paweld/fpc
1
0
Fork 0
mirror of https://gitlab.com/freepascal.org/fpc/source.git synced 2025-08-18 16:29:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fcl-web: RS256 using sign/verify

Browse Source
This commit is contained in:
mattias 2022-04-30 10:33:57 +02:00
parent 19f97666e8
commit bb1b0cdbf0
2 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/fcl-web/src/jwt/fpjwarsa.pp
View File

@ -109,7 +109,7 @@ begin
try try
RSAInitFromPrivateKeyDER(RSA,aKey.AsBytes); RSAInitFromPrivateKeyDER(RSA,aKey.AsBytes);
SetLength(aSignature{%H-},RSA.ModulusLen); SetLength(aSignature{%H-},RSA.ModulusLen);
if RSAEncryptSign(RSA,@Hash[0],length(Hash),@aSignature[0],false)<RSA.ModulusLen then if RSAEncryptSign(RSA,@Hash[0],length(Hash),@aSignature[0],true)<RSA.ModulusLen then
raise Exception.Create('20220429223334'); raise Exception.Create('20220429223334');
Result:=Base64URL.Encode(@aSignature[0],Length(aSignature),False); Result:=Base64URL.Encode(@aSignature[0],Length(aSignature),False);
finally finally
@ -135,9 +135,9 @@ begin
// decrypt hash // decrypt hash
RSACreate(RSA); RSACreate(RSA);
try try
RSAInitFromPrivateKeyDER(RSA,aKey.AsBytes); RSAInitFromPublicKeyDER(RSA,aKey.AsBytes);
SetLength(DecryptedHash{%H-},length(EncryptedHash)); SetLength(DecryptedHash{%H-},length(EncryptedHash));
HashLen:=RSADecryptVerify(RSA,@EncryptedHash[0],@DecryptedHash[0],length(DecryptedHash),false); HashLen:=RSADecryptVerify(RSA,@EncryptedHash[0],@DecryptedHash[0],length(DecryptedHash),true);
if HashLen<=0 then exit; if HashLen<=0 then exit;
SetLength(DecryptedHash,HashLen); SetLength(DecryptedHash,HashLen);
finally finally

16
packages/fcl-web/tests/tcjwt.pp
View File

@ -269,7 +269,6 @@ begin
S.Free; S.Free;
end; end;
FKey:=TJWTKey.Create(@aPrivateKey,SizeOf(TEccPrivateKey)); FKey:=TJWTKey.Create(@aPrivateKey,SizeOf(TEccPrivateKey));
writeln('AAA1 TTestJWT.TestVerifyES256Pem ');
FVerifyResult:=TMyJWT.ValidateJWT(aInput,FKey); FVerifyResult:=TMyJWT.ValidateJWT(aInput,FKey);
AssertNotNull('Have result',FVerifyResult); AssertNotNull('Have result',FVerifyResult);
AssertEquals('Correct class',TMyJWT,FVerifyResult.ClassType); AssertEquals('Correct class',TMyJWT,FVerifyResult.ClassType);
@ -360,6 +359,16 @@ const
'dtOAmxMASvsqud3XIM5fO5m3Jpl1phiGhCw4nvVLcYzVWxYY+oWoeCSyECgu5tmT'#10+ 'dtOAmxMASvsqud3XIM5fO5m3Jpl1phiGhCw4nvVLcYzVWxYY+oWoeCSyECgu5tmT'#10+
'Fo8vn4EEXCkEAA2YPiEuVcrcYsWkLivCTC19lJDfUNMmpwSdiGz/tDU='#10+ 'Fo8vn4EEXCkEAA2YPiEuVcrcYsWkLivCTC19lJDfUNMmpwSdiGz/tDU='#10+
'-----END RSA PRIVATE KEY-----'#10; '-----END RSA PRIVATE KEY-----'#10;
APublicKeyPem =
'-----BEGIN PUBLIC KEY-----'#10+
'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkRfGW8psCZ3G4+hBA6W'#10+
'/CR/FHhBLB3k3QLypamPbRFlFBxLtOK2NblBybY22vUiMLZbb5x8OoOj/IhOrJAl'#10+
'TqhtbTWLy/0K3qbG09vLm8V40kEK8/p0STrp3UmsxHNkccj9MRSKk7pOyEvxSCY6'#10+
'K5JGK1VTsMuDCS7DCYk6Vqr3zjX7qedF1PVM+Z5t0B+f//kt3oBETNlic4IooEpG'#10+
'/PN2GUQ0oZpa16DDtfgGu7wT3X3QEZFWLJYQTvGc82NpachBIUvqNdIt1npbK38M'#10+
'XU4IPHVrSN/HdK2nQPSMLdKnTV+Eh/HcxpfjBjarg+VjgDqlmqJ9bkosOVn35vsg'#10+
'8wIDAQAB'#10+
'-----END PUBLIC KEY-----';
var var
aInput: String; aInput: String;
Signer: TJWTSignerRSA; Signer: TJWTSignerRSA;
@ -374,6 +383,7 @@ begin
// load private key from pem // load private key from pem
FKey.AsBytes:=PemToDER(APrivateKeyPem,_BEGIN_RSA_PRIVATE_KEY,_END_RSA_PRIVATE_KEY); FKey.AsBytes:=PemToDER(APrivateKeyPem,_BEGIN_RSA_PRIVATE_KEY,_END_RSA_PRIVATE_KEY);
// sign
Signer:=TJWTSignerRSA(SignerClass.Create); Signer:=TJWTSignerRSA(SignerClass.Create);
try try
aInput:=Signer.AppendSignature(JWT,Key); aInput:=Signer.AppendSignature(JWT,Key);
@ -381,6 +391,10 @@ begin
Signer.Free; Signer.Free;
end; end;
// load public key from pem
FKey.AsBytes:=PemToDER(APublicKeyPem,_BEGIN_PUBLIC_KEY,_END_PUBLIC_KEY);
// verify
FVerifyResult:=TMyJWT.ValidateJWT(aInput,FKey); FVerifyResult:=TMyJWT.ValidateJWT(aInput,FKey);
AssertNotNull('Have result',FVerifyResult); AssertNotNull('Have result',FVerifyResult);
AssertEquals('Correct class',TMyJWT,FVerifyResult.ClassType); AssertEquals('Correct class',TMyJWT,FVerifyResult.ClassType);