jose-jwe-enc 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. #!/bin/sh -ex
  2. WRAP=`jose alg -k wrap`
  3. ENCR=`jose alg -k encr`
  4. tmpdir=`mktemp -d 2>/dev/null || mktemp -d -t jose`
  5. onexit() {
  6. rm -rf $tmpdir
  7. }
  8. trap onexit EXIT
  9. jwk=$tmpdir/jwk
  10. jwe=$tmpdir/jwe
  11. jqopt() {
  12. if ! which jq >/dev/null 2>&1; then
  13. echo "$3"
  14. else
  15. jq -r "if $2 | type | . = \"string\" then $2 else error(\"\") end" < $1
  16. fi
  17. }
  18. jqbopt() {
  19. if ! which jq >/dev/null 2>&1; then
  20. echo "$4"
  21. else
  22. jq -r "if $2 | type | . = \"string\" then $2 else error(\"\") end" < $1 \
  23. | jose b64 dec -i- \
  24. | jq -r "if $3 | type | . = \"string\" then $3 else error(\"\") end"
  25. fi
  26. }
  27. for msg in "hi" "this is a longer message that is more than one block"; do
  28. for w in $WRAP; do
  29. [ $w = "dir" ] && continue
  30. jose jwk gen -i "{\"alg\":\"$w\"}" -o $jwk
  31. printf '%s' "$msg" | jose jwe enc -I- -k $jwk -o $jwe
  32. [ "`jqopt $jwe .header.alg $w`" = "$w" ]
  33. [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
  34. for e in $ENCR; do
  35. printf '%s' "$msg" | jose jwe enc \
  36. -i "{\"protected\":{\"enc\":\"$e\"}}" -I- \
  37. -k $jwk -o $jwe
  38. [ "`jqopt $jwe .header.alg $w`" = "$w" ]
  39. [ "`jqbopt $jwe .protected .enc $e`" = "$e" ]
  40. [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
  41. done
  42. done
  43. for e in $ENCR; do
  44. jose jwk gen -i "{\"alg\":\"$e\"}" -o $jwk
  45. printf '%s' "$msg" | jose jwe enc \
  46. -i "{\"protected\":{\"alg\":\"dir\"}}" -I- \
  47. -k $jwk -o $jwe
  48. [ "`jqbopt $jwe .protected .alg dir`" = "dir" ]
  49. [ "`jqbopt $jwe .protected .enc $e`" = "$e" ]
  50. [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
  51. printf '%s' "$msg" | jose jwe enc -I- -k $jwk -o $jwe
  52. [ "`jqopt $jwe .header.alg dir`" = "dir" ]
  53. [ "`jqbopt $jwe .protected .enc $e`" = "$e" ]
  54. [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
  55. done
  56. for tmpl in '{"kty":"oct","bytes":32}' '{"kty":"RSA","bits":2048}' '{"kty":"EC","crv":"P-256"}'; do
  57. jose jwk gen -i "$tmpl" -o $jwk
  58. printf '%s' "$msg" | jose jwe enc -I- -k $jwk -o $jwe
  59. [ "`jose jwe dec -i $jwe -k $jwk -O-`" = "$msg" ]
  60. done
  61. done