From f61cfa875d1bfd9164c16069ab62bf7b74fcc831 Mon Sep 17 00:00:00 2001 From: lhazlewood <121180+lhazlewood@users.noreply.github.com> Date: Fri, 26 Jan 2024 17:54:51 -0800 Subject: [PATCH] Test case change to reflect accurate assertion for Elliptic Curve 'd' values against the curve order (not the field size) per https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.2.1 (#906) --- .../impl/security/AbstractEcJwkFactoryTest.groovy | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/impl/src/test/groovy/io/jsonwebtoken/impl/security/AbstractEcJwkFactoryTest.groovy b/impl/src/test/groovy/io/jsonwebtoken/impl/security/AbstractEcJwkFactoryTest.groovy index 42fb889ee..fbbd144db 100644 --- a/impl/src/test/groovy/io/jsonwebtoken/impl/security/AbstractEcJwkFactoryTest.groovy +++ b/impl/src/test/groovy/io/jsonwebtoken/impl/security/AbstractEcJwkFactoryTest.groovy @@ -63,14 +63,18 @@ class AbstractEcJwkFactoryTest { def y = Decoders.BASE64URL.decode(ys) def d = Decoders.BASE64URL.decode(ds) - // most important part of the test: the decoded byte arrays must have a length equal to the curve - // field size (in bytes): + // most important part of the test: 'x' and 'y' decoded byte arrays must have a length equal to the curve + // field size (in bytes) per https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.1.2 and + // https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.1.3 int fieldSizeInBits = key.getParams().getCurve().getField().getFieldSize() int fieldSizeInBytes = Bytes.length(fieldSizeInBits) - assertEquals fieldSizeInBytes, x.length assertEquals fieldSizeInBytes, y.length - assertEquals fieldSizeInBytes, d.length + + // and 'd' must have a length equal to the curve order size in bytes per + // https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.2.1 + int orderSizeInBytes = Bytes.length(key.params.order.bitLength()) + assertEquals orderSizeInBytes, d.length } } }