-
Notifications
You must be signed in to change notification settings - Fork 45
47 lines (36 loc) · 1.59 KB
/
test-docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: Test with Docker build
on:
workflow_dispatch:
push:
branches: [ "release" ]
pull_request:
branches: [ "release" ]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.8"]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.8'
- name: Build the Docker image
run: "cd standalone && docker build . --file Dockerfile --tag rsa_sig2n:latest && cd .."
- name: Install Python dependencies for CVE-2017-11424
run: |
python -m pip install --upgrade pip
pip install PyJWT==1.5.0
- name: Run RS256 test with CVE-2017-11424
run: |
docker run rsa_sig2n python3 jwt_forgery.py `cat ./CVE-2017-11424/test_jwt/RS256/jwt0` `cat ./CVE-2017-11424/test_jwt/RS256/jwt1` | egrep '^eyJ' | tee CVE-2017-11424_RS256.tokens
./test_scripts/test_CVE-2017-11424.sh CVE-2017-11424_RS256.tokens
- name: Run RS384 test with CVE-2017-11424
run: |
docker run rsa_sig2n python3 jwt_forgery.py `cat ./CVE-2017-11424/test_jwt/RS384/jwt0` `cat ./CVE-2017-11424/test_jwt/RS384/jwt1` | egrep '^eyJ' | tee CVE-2017-11424_RS384.tokens
./test_scripts/test_CVE-2017-11424.sh CVE-2017-11424_RS384.tokens
- name: Run RS512 test with CVE-2017-11424
run: |
docker run rsa_sig2n python3 jwt_forgery.py `cat ./CVE-2017-11424/test_jwt/RS512/jwt0` `cat ./CVE-2017-11424/test_jwt/RS512/jwt1` | egrep '^eyJ' | tee CVE-2017-11424_RS512.tokens
./test_scripts/test_CVE-2017-11424.sh CVE-2017-11424_RS512.tokens