Skip to content

Commit

Permalink
Loading
Loading status checks…
Confirmed LibJWT encoded EDDSA keys can be decoded by ruby-jwt
Browse files Browse the repository at this point in the history 
Included test script

Signed-off-by: Ben Collins <[email protected]>
@benmcollins
benmcollins committed Dec 3, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
1 parent bb4a8d6 commit 49a4ea0
Showing 4 changed files with 24 additions and 5 deletions.
7 changes: 2 additions & 5 deletions tests/jwt_eddsa.c
View file
Original file line number Diff line number Diff line change
@@ -33,9 +33,6 @@
static unsigned char key[16384];
static size_t key_len;

/* NOTE: EdDSA signing will generate a different signature every time, so can't
* be simply string compared for verification like we do with RS. */

static const char jwt_eddsa[] = "eyJhbGciOiJFRERTQSIsInR5cCI6IkpXVCJ9.eyJpYX"
"QiOjE0NzU5ODA1NDUsImlzcyI6ImZpbGVzLm1hY2xhcmEtbGxjLmNvbSIsInJlZiI6I"
"lhYWFgtWVlZWS1aWlpaLUFBQUEtQ0NDQyIsInN1YiI6InVzZXIwIn0.19ip2DFFjaZ_"
@@ -118,13 +115,13 @@ static void __test_alg_key(const jwt_alg_t alg, const char *file, const char *pu

START_TEST(test_jwt_encode_eddsa)
{
__test_alg_key(JWT_ALG_EDDSA, "eddsa_key_edd25519.pem", "eddsa_key_edd25519-pub.pem");
__test_alg_key(JWT_ALG_EDDSA, "eddsa_key_ed25519.pem", "eddsa_key_ed25519-pub.pem");
}
END_TEST

START_TEST(test_jwt_verify_eddsa)
{
__verify_jwt(jwt_eddsa, JWT_ALG_EDDSA, "eddsa_key_edd25519-pub.pem");
__verify_jwt(jwt_eddsa, JWT_ALG_EDDSA, "eddsa_key_ed25519-pub.pem");
}
END_TEST

0 tests/keys/eddsa_key_edd25519-pub.pem → tests/keys/eddsa_key_ed25519-pub.pem
View file
File renamed without changes.
0 tests/keys/eddsa_key_edd25519.pem → tests/keys/eddsa_key_ed25519.pem
View file
File renamed without changes.
22 changes: 22 additions & 0 deletions tests/misc/ruby-eddsa.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#!/usr/bin/env ruby

# gem install jwt-eddsa
require "jwt/eddsa"

# EDDSA Token generated by LibJWT
# Key generated by OpenSSL (keys/eddsa_key_ed25519-pub.pem)
# The pub key was converted to 32-bytes with some openssl and CLI magic

token = "eyJhbGciOiJFRERTQSIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0NzU5ODA1NDUsImlzc" +
"yI6ImZpbGVzLm1hY2xhcmEtbGxjLmNvbSIsInJlZiI6IlhYWFgtWVlZWS1aWlpaLUF" +
"BQUEtQ0NDQyIsInN1YiI6InVzZXIwIn0.19ip2DFFjaZ_UFVCo0OtdwuzSmOYModle" +
"JVeFcAjb_4hrAAf0pZSf8O78pivbXLJenEIsaZ9REFOauBeDxbTBw"

pub_key = "\x1d\x48\xfe\xd7\x89\x0d\xe8\xde\x22\xe6\xa3\x55\x91\xf1\x21\xc0" +
"\xa8\x82\x7f\xeb\x52\xae\xf4\x47\xb2\xd4\x1d\xb5\x5f\x1a\xe5\x03"

verify_key = Ed25519::VerifyKey.new(pub_key)

payload, header = JWT.decode(token, verify_key, true, algorithm: "EdDSA")
puts payload
puts header

0 comments on commit 49a4ea0

Please sign in to comment.