Skip to content

Commit

Permalink
Support passing ssl library rsa keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@sandro97git
sandro97git committed Mar 4, 2025
1 parent 3286105 commit f2c1084
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 0 deletions.
11 changes: 11 additions & 0 deletions include/jwt-cpp/jwt.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1460,6 +1460,17 @@ namespace jwt {
} else
throw error::rsa_exception(error::rsa_error::no_key_provided);
}
/**
* Construct new rsa algorithm
*
* \param key_pair openssl EVP_PKEY structure containing RSA key pair. The private part is optional.
* \param md Pointer to hash function
* \param name Name of the algorithm
*/
rsa(helper::evp_pkey_handle key_pair, const EVP_MD* (*md)(), std::string name)
: pkey(std::move(key_pair)), md(md), alg_name(std::move(name)) {
if (!pkey) { throw error::rsa_exception(error::rsa_error::no_key_provided); }
}
/**
* Sign jwt data
* \param data The data to sign
Expand Down
41 changes: 41 additions & 0 deletions tests/TokenTest.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,18 @@ TEST(TokenTest, CreateTokenRS256) {
token);
}

TEST(TokenTest, CreateTokenEvpPkeyRS256) {
auto token = jwt::create().set_issuer("auth0").set_type("JWS").sign(
jwt::algorithm::rsa(jwt::helper::load_private_key_from_string(rsa_priv_key), EVP_sha256, "RS256"));

ASSERT_EQ(
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9.VA2i1ui1cnoD6I3wnji1WAVCf29EekysvevGrT2GXqK1dDMc8"
"HAZCTQxa1Q8NppnpYV-hlqxh-X3Bb0JOePTGzjynpNZoJh2aHZD-GKpZt7OO1Zp8AFWPZ3p8Cahq8536fD8RiBES9jRsvChZvOqA7gMcFc4"
"YD0iZhNIcI7a654u5yPYyTlf5kjR97prCf_OXWRn-bYY74zna4p_bP9oWCL4BkaoRcMxi-IR7kmVcCnvbYqyIrKloXP2qPO442RBGqU7Ov9"
"sGQxiVqtRHKXZR9RbfvjrErY1KGiCp9M5i2bsUHadZEY44FE2jiOmx-uc2z5c05CCXqVSpfCjWbh9gQ",
token);
}

#if !defined(JWT_OPENSSL_1_0_0)
TEST(TokenTest, CreateTokenRS256Encrypted) {
// openssl genrsa -aes256 -out private.pem 2048
Expand Down Expand Up @@ -329,6 +341,21 @@ TEST(TokenTest, VerifyTokenRS256) {
verify.verify(decoded_token);
}

TEST(TokenTest, VerifyTokenEvpPkeyRS256) {
std::string token =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9.VA2i1ui1cnoD6I3wnji1WAVCf29EekysvevGrT2GXqK1dDMc8"
"HAZCTQxa1Q8NppnpYV-hlqxh-X3Bb0JOePTGzjynpNZoJh2aHZD-GKpZt7OO1Zp8AFWPZ3p8Cahq8536fD8RiBES9jRsvChZvOqA7gMcFc4"
"YD0iZhNIcI7a654u5yPYyTlf5kjR97prCf_OXWRn-bYY74zna4p_bP9oWCL4BkaoRcMxi-IR7kmVcCnvbYqyIrKloXP2qPO442RBGqU7Ov9"
"sGQxiVqtRHKXZR9RbfvjrErY1KGiCp9M5i2bsUHadZEY44FE2jiOmx-uc2z5c05CCXqVSpfCjWbh9gQ";

auto verify =
jwt::verify().allow_algorithm(jwt::algorithm::rsa(jwt::helper::load_private_key_from_string(rsa_priv_key), EVP_sha256, "RS256")).with_issuer("auth0");

auto decoded_token = jwt::decode(token);

verify.verify(decoded_token);
}

TEST(TokenTest, VerifyTokenRS256PublicOnly) {
std::string token =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9.VA2i1ui1cnoD6I3wnji1WAVCf29EekysvevGrT2GXqK1dDMc8"
Expand All @@ -343,6 +370,20 @@ TEST(TokenTest, VerifyTokenRS256PublicOnly) {
verify.verify(decoded_token);
}

TEST(TokenTest, VerifyTokenEvpPkeyRS256PublicOnly) {
std::string token =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9.VA2i1ui1cnoD6I3wnji1WAVCf29EekysvevGrT2GXqK1dDMc8"
"HAZCTQxa1Q8NppnpYV-hlqxh-X3Bb0JOePTGzjynpNZoJh2aHZD-GKpZt7OO1Zp8AFWPZ3p8Cahq8536fD8RiBES9jRsvChZvOqA7gMcFc4"
"YD0iZhNIcI7a654u5yPYyTlf5kjR97prCf_OXWRn-bYY74zna4p_bP9oWCL4BkaoRcMxi-IR7kmVcCnvbYqyIrKloXP2qPO442RBGqU7Ov9"
"sGQxiVqtRHKXZR9RbfvjrErY1KGiCp9M5i2bsUHadZEY44FE2jiOmx-uc2z5c05CCXqVSpfCjWbh9gQ";

auto verify = jwt::verify().allow_algorithm(jwt::algorithm::rsa(jwt::helper::load_public_key_from_string(rsa_pub_key),EVP_sha256, "RS256")).with_issuer("auth0");

auto decoded_token = jwt::decode(token);

verify.verify(decoded_token);
}

TEST(TokenTest, VerifyTokenRS256PublicOnlyEncrypted) {
// openssl genrsa -aes256 -out private.pem 2048
// openssl rsa -in private.pem -pubout -out public.pem
Expand Down

0 comments on commit f2c1084

Please sign in to comment.