git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
jose
1
0
Fork 0
Files
Tree: 96785d4df4
Branches Tags
jose
/
tests
/
jose-jwe-enc

jose-jwe-enc 2.6 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. #!/bin/sh -ex
    2. 

  2. 

  3. WRAP=`jose alg -k wrap`
    4. 

  4. ENCR=`jose alg -k encr`
    5. 

  5. 

  6. tmpdir=`mktemp -d 2>/dev/null || mktemp -d -t jose`
    7. 

  7. 

  8. onexit() {
    9. 

  9.     rm -rf $tmpdir
    10. 

  10. }
    11. 

  11. 

  12. trap onexit EXIT
    13. 

  13. 

  14. jwk=$tmpdir/jwk
    15. 

  15. jwe=$tmpdir/jwe
    16. 

  16. 

  17. jqopt() {
    18. 

  18.     if ! command -v jq >/dev/null 2>&1; then
    19. 

  19.         echo "$3"
    20. 

  20.     else
    21. 

  21.         jq -r "if $2 | type | . = \"string\" then $2 else error(\"\") end" < $1
    22. 

  22.     fi
    23. 

  23. }
    24. 

  24. 

  25. jqbopt() {
    26. 

  26.     if ! command -v jq >/dev/null 2>&1; then
    27. 

  27.         echo "$4"
    28. 

  28.     else
    29. 

  29.         jq -r "if $2 | type | . = \"string\" then $2 else error(\"\") end" < $1 \
    30. 

  30.             | jose b64 dec -i- \
    31. 

  31.             | jq -r "if $3 | type | . = \"string\" then $3 else error(\"\") end"
    32. 

  32.     fi
    33. 

  33. }
    34. 

  34. 

  35. for msg in "hi" "this is a longer message that is more than one block"; do
    36. 

  36.     for w in $WRAP; do
    37. 

  37.         [ $w = "dir" ] && continue
    38. 

  38. 

  39.         jose jwk gen -i "{\"alg\":\"$w\"}" -o $jwk
    40. 

  40. 

  41.         printf '%s' "$msg" | jose jwe enc -I- -k $jwk -o $jwe
    42. 

  42.         [ "`jqopt $jwe .header.alg $w`" = "$w" ]
    43. 

  43.         [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
    44. 

  44. 

  45.         for e in $ENCR; do
    46. 

  46.             printf '%s' "$msg" | jose jwe enc \
    47. 

  47.                 -i "{\"protected\":{\"enc\":\"$e\"}}" -I- \
    48. 

  48.                 -k $jwk -o $jwe
    49. 

  49.             [ "`jqopt $jwe .header.alg $w`" = "$w" ]
    50. 

  50.             [ "`jqbopt $jwe .protected .enc $e`" = "$e" ]
    51. 

  51.             [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
    52. 

  52.         done
    53. 

  53.     done
    54. 

  54. 

  55.     for e in $ENCR; do
    56. 

  56.         jose jwk gen -i "{\"alg\":\"$e\"}" -o $jwk
    57. 

  57. 

  58.         printf '%s' "$msg" | jose jwe enc \
    59. 

  59.             -i "{\"protected\":{\"alg\":\"dir\"}}" -I- \
    60. 

  60.             -k $jwk -o $jwe
    61. 

  61.         [ "`jqbopt $jwe .protected .alg dir`" = "dir" ]
    62. 

  62.         [ "`jqbopt $jwe .protected .enc $e`" = "$e" ]
    63. 

  63.         [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
    64. 

  64. 

  65.         printf '%s' "$msg" | jose jwe enc -I- -k $jwk -o $jwe
    66. 

  66.         [ "`jqopt $jwe .header.alg dir`" = "dir" ]
    67. 

  67.         [ "`jqbopt $jwe .protected .enc $e`" = "$e" ]
    68. 

  68.         [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
    69. 

  69.     done
    70. 

  70. 

  71.     for tmpl in '{"kty":"oct","bytes":32}' '{"kty":"RSA","bits":2048}' '{"kty":"EC","crv":"P-256"}'; do
    72. 

  72.         jose jwk gen -i "$tmpl" -o $jwk
    73. 

  73. 

  74.         printf '%s' "$msg" | jose jwe enc -I- -k $jwk -o $jwe
    75. 

  75.         [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
    76. 

  76.     done
    77. 

  77. 

  78.     # "zip": "DEF"
    79. 

  79.     tmpl='{"kty":"oct","bytes":32}'
    80. 

  80.     for enc in A128CBC-HS256 A192CBC-HS384 A256CBC-HS512 A128GCM A192GCM A256GCM; do
    81. 

  81.         jose jwk gen -i "${tmpl}" -o "${jwk}"
    82. 

  82.         zip="$(printf '{"alg":"A128KW","enc":"%s","zip":"DEF"}' "${enc}")"
    83. 

  83.         printf '%s' "${msg}" | jose jwe enc -i "${zip}" -I- -k "${jwk}" -o "${jwe}"
    84. 

  84.         [ "$(jose jwe dec -i "${jwe}" -k "${jwk}" -O-)" = "${msg}" ]
    85. 

  85.     done
    86. 

  86. done
    87.