1 files changed, 81 insertions, 0 deletions
diff --git a/src/service/identity/test_plugin_rest_identity_signature.sh b/src/service/identity/test_plugin_rest_identity_signature.sh
new file mode 100755
index 000000000..a4d5fa5d7
--- /dev/null
+++ b/src/service/identity/test_plugin_rest_identity_signature.sh
@@ -0,0 +1,81 @@
+#!/usr/bin/bash
+# https://www.rfc-editor.org/rfc/rfc7515#appendix-A.3
+header='{"alg":"EdDSA"}'
+payload='Example of Ed25519 signing'
+key='{  "kty":"OKP",
+        "crv":"Ed25519",
+        "d":"nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A",
+        "x":"11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"
+    }'
+header_payload_test="eyJhbGciOiJFZERTQSJ9.RXhhbXBsZSBvZiBFZDI1NTE5IHNpZ25pbmc"
+signature_test="hgyY0il_MGCjP0JzlnLWG1PPOt7-09PGcvMg3AIbQR6dWbhijcNR4ki4iylGjg5BhVsPt9g7sVvpAr_MuM0KAg"
+base64url_add_padding() {
+    for i in $( seq 1 $(( 4 - ${#1} % 4 )) ); do padding+="="; done
+    echo "$1""$padding"
+}
+base64url_encode () {
+    echo -n -e "$1" | base64 -w0 | tr '+/' '-_' | tr -d '='
+}
+base64url_decode () {
+    padded_input=$(base64url_add_padding "$1")
+    echo -n "$padded_input" | basenc --base64url -d
+}
+base32crockford_encode () {
+    echo -n -e "$1" | basenc --base32hex | tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ'
+}
+echo -n "jwk: "
+echo $key | jq
+# Create Header
+# 65556 (decimal)
+# = 00000000-00000001-00000000-00010100 (binary little endian)
+# = 00-01-00-14 (hex little endian)
+header_hex=("00" "01" "00" "14")
+# Convert secret JWK to HEX array
+key_hex=( $( base64url_decode $( echo -n "$key" | jq -r '.d' ) | xxd -p | tr -d '\n' | fold -w 2 | tr '\n' ' ' ) )
+# Concat header and key
+header_key_hex=(${header_hex[@]} ${key_hex[@]})
+# Encode with Base32Crogford
+key_gnunet=$(echo -n "${header_key_hex[*]}" | tr -d " " | xxd -p -r | basenc --base32hex | tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ' | tr -d "=")
+echo "gnunet skey: $key_gnunet"
+# Create ego
+gnunet-identity -C ego9696595726 -X -P "$key_gnunet"
+# Test base64url encoding and header.payload generation
+header_payload_enc="$(base64url_encode "$header").$(base64url_encode "$payload")"
+if [ $header_payload_enc != $header_payload_test ] ; 
+then 
+    exit 1
+fi
+echo "header.payload: $header_payload_enc"
+# Sign JWT
+signature_enc=$(curl -s "localhost:7776/sign?user=ego9696595726&data=$header_payload_enc" | jq -r '.signature')
+jwt="$header_payload_enc.$signature_enc"
+echo "header.payload.signature: $jwt"
+gnunet-identity -D ego9696595726
+if [ $signature_enc !=  $signature_test ]
+then
+    echo "Signature does not check out:"
+    echo "$signature_enc"
+    echo "$signature_test"
+    exit 1
+else 
+    echo "Signature does check out!"
+    exit 1
+fi

diff --git a/src/service/identity/test_plugin_rest_identity_signature.sh b/src/service/identity/test_plugin_rest_identity_signature.sh new file mode 100755 index 000000000..a4d5fa5d7 --- /dev/null +++ b/src/service/identity/test_plugin_rest_identity_signature.sh
@@ -0,0 +1,81 @@
	1	#!/usr/bin/bash
	2
	3	# https://www.rfc-editor.org/rfc/rfc7515#appendix-A.3
	4
	5	header='{"alg":"EdDSA"}'
	6	payload='Example of Ed25519 signing'
	7	key='{ "kty":"OKP",
	8	"crv":"Ed25519",
	9	"d":"nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A",
	10	"x":"11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"
	11	}'
	12
	13	header_payload_test="eyJhbGciOiJFZERTQSJ9.RXhhbXBsZSBvZiBFZDI1NTE5IHNpZ25pbmc"
	14	signature_test="hgyY0il_MGCjP0JzlnLWG1PPOt7-09PGcvMg3AIbQR6dWbhijcNR4ki4iylGjg5BhVsPt9g7sVvpAr_MuM0KAg"
	15
	16	base64url_add_padding() {
	17	for i in $( seq 1 $(( 4 - ${#1} % 4 )) ); do padding+="="; done
	18	echo "$1""$padding"
	19	}
	20
	21	base64url_encode () {
	22	echo -n -e "$1" \| base64 -w0 \| tr '+/' '-_' \| tr -d '='
	23	}
	24
	25	base64url_decode () {
	26	padded_input=$(base64url_add_padding "$1")
	27	echo -n "$padded_input" \| basenc --base64url -d
	28	}
	29
	30	base32crockford_encode () {
	31	echo -n -e "$1" \| basenc --base32hex \| tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ'
	32	}
	33
	34	echo -n "jwk: "
	35	echo $key \| jq
	36
	37	# Create Header
	38	# 65556 (decimal)
	39	# = 00000000-00000001-00000000-00010100 (binary little endian)
	40	# = 00-01-00-14 (hex little endian)
	41	header_hex=("00" "01" "00" "14")
	42
	43	# Convert secret JWK to HEX array
	44	key_hex=( $( base64url_decode $( echo -n "$key" \| jq -r '.d' ) \| xxd -p \| tr -d '\n' \| fold -w 2 \| tr '\n' ' ' ) )
	45
	46	# Concat header and key
	47	header_key_hex=(${header_hex[@]} ${key_hex[@]})
	48
	49	# Encode with Base32Crogford
	50	key_gnunet=$(echo -n "${header_key_hex[*]}" \| tr -d " " \| xxd -p -r \| basenc --base32hex \| tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ' \| tr -d "=")
	51	echo "gnunet skey: $key_gnunet"
	52
	53	# Create ego
	54	gnunet-identity -C ego9696595726 -X -P "$key_gnunet"
	55
	56	# Test base64url encoding and header.payload generation
	57	header_payload_enc="$(base64url_encode "$header").$(base64url_encode "$payload")"
	58	if [ $header_payload_enc != $header_payload_test ] ;
	59	then
	60	exit 1
	61	fi
	62	echo "header.payload: $header_payload_enc"
	63
	64	# Sign JWT
	65	signature_enc=$(curl -s "localhost:7776/sign?user=ego9696595726&data=$header_payload_enc" \| jq -r '.signature')
	66	jwt="$header_payload_enc.$signature_enc"
	67	echo "header.payload.signature: $jwt"
	68
	69	gnunet-identity -D ego9696595726
	70
	71	if [ $signature_enc != $signature_test ]
	72	then
	73	echo "Signature does not check out:"
	74	echo "$signature_enc"
	75	echo "$signature_test"
	76	exit 1
	77	else
	78	echo "Signature does check out!"
	79	exit 1
	80	fi
	81