Skip to content

Commit

Permalink
signed commits (#1241)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jorg3lopez
jorg3lopez authored Aug 19, 2024
1 parent 631e4c8 commit e142740
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 2 deletions.
6 changes: 4 additions & 2 deletions shared/src/main/java/gov/hhs/cdc/trustedintermediary/external/jjwt/JjwtEngine.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,14 +145,16 @@ protected PublicKey readPublicKey(@Nonnull String pemKey)
}

protected byte[] parseBase64(String keyString) throws IllegalArgumentException {
return Base64.getDecoder().decode(stripPemKeyHeaderAndFooter(keyString));
var cleanedKey = stripPemKeyHeaderAndFooter(keyString);
return Base64.getDecoder().decode(cleanedKey);
}

private String stripPemKeyHeaderAndFooter(String pemKey) {
return pemKey.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
.replace("-----BEGIN PUBLIC KEY-----", "")
.replace("-----END PUBLIC KEY-----", "")
.replaceAll(System.lineSeparator(), "");
.replace("\r\n", "\n") // Normalize Windows-style line endings to Unix-style
.replace("\n", "");
}
}
12 changes: 12 additions & 0 deletions shared/src/test/groovy/gov/hhs/cdc/trustedintermediary/external/jjwt/JjwtEngineTest.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,18 @@ class JjwtEngineTest extends Specification {
actual.properties['privateExponent'] == new BigInteger("6135084963443691491959954033612789413315485466621394415112910151574750195761776678565895940262471648264678116192752477289861521141867535388779067324812232613493545304240891317608890832686745995170911223102440696006419818760484425571916026211363378787010471270320472426425095867691490416933841039927237893032909032803580731575157486299449884306264507680961825930444072391195248779956131000125529322499011873765170247835498332429269555457443449344492245708187941705566103485536344264029763219575769322352195792242439276975260648301693718104261371053389186933547575290557842271013884989713398541057956598536593873481023")
}

def "readPublicKey works"() {
given:
def key = Files.readString(Path.of("..", "mock_credentials", "trusted-intermediary-public-key-local.pem"))

when:
def actual = JjwtEngine.getInstance().readPublicKey(key) // mock_credential

then:
actual.properties['modulus'] == new BigInteger("27897662671237412614645585949757597903240726523917871693547600527580531037615927714357198420605835518634671965372032548422942203717229673323463225343709924634208255237053619724692723573411363211484198357569100148771742283580632631306619990273312871157974345578004704347658040442733544316016870094273123316267308144041089779925186312275870592286737178499633095847230908792065102806909557602796883595871117990184080094342104723065331441619179002838364572851853143344620773544234941860382864764351610571703794571553025384855153288701039759404323155524596814265271809151127402777298274741051512777127381287892775603620877")
actual.properties['publicExponent'] == new BigInteger("65537")
}

def "generateToken blows up because the key isn't Base64"() {
given:
def key = "DogCow is not actually an Base64 encoded"
Expand Down

0 comments on commit e142740

Please sign in to comment.