feat: added algorithm 'A128CBC-HS256' resolves #6

adorsys · Sep 26, 2018 · bdbd732 · bdbd732
1 parent a827b2c
commit bdbd732
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 23 deletions.
diff --git a/src/index.d.ts b/src/index.d.ts
@@ -1,7 +1,7 @@
 export interface JWK {
   kty: 'oct',
   kid?: string,
-  alg?: 'A256KW' | 'A256GCM' | 'A256GCMKW',
+  alg?: 'A256KW' | 'A256GCM' | 'A256GCMKW' | 'A128CBC-HS256',
   use?: 'enc',
   k: string
 }

diff --git a/src/index.js b/src/index.js
@@ -4,7 +4,9 @@ const hydra = require('hydration')
 function isKey (jwk) {
   return (
     ['oct'].includes(jwk.kty) &&
-    ['A256KW', 'A256GCMKW', 'A256GCM', undefined].includes(jwk.alg) &&
+    ['A256KW', 'A256GCMKW', 'A256GCM', 'A128CBC-HS256', undefined].includes(
+      jwk.alg
+    ) &&
     ['enc', undefined].includes(jwk.use) &&
     jwk.k.match(/^[A-Za-z0-9_-]{43}$/)
   )

diff --git a/test/jwe.test.js b/test/jwe.test.js
@@ -1,12 +1,32 @@
 const test = require('ava')
 const jwe = require('../src')
 
-const validJwk = {
-  kty: 'oct',
-  use: 'enc',
-  alg: 'A256GCM',
-  k: '1234567890123456789012345678901234567890123'
-}
+const validJwks = [
+  {
+    kty: 'oct',
+    use: 'enc',
+    alg: 'A256GCM',
+    k: '1234567890123456789012345678901234567890123'
+  },
+  {
+    kty: 'oct',
+    use: 'enc',
+    alg: 'A256GCMKW',
+    k: '1234567890123456789012345678901234567890123'
+  },
+  {
+    kty: 'oct',
+    use: 'enc',
+    alg: 'A256KW',
+    k: '1234567890123456789012345678901234567890123'
+  },
+  {
+    kty: 'oct',
+    use: 'enc',
+    alg: 'A128CBC-HS256',
+    k: '1234567890123456789012345678901234567890123'
+  }
+]
 
 const corruptJwks = [
   {
@@ -76,20 +96,25 @@ corruptJwks.forEach((jwk, i) => {
   })
 })
 
-testValues.forEach((tv, i) => {
-  test.cb(`encrypt/decrypt ${JSON.stringify(testValues[i])}`, t => {
-    ;(async () => {
-      const codec = await jwe(validJwk)
-      const cipher = await codec.encrypt(tv)
-      t.is(typeof cipher, 'string', 'encrypt gives string')
-      const parts = cipher.split('.')
-      t.is(parts.length, 5, 'with 5 parts')
-      parts.forEach(part => {
-        t.regex(part, /^[A-Za-z0-9_-]*$/, 'of Base64 encoded values')
-      })
-      const value = await codec.decrypt(cipher)
-      t.deepEqual(value, tv, 'decrypt gives correct value')
-      t.end()
-    })()
+validJwks.forEach((jwk, i) => {
+  testValues.forEach((tv, i) => {
+    test.cb(
+      `encrypt/decrypt with ${jwk.alg} ${JSON.stringify(testValues[i])}`,
+      t => {
+        ;(async () => {
+          const codec = await jwe(jwk)
+          const cipher = await codec.encrypt(tv)
+          t.is(typeof cipher, 'string', 'encrypt gives string')
+          const parts = cipher.split('.')
+          t.is(parts.length, 5, 'with 5 parts')
+          parts.forEach(part => {
+            t.regex(part, /^[A-Za-z0-9_-]*$/, 'of Base64 encoded values')
+          })
+          const value = await codec.decrypt(cipher)
+          t.deepEqual(value, tv, 'decrypt gives correct value')
+          t.end()
+        })()
+      }
+    )
   })
 })