paweld/fpc
1
0
Fork 0
mirror of https://gitlab.com/freepascal.org/fpc/source.git synced 2025-04-20 16:09:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

fcl-web: RS256 using sign/verify

Browse Source
This commit is contained in:
mattias 2022-04-30 10:33:57 +02:00
parent 19f97666e8
commit bb1b0cdbf0
2 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/fcl-web/src/jwt/fpjwarsa.pp
View File

@ -109,7 +109,7 @@ begin
try
RSAInitFromPrivateKeyDER(RSA,aKey.AsBytes);
SetLength(aSignature{%H-},RSA.ModulusLen);
if RSAEncryptSign(RSA,@Hash[0],length(Hash),@aSignature[0],false)<RSA.ModulusLen then
if RSAEncryptSign(RSA,@Hash[0],length(Hash),@aSignature[0],true)<RSA.ModulusLen then
raise Exception.Create('20220429223334');
Result:=Base64URL.Encode(@aSignature[0],Length(aSignature),False);
finally
@ -135,9 +135,9 @@ begin
// decrypt hash
RSACreate(RSA);
try
RSAInitFromPrivateKeyDER(RSA,aKey.AsBytes);
RSAInitFromPublicKeyDER(RSA,aKey.AsBytes);
SetLength(DecryptedHash{%H-},length(EncryptedHash));
HashLen:=RSADecryptVerify(RSA,@EncryptedHash[0],@DecryptedHash[0],length(DecryptedHash),false);
HashLen:=RSADecryptVerify(RSA,@EncryptedHash[0],@DecryptedHash[0],length(DecryptedHash),true);
if HashLen<=0 then exit;
SetLength(DecryptedHash,HashLen);
finally

16
packages/fcl-web/tests/tcjwt.pp
View File

@ -269,7 +269,6 @@ begin
S.Free;
end;
FKey:=TJWTKey.Create(@aPrivateKey,SizeOf(TEccPrivateKey));
writeln('AAA1 TTestJWT.TestVerifyES256Pem ');
FVerifyResult:=TMyJWT.ValidateJWT(aInput,FKey);
AssertNotNull('Have result',FVerifyResult);
AssertEquals('Correct class',TMyJWT,FVerifyResult.ClassType);
@ -360,6 +359,16 @@ const
'dtOAmxMASvsqud3XIM5fO5m3Jpl1phiGhCw4nvVLcYzVWxYY+oWoeCSyECgu5tmT'#10+
'Fo8vn4EEXCkEAA2YPiEuVcrcYsWkLivCTC19lJDfUNMmpwSdiGz/tDU='#10+
'-----END RSA PRIVATE KEY-----'#10;
APublicKeyPem =
'-----BEGIN PUBLIC KEY-----'#10+
'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkRfGW8psCZ3G4+hBA6W'#10+
'/CR/FHhBLB3k3QLypamPbRFlFBxLtOK2NblBybY22vUiMLZbb5x8OoOj/IhOrJAl'#10+
'TqhtbTWLy/0K3qbG09vLm8V40kEK8/p0STrp3UmsxHNkccj9MRSKk7pOyEvxSCY6'#10+
'K5JGK1VTsMuDCS7DCYk6Vqr3zjX7qedF1PVM+Z5t0B+f//kt3oBETNlic4IooEpG'#10+
'/PN2GUQ0oZpa16DDtfgGu7wT3X3QEZFWLJYQTvGc82NpachBIUvqNdIt1npbK38M'#10+
'XU4IPHVrSN/HdK2nQPSMLdKnTV+Eh/HcxpfjBjarg+VjgDqlmqJ9bkosOVn35vsg'#10+
'8wIDAQAB'#10+
'-----END PUBLIC KEY-----';
var
aInput: String;
Signer: TJWTSignerRSA;
@ -374,6 +383,7 @@ begin
// load private key from pem
FKey.AsBytes:=PemToDER(APrivateKeyPem,_BEGIN_RSA_PRIVATE_KEY,_END_RSA_PRIVATE_KEY);
// sign
Signer:=TJWTSignerRSA(SignerClass.Create);
try
aInput:=Signer.AppendSignature(JWT,Key);
@ -381,6 +391,10 @@ begin
Signer.Free;
end;
// load public key from pem
FKey.AsBytes:=PemToDER(APublicKeyPem,_BEGIN_PUBLIC_KEY,_END_PUBLIC_KEY);
// verify
FVerifyResult:=TMyJWT.ValidateJWT(aInput,FKey);
AssertNotNull('Have result',FVerifyResult);
AssertEquals('Correct class',TMyJWT,FVerifyResult.ClassType);