebToken-Core.package/JWARSASHA256.class/properties.json → source/JSONWebToken-OpenSSL.package/JWARSASHA256.class/properties.json

@@ -1,7 +1,7 @@
 {
 	"commentStamp" : "TorstenBergmann 8/13/2018 15:25",
 	"super" : "JsonWebAlgorithm",
-	"category" : "JSONWebToken-Core-Algorithms",
+	"category" : "JSONWebToken-OpenSSL",
 	"classinstvars" : [ ],
 	"pools" : [ ],
 	"classvars" : [ ],

source/JSONWebToken-OpenSSL.package/monticello.meta/categories.st

@@ -0,0 +1 @@
+SystemOrganization addCategory: #'JSONWebToken-OpenSSL'!

source/JSONWebToken-OpenSSL.package/monticello.meta/package

@@ -0,0 +1 @@
+(name 'JSONWebToken-OpenSSL')

source/JSONWebToken-OpenSSL.package/properties.json

@@ -0,0 +1 @@
+{ }