diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 3f5752f..54c377c 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,4 +1,4 @@ -# Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +# Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/.gitignore b/.gitignore index cf642ac..0f8152c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -# Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +# Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/.vscode/launch.json b/.vscode/launch.json index 1c63017..6e93d17 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithm.go b/algorithm.go index 3ef5382..6e97e0e 100644 --- a/algorithm.go +++ b/algorithm.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/ecdsa/ecdsa.go b/algorithms/ecdsa/ecdsa.go index 01741af..4050518 100644 --- a/algorithms/ecdsa/ecdsa.go +++ b/algorithms/ecdsa/ecdsa.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/ecdsa/ecdsa_test.go b/algorithms/ecdsa/ecdsa_test.go index eaca60f..84ae881 100644 --- a/algorithms/ecdsa/ecdsa_test.go +++ b/algorithms/ecdsa/ecdsa_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/hmac/hmac.go b/algorithms/hmac/hmac.go index 2151617..2a5fa8b 100644 --- a/algorithms/hmac/hmac.go +++ b/algorithms/hmac/hmac.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -297,8 +297,10 @@ func importKeyFromJsonWebKey(keyData *webcrypto.JsonWebKey, params *ImportParams // If usages is non-empty and the use field of jwk is present and is not "sign", then throw a DataError. if len(usages) != 0 { - if keyData.Use != "sign" { - return nil, webcrypto.NewError(webcrypto.ErrDataError, "use must be 'sign'") + if keyData.Use != "" { + if keyData.Use != "sign" { + return nil, webcrypto.NewError(webcrypto.ErrDataError, "use must be 'sign'") + } } } @@ -316,12 +318,13 @@ func importKeyFromJsonWebKey(keyData *webcrypto.JsonWebKey, params *ImportParams return nil, webcrypto.NewError(webcrypto.ErrDataError, "k length cannot be less than hash length") } - if params.Length != uint64(length) { - return nil, webcrypto.NewError(webcrypto.ErrDataError, "length provided does not match key length") + // If the params length is specified, we'll check and ensure the key provided matches the length + if params.Length != 0 { + if params.Length != uint64(length) { + return nil, webcrypto.NewError(webcrypto.ErrDataError, "length provided does not match key length") + } } - params.Length = uint64(length) - if keyData.Ext != extractable { return nil, webcrypto.NewError(webcrypto.ErrDataError, "ext in key does not match value provided") } diff --git a/algorithms/hmac/hmac_test.go b/algorithms/hmac/hmac_test.go index a830ab8..441cae5 100644 --- a/algorithms/hmac/hmac_test.go +++ b/algorithms/hmac/hmac_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,6 +19,7 @@ package hmac import ( "bytes" "encoding/hex" + "encoding/json" "reflect" "testing" @@ -130,6 +131,98 @@ func TestImportKey(t *testing.T) { } +func Test_ImportKey_JsonWebKey(t *testing.T) { + t.Run("import no use", func(t *testing.T) { + k := `{"kty":"oct","key_ops":["sign","verify"],"alg":"HS256","ext":true,"k":"31G2ai1-ZfKsfQfNEQNga9H90J3q8pSHCBc9jcxM7IUzGwzofZJrNgCmE7lXOyR-_BxlA0NthOYT11NwRMOu1w"}` + var jwk webcrypto.JsonWebKey + if err := json.Unmarshal([]byte(k), &jwk); err != nil { + t.Errorf("failed to unmarshal json: %s", err.Error()) + } + + _, err := subtle.ImportKey(webcrypto.Jwk, &jwk, &webcrypto.Algorithm{ + Name: "HMAC", + Params: &ImportParams{ + Hash: "SHA-256", + }, + }, true, []webcrypto.KeyUsage{webcrypto.Sign, webcrypto.Verify}) + if err != nil { + t.Errorf("failed to import key: %s", err.Error()) + } + }) + + t.Run("import valid use", func(t *testing.T) { + k := `{"kty":"oct","use":"sign","key_ops":["sign","verify"],"alg":"HS256","ext":true,"k":"31G2ai1-ZfKsfQfNEQNga9H90J3q8pSHCBc9jcxM7IUzGwzofZJrNgCmE7lXOyR-_BxlA0NthOYT11NwRMOu1w"}` + var jwk webcrypto.JsonWebKey + if err := json.Unmarshal([]byte(k), &jwk); err != nil { + t.Errorf("failed to unmarshal json: %s", err.Error()) + } + + _, err := subtle.ImportKey(webcrypto.Jwk, &jwk, &webcrypto.Algorithm{ + Name: "HMAC", + Params: &ImportParams{ + Hash: "SHA-256", + }, + }, true, []webcrypto.KeyUsage{webcrypto.Sign, webcrypto.Verify}) + if err != nil { + t.Errorf("failed to import key: %s", err.Error()) + } + }) + + t.Run("import invalid use", func(t *testing.T) { + k := `{"kty":"oct","use":"enc","key_ops":["sign","verify"],"alg":"HS256","ext":true,"k":"31G2ai1-ZfKsfQfNEQNga9H90J3q8pSHCBc9jcxM7IUzGwzofZJrNgCmE7lXOyR-_BxlA0NthOYT11NwRMOu1w"}` + var jwk webcrypto.JsonWebKey + if err := json.Unmarshal([]byte(k), &jwk); err != nil { + t.Errorf("failed to unmarshal json: %s", err.Error()) + } + + _, err := subtle.ImportKey(webcrypto.Jwk, &jwk, &webcrypto.Algorithm{ + Name: "HMAC", + Params: &ImportParams{ + Hash: "SHA-256", + }, + }, true, []webcrypto.KeyUsage{webcrypto.Sign, webcrypto.Verify}) + if err == nil { + t.Error("importKey should have returned error") + } + }) + + t.Run("import invalid key_ops", func(t *testing.T) { + k := `{"kty":"oct","key_ops":["encrypt","verify"],"alg":"HS256","ext":true,"k":"31G2ai1-ZfKsfQfNEQNga9H90J3q8pSHCBc9jcxM7IUzGwzofZJrNgCmE7lXOyR-_BxlA0NthOYT11NwRMOu1w"}` + var jwk webcrypto.JsonWebKey + if err := json.Unmarshal([]byte(k), &jwk); err != nil { + t.Errorf("failed to unmarshal json: %s", err.Error()) + } + + _, err := subtle.ImportKey(webcrypto.Jwk, &jwk, &webcrypto.Algorithm{ + Name: "HMAC", + Params: &ImportParams{ + Hash: "SHA-256", + }, + }, true, []webcrypto.KeyUsage{webcrypto.Sign, webcrypto.Verify}) + if err == nil { + t.Error("importKey should have returned error") + } + }) + + t.Run("import invalid key length", func(t *testing.T) { + k := `{"kty":"oct","key_ops":["sign","verify"],"alg":"HS256","ext":true,"k":"VrmFU2huAL6phqi_vvGPvItpX2cJFy6rzjEQpjMqKA0"}` + var jwk webcrypto.JsonWebKey + if err := json.Unmarshal([]byte(k), &jwk); err != nil { + t.Errorf("failed to unmarshal json: %s", err.Error()) + } + + _, err := subtle.ImportKey(webcrypto.Jwk, &jwk, &webcrypto.Algorithm{ + Name: "HMAC", + Params: &ImportParams{ + Hash: "SHA-256", + }, + }, true, []webcrypto.KeyUsage{webcrypto.Sign, webcrypto.Verify}) + if err == nil { + t.Error("importKey should have returned error") + } + }) +} + func TestSign(t *testing.T) { raw, err := hex.DecodeString(rawHexKey) if err != nil { diff --git a/algorithms/rsa/rsa.go b/algorithms/rsa/rsa.go index b9f53af..898f437 100644 --- a/algorithms/rsa/rsa.go +++ b/algorithms/rsa/rsa.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/rsa/rsa_oaep.go b/algorithms/rsa/rsa_oaep.go index cbf64d9..4908ec9 100644 --- a/algorithms/rsa/rsa_oaep.go +++ b/algorithms/rsa/rsa_oaep.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/rsa/rsa_oaep_test.go b/algorithms/rsa/rsa_oaep_test.go index e7e5d48..04fc9f3 100644 --- a/algorithms/rsa/rsa_oaep_test.go +++ b/algorithms/rsa/rsa_oaep_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/sha/sha.go b/algorithms/sha/sha.go index 5dc6ecc..39a0aa5 100644 --- a/algorithms/sha/sha.go +++ b/algorithms/sha/sha.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/algorithms/sha/sha_test.go b/algorithms/sha/sha_test.go index f2c41ef..0eca6e4 100644 --- a/algorithms/sha/sha_test.go +++ b/algorithms/sha/sha_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/crypto.go b/crypto.go index 1f6a34a..ccd498e 100644 --- a/crypto.go +++ b/crypto.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/crypto_key.go b/crypto_key.go index c41037a..d540146 100644 --- a/crypto_key.go +++ b/crypto_key.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/errors.go b/errors.go index b75340e..fcddc04 100644 --- a/errors.go +++ b/errors.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/format.go b/format.go index c5cda7a..9f32638 100644 --- a/format.go +++ b/format.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/go.mod b/go.mod index 1626f58..8c2426d 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/subtle.go b/subtle.go index c45cbdf..ef22fe3 100644 --- a/subtle.go +++ b/subtle.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/util/util.go b/util/util.go index 9f06c8c..5989476 100644 --- a/util/util.go +++ b/util/util.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/util/util_test.go b/util/util_test.go index 6e9fd79..f7a05d4 100644 --- a/util/util_test.go +++ b/util/util_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 ARMORTAL TECHNOLOGIES PTY LTD +// Copyright 2023-2025 ARMORTAL TECHNOLOGIES PTY LTD // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License.