Merge pull request #5 from tanmaykm/tan/misc

fix SHA512 and add tests for HS keys
tanmaykm · Jan 16, 2019 · 8c8c604 · 8c8c604
2 parents d0604b6 + f13f486
commit 8c8c604
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 5 deletions.
diff --git a/Project.toml b/Project.toml
@@ -1,5 +1,5 @@
 name = "JWTs"
-uuid = "5fa62028-148a-11e9-0d86-2717f69bbb22"
+uuid = "d850fbd6-035d-5a70-a269-1ca2e636ac6c"
 authors = ["Tanmay <tanmaykm@gmail.com>"]
 version = "0.1.0"
 

diff --git a/src/JWTs.jl b/src/JWTs.jl
@@ -114,7 +114,7 @@ function sign!(jwt::JWT, key::T, kid::String="") where {T <: JWK}
             alg = "RS256"
         elseif key.kind === MbedTLS.MD_SHA384
             alg = "RS384"
-        elseif key.kind === MbedTLS.MD_SHA512
+        elseif key.kind === MbedTLS.MD_SHA
             alg = "RS512"
         else
             error("unsupported key algorithm")
@@ -124,7 +124,7 @@ function sign!(jwt::JWT, key::T, kid::String="") where {T <: JWK}
             alg = "HS256"
         elseif key.kind === MbedTLS.MD_SHA384
             alg = "HS384"
-        elseif key.kind === MbedTLS.MD_SHA512
+        elseif key.kind === MbedTLS.MD_SHA
             alg = "HS512"
         else
             error("unsupported key algorithm")
@@ -177,7 +177,7 @@ function refresh!(keyseturl::String, keysetdict::Dict{String,JWK})
                 elseif alg == "RS384"
                     keysetdict[kid] = JWKRSA(MbedTLS.MD_SHA384, pubkey(n, e, MbedTLS.MD_SHA384))
                 elseif alg == "RS512"
-                    keysetdict[kid] = JWKRSA(MbedTLS.MD_SHA512, pubkey(n, e, MbedTLS.MD_SHA512))
+                    keysetdict[kid] = JWKRSA(MbedTLS.MD_SHA, pubkey(n, e, MbedTLS.MD_SHA))
                 else
                     @warn("key alg $(key["alg"]) not supported yet, skipping key $kid")
                     continue
@@ -189,7 +189,7 @@ function refresh!(keyseturl::String, keysetdict::Dict{String,JWK})
                 elseif alg == "HS384"
                     keysetdict[kid] = JWKSymmetric(MbedTLS.MD_SHA384, k)
                 elseif alg == "HS512"
-                    keysetdict[kid] = JWKSymmetric(MbedTLS.MD_SHA512, k)
+                    keysetdict[kid] = JWKSymmetric(MbedTLS.MD_SHA, k)
                 else
                     @warn("key alg $(key["alg"]) not supported yet, skipping key $kid")
                     continue

diff --git a/test/jwkkey.json b/test/jwkkey.json
@@ -13,6 +13,27 @@
             "alg":"HS256",
             "use":"sig",
             "k":"cXVpY2ticm93bmZveGp1bXBlZG92ZXJ0aGVsYXp5ZG8"
+        },
+        {
+            "kid":"6fYTP3lFbHRId0Ez-K3Ans042BdIczxG6BqnjMyOAe",
+            "kty":"oct",
+            "alg":"HS384",
+            "use":"sig",
+            "k":"g3z71n0KOUSPgqaOqJkX1raLSgP27gR96HjN3BEYCHfoo9rf+hVpl/t093R5uRWN"
+        },
+        {
+            "kid":"7fYTP3lFbHRId0Ez-K3Ans042BdIczxG6BqnjMyOAe",
+            "kty":"oct",
+            "alg":"HS512",
+            "use":"sig",
+            "k":"9FiEdO6HRRWtxnoU4nirCvz9XNS5Cq+qBnre0b7WsK1yV2xzbtQ1fDUeMLOYGtAN1rpmUXHw0X/HFIbIrlfxWA"
+        },
+        {
+            "kid":"0fYTP3lFbHRId0Ez-K3Ans042BdIczxG6BqnjMyOAe",
+            "kty":"oct",
+            "alg":"HSINVALID",
+            "use":"sig",
+            "k":"9FiEdO6HRRWtxnoU4nirCvz9XNS5Cq+qBnre0b7WsK1yV2xzbtQ1fDUeMLOYGtAN1rpmUXHw0X/HFIbIrlfxWA"
         }
     ]
 }