forked from jwt/ruby-jwt
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrsa_spec.rb
More file actions
63 lines (53 loc) · 2 KB
/
rsa_spec.rb
File metadata and controls
63 lines (53 loc) · 2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# frozen_string_literal: true
RSpec.describe JWT::JWA::Rsa do
let(:rsa_key) { OpenSSL::PKey::RSA.generate(2048) }
let(:data) { 'test data' }
let(:rsa_instance) { described_class.new('RS256') }
describe '#initialize' do
it 'initializes with the correct algorithm and digest' do
expect(rsa_instance.instance_variable_get(:@alg)).to eq('RS256')
expect(rsa_instance.send(:digest).name).to eq('SHA256')
end
end
describe '#sign' do
context 'with a valid RSA key' do
it 'signs the data' do
signature = rsa_instance.sign(data: data, signing_key: rsa_key)
expect(signature).not_to be_nil
end
end
context 'with a key length less than 2048 bits' do
let(:rsa_key) { OpenSSL::PKey::RSA.generate(1024) }
it 'raises an error' do
expect do
rsa_instance.sign(data: data, signing_key: rsa_key)
end.to raise_error(JWT::EncodeError, 'The key length must be greater than or equal to 2048 bits')
end
end
context 'with an invalid key' do
it 'raises an error' do
expect do
rsa_instance.sign(data: data, signing_key: 'invalid_key')
end.to raise_error(JWT::EncodeError, /The given key is a String. It has to be an OpenSSL::PKey::RSA instance/)
end
end
end
describe '#verify' do
let(:signature) { rsa_instance.sign(data: data, signing_key: rsa_key) }
context 'with a valid RSA key' do
it 'returns true' do
expect(rsa_instance.verify(data: data, signature: signature, verification_key: rsa_key)).to be(true)
end
end
context 'with an invalid signature' do
it 'returns false' do
expect(rsa_instance.verify(data: data, signature: 'invalid_signature', verification_key: rsa_key)).to be(false)
end
end
context 'with an invalid key' do
it 'returns false' do
expect(rsa_instance.verify(data: data, signature: 'invalid_signature', verification_key: OpenSSL::PKey::RSA.generate(2048))).to be(false)
end
end
end
end