From 78f9e0cdfae461a2491b3efba69f436e25bd587c Mon Sep 17 00:00:00 2001 From: Stas Dm Date: Mon, 19 Feb 2024 12:17:56 +0100 Subject: [PATCH 1/3] feat: add rsa support --- pkg/document/jwk.go | 33 +++++++++++++++++++++++++++------ pkg/document/jwk_test.go | 21 +++++++++++++++++++++ pkg/jws/jwk.go | 22 ++++++++++++++++------ pkg/jws/jwk_test.go | 21 +++++++++++++++++++++ 4 files changed, 85 insertions(+), 12 deletions(-) diff --git a/pkg/document/jwk.go b/pkg/document/jwk.go index ca335f8..5da22de 100644 --- a/pkg/document/jwk.go +++ b/pkg/document/jwk.go @@ -36,21 +36,42 @@ func (jwk JWK) Y() string { return stringEntry(jwk["y"]) } +// N is n. +func (jwk JWK) N() string { + return stringEntry(jwk["n"]) +} + +// E is e. +func (jwk JWK) E() string { + return stringEntry(jwk["e"]) +} + // Validate will validate JWK properties. func (jwk JWK) Validate() error { // TODO: validation of the JWK fields depends on the algorithm (issue-409) // For now check required fields for currently supported algorithms secp256k1, P-256, P-384, P-512 and Ed25519 - if jwk.Crv() == "" { - return errors.New("JWK crv is missing") - } - if jwk.Kty() == "" { return errors.New("JWK kty is missing") } - if jwk.X() == "" { - return errors.New("JWK x is missing") + if jwk.Kty() == "RSA" { + if jwk.N() == "" { + return errors.New("JWK n is missing") + } + + if jwk.E() == "" { + return errors.New("JWK e is missing") + } + } else { + if jwk.Crv() == "" { + return errors.New("JWK crv is missing") + } + + if jwk.X() == "" { + return errors.New("JWK x is missing") + } + } return nil diff --git a/pkg/document/jwk_test.go b/pkg/document/jwk_test.go index 7f78de2..6ea4588 100644 --- a/pkg/document/jwk_test.go +++ b/pkg/document/jwk_test.go @@ -71,4 +71,25 @@ func TestValidate(t *testing.T) { require.Error(t, err) require.Contains(t, err.Error(), "JWK x is missing") }) + + t.Run("missing n", func(t *testing.T) { + jwk := JWK{ + "kty": "RSA", + } + + err := jwk.Validate() + require.Error(t, err) + require.Contains(t, err.Error(), "JWK n is missing") + }) + + t.Run("missing e", func(t *testing.T) { + jwk := JWK{ + "kty": "RSA", + "n": "nn", + } + + err := jwk.Validate() + require.Error(t, err) + require.Contains(t, err.Error(), "JWK e is missing") + }) } diff --git a/pkg/jws/jwk.go b/pkg/jws/jwk.go index 5790b72..2678ec5 100644 --- a/pkg/jws/jwk.go +++ b/pkg/jws/jwk.go @@ -21,16 +21,26 @@ type JWK struct { // Validate validates JWK. func (jwk *JWK) Validate() error { - if jwk.Crv == "" { - return errors.New("JWK crv is missing") - } - if jwk.Kty == "" { return errors.New("JWK kty is missing") } - if jwk.X == "" { - return errors.New("JWK x is missing") + if jwk.Kty == "RSA" { + if jwk.N == "" { + return errors.New("JWK n is missing") + } + + if jwk.E == "" { + return errors.New("JWK e is missing") + } + } else { + if jwk.Crv == "" { + return errors.New("JWK crv is missing") + } + + if jwk.X == "" { + return errors.New("JWK x is missing") + } } return nil diff --git a/pkg/jws/jwk_test.go b/pkg/jws/jwk_test.go index 551b27b..70f0332 100644 --- a/pkg/jws/jwk_test.go +++ b/pkg/jws/jwk_test.go @@ -51,4 +51,25 @@ func TestValidate(t *testing.T) { require.Error(t, err) require.Contains(t, err.Error(), "x is missing") }) + + t.Run("missing n", func(t *testing.T) { + jwk := JWK{ + Kty: "RSA", + } + + err := jwk.Validate() + require.Error(t, err) + require.Contains(t, err.Error(), "n is missing") + }) + + t.Run("missing e", func(t *testing.T) { + jwk := JWK{ + Kty: "RSA", + N: "something", + } + + err := jwk.Validate() + require.Error(t, err) + require.Contains(t, err.Error(), "e is missing") + }) } From e3e22441f5a3c8371807af76c38abfd6df1a05a0 Mon Sep 17 00:00:00 2001 From: Stas Dm Date: Mon, 19 Feb 2024 12:29:21 +0100 Subject: [PATCH 2/3] fix: check order --- .../1_0/operationparser/patchvalidator/document_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/versions/1_0/operationparser/patchvalidator/document_test.go b/pkg/versions/1_0/operationparser/patchvalidator/document_test.go index aa818e4..d43c6d1 100644 --- a/pkg/versions/1_0/operationparser/patchvalidator/document_test.go +++ b/pkg/versions/1_0/operationparser/patchvalidator/document_test.go @@ -120,7 +120,7 @@ func TestValidatePublicKeysErrors(t *testing.T) { err = validatePublicKeys(doc.PublicKeys()) require.Error(t, err) - require.Contains(t, err.Error(), "JWK crv is missing") + require.Contains(t, err.Error(), "JWK kty is missing") }) t.Run("pkB58 key with jwk type", func(t *testing.T) { From fd0f63fe9d74c51a2d907b1972dbd905799d6940 Mon Sep 17 00:00:00 2001 From: Stas Dm Date: Mon, 19 Feb 2024 12:31:58 +0100 Subject: [PATCH 3/3] fix: kty --- pkg/versions/1_0/operationparser/recover_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/versions/1_0/operationparser/recover_test.go b/pkg/versions/1_0/operationparser/recover_test.go index 89693e1..f417548 100644 --- a/pkg/versions/1_0/operationparser/recover_test.go +++ b/pkg/versions/1_0/operationparser/recover_test.go @@ -148,7 +148,7 @@ func TestParseRecoverOperation(t *testing.T) { op, err := parser.ParseRecoverOperation(request, false) require.Error(t, err) - require.Contains(t, err.Error(), "validate signed data for recovery: signing key validation failed: JWK crv is missing") + require.Contains(t, err.Error(), "validate signed data for recovery: signing key validation failed: JWK kty is missing") require.Nil(t, op) })