Prevent RSA import_key() from altering a JWK hash reference. (#12)
* Prevent RSA import_key() from altering a JWK hash reference.
Issue #11
* amendments per review
FGasper authored 7 years ago
karel-m committed 7 years ago
90 | 90 |
return $self->_import_hex($key->{N}, $key->{e}, $key->{d}, $key->{p}, $key->{q}, $key->{dP}, $key->{dQ}, $key->{qP});
|
91 | 91 |
}
|
92 | 92 |
if ($key->{n} && $key->{e} && $key->{kty} && $key->{kty} eq "RSA") {
|
|
93 |
$key = {%$key}; #make a copy so that the modifications below stay local
|
|
94 |
|
93 | 95 |
# hash with items corresponding to JSON Web Key (JWK)
|
94 | 96 |
for (qw/n e d p q dp dq qi/) {
|
95 | 97 |
$key->{$_} = eval { unpack("H*", decode_b64u($key->{$_})) } if exists $key->{$_};
|
2 | 2 |
use Test::More;
|
3 | 3 |
|
4 | 4 |
plan skip_all => "No JSON::* module installed" unless eval { require JSON::PP } || eval { require JSON::XS } || eval { require Cpanel::JSON::XS };
|
5 | |
plan tests => 96;
|
|
5 |
plan tests => 97;
|
6 | 6 |
|
7 | 7 |
use Crypt::PK::RSA;
|
8 | 8 |
use Crypt::PK::ECC;
|
|
229 | 229 |
is($kh->{curve_name}, "secp256r1", "EC curve test HASH2");
|
230 | 230 |
ok(!$ec->is_private, "EC private test HASH2");
|
231 | 231 |
}
|
|
232 |
|
|
233 |
{
|
|
234 |
my $jwk = {
|
|
235 |
e => 'AQAB',
|
|
236 |
kty => 'RSA',
|
|
237 |
n => 'ln_cp6g_c65R6uYmwFx6AF1PyyZF7N1EaLhvUjDStK6Scmp_XCD-ynz5Q1iS0Q2t8gnh_s5dQtThiuvOGxCK1j69TA6Jpo0uUBL-gzf3J25PhqdNmTbGGRNkD0aT8qfeY9_bXTA1vmawh-46A6xrVFiT62NK7IdsyQNzrtR9QwzcSR79m9UqTVe5MdDB9tZZIotmqWQlZ5MVb26PPmgkuh6AthS-an2KeDdYRwAyQtfR1B6f-swzIPwq-AUy1pfmGVe-d6K5dCOU9RUMPPRiQ7atmodAxfcWywmnrCtSCfPk0fkTLN4RsuCWV85NXcGnpr41m4uacALT0Xs0IqBKbw',
|
|
238 |
};
|
|
239 |
my $before_json = {%$jwk};
|
|
240 |
|
|
241 |
Crypt::PK::RSA->new($jwk);
|
|
242 |
|
|
243 |
is_deeply(
|
|
244 |
$jwk,
|
|
245 |
$before_json,
|
|
246 |
'new($jwk) doesn’t change $jwk',
|
|
247 |
);
|
|
248 |
}
|