search

paseto-standard / test-vectors

Test vectors for PASETO, PASERK, etc.
Other
6 stars 4 forks source link

Question: V2 Test Vectors 2-F-1 thru 2-F-3 (Expected Failures) #11

Closed rrrodzilla closed 2 years ago

rrrodzilla commented 2 years ago

Hi, quick question: are these expected to fail because the payload is null, or is there more than that I'm not seeing? Thx!

For reference:

{
      "name": "2-F-1",
      "expect-fail": true,
      "public-key": "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
      "secret-key": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2",
      "secret-key-seed": "b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a3774",
      "secret-key-pem": "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEILTL+0PfTOIQcn2VPkpxMwf6Gbt9n4UEFDjZ4RuUKjd0\n-----END PRIVATE KEY-----",
      "public-key-pem": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAHrnbu7wEfAP9cGBOAHHwmH4Wsot1ciXBHwBBXQ4gsaI=\n-----END PUBLIC KEY-----",
      "token": "v2.local.pN9Y9kTFKnCskKr7B13IoceBabSTMS0LkUg3SeAqONg6EJsq9h-CLWdWaA_rMZX4MhGsOQn5I0EsIgYeOA2NPJZU0uulsahH-k871PBq.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
      "payload": null,
      "footer": "arbitrary-string-that-isn't-json",
      "implicit-assertion": "{\"test-vector\":\"2-F-1\"}"
    },
    {
      "name": "2-F-2",
      "expect-fail": true,
      "nonce": "df654812bac492663825520ba2f6e67cf5ca5bdc13d4e7507a98cc4c2fcc3ad8",
      "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
      "token": "v2.public.eyJpbnZhbGlkIjoidGhpcyBzaG91bGQgbmV2ZXIgZGVjb2RlIn1kgrdAMxcO3wFKXJrLa1cq-DB6V_b25KQ1hV_jpOS-uYBmsg8EMS4j6kl2g83iRsh73knLGr7Ik1AEOvUgyw0P.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9",
      "payload": null,
      "footer": "{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}",
      "implicit-assertion": "{\"test-vector\":\"2-F-2\"}"
    },
    {
      "name": "2-F-3",
      "expect-fail": true,
      "nonce": "26f7553354482a1d91d4784627854b8da6b8042a7966523c2b404e8dbbe7f7f2",
      "key": "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f",
      "token": "v1.local.vXWMCh8nxf_RMqrLREJVOWyu01yRzb-miB6mkG1zQ8LS4_W5nQdTOpexZq482ReJ0sv5uFfAWRGpJaONiMqFaAAo-dsbWG2vo63xUmwFGxHNhu9plfFav2SaGDERFGn7IQ20gNQl87eOLaxf2GDsWdfu5hrFaQ.YXJiaXRyYXJ5LXN0cmluZy10aGF0LWlzbid0LWpzb24",
      "payload": null,
      "footer": "arbitrary-string-that-isn't-json",
      "implicit-assertion": "{\"test-vector\":\"2-F-3\"}"
    }
aidantwoods commented 2 years ago

I believe these should all be failing algorithm lucidity checks. For the first two the wrong type of key is used when compared with the token, and then for the third the version is mismatched for what should be the v2 test suite.

rrrodzilla commented 2 years ago

Oh, shoot. You're right. I see that now. Thanks for pointing that out!