From 07beefdd15406936b0b720bfcb27f815111c9f97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Fri, 18 Nov 2016 21:36:00 +0100 Subject: [PATCH] Validate signature --- .../acme4j/connector/DefaultConnectionTest.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java index 6d79e1e1..7ebf79a2 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java @@ -34,6 +34,7 @@ import java.util.Locale; import java.util.Map; import org.jose4j.base64url.Base64Url; +import org.jose4j.jws.JsonWebSignature; import org.jose4j.jwx.CompactSerializer; import org.junit.Before; import org.junit.Test; @@ -457,7 +458,8 @@ public class DefaultConnectionTest { verify(mockUrlConnection).getResponseCode(); verifyNoMoreInteractions(mockUrlConnection); - String[] written = CompactSerializer.deserialize(new String(outputStream.toByteArray(), "utf-8")); + String serialized = new String(outputStream.toByteArray(), "utf-8"); + String[] written = CompactSerializer.deserialize(serialized); String header = Base64Url.decodeToUtf8String(written[0]); String claims = Base64Url.decodeToUtf8String(written[1]); String signature = written[2]; @@ -475,6 +477,11 @@ public class DefaultConnectionTest { assertThat(header, sameJSONAs(expectedHeader.toString()).allowingExtraUnexpectedFields()); assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}")); assertThat(signature, not(isEmptyOrNullString())); + + JsonWebSignature jws = new JsonWebSignature(); + jws.setCompactSerialization(serialized); + jws.setKey(DefaultConnectionTest.this.session.getKeyPair().getPublic()); + assertThat(jws.verifySignature(), is(true)); } /**