Testing jwt
h3rald h3rald@h3rald.com
Fri, 29 Dec 2023 22:37:36 +0000
3 files changed,
18 insertions(+),
9 deletions(-)
M
.gitignore
→
.gitignore
@@ -22,3 +22,6 @@ *.db-shm
*.db-wal *.nim.bak litestore_linkerArgs.txt +token.txt +x5c.cert +jwt
M
src/admin/md/overview.md
→
src/admin/md/overview.md
@@ -65,4 +65,4 @@ To make serving a single-page application _from LiteStore_ even easier and faster, you can automatically import (and export) the contents of a directory recursively.
#### Directory Mounting and Mirroring -After importing the contents of a directory into a LiteStore data store, you can _mount it_ on LiteStore and mirror all data store changes to the filesystem. Incidentally, that's how most of the LiteStore Admin test app was built [](class:fa-smile-o).+After importing the contents of a directory into a LiteStore data store, you can _mount it_ on LiteStore and mirror all data store changes to the filesystem. Incidentally, that's how most of the LiteStore Admin test app was built [](class:fa-face-smile).
M
src/litestorepkg/lib/jwt.nim
→
src/litestorepkg/lib/jwt.nim
@@ -20,7 +20,8 @@ proc EVP_DigestVerifyFinal(ctx: EVP_MD_CTX; data: pointer;
len: cuint): cint {.cdecl, importc.} proc raiseJwtError(msg: string) = - raise newException(EJwtValidationError, msg) + let err = $ERR_error_string(ERR_get_error(), nil) + raise newException(EJwtValidationError, msg&"\n"&err) proc getX5c*(token: JWT): string = let file = getCurrentDir() / "jwks.json"@@ -83,7 +84,6 @@ let cert = x5c.decode
let alg = EVP_sha256(); var x509: PX509 var pubkey: EVP_PKEY - var pkeyctx: EVP_PKEY_CTX ### Validate Signature (Only RS256 supported) x509 = d2i_X509(cert)@@ -97,6 +97,10 @@
let mdctx = EVP_MD_CTX_create() if mdctx.isNil: raiseJwtError("Unable to initialize MD CTX") + + let pkeyctx = EVP_PKEY_CTX_new(pubkey, nil) + if pkeyctx.isNil: + raiseJwtError("Unable to initialize PKEY CTX") if EVP_DigestVerifyInit(mdctx, addr pkeyctx, alg, nil, pubkey) != 1: raiseJwtError("Unable to initialize digest verification")@@ -117,11 +121,13 @@ if not x509.isNil:
X509_free(x509) +when isMainModule: + let token = "token.txt".readFile + let x5c = "x5c.cert".readFile + let jwt = token.newJwt - - - - - - + echo token + echo "---" + echo x5c + jwt.verifySignature(x5c)