Skip to content

Commit

Permalink
Fix Response JWE format
Browse files Browse the repository at this point in the history
Due to RFC 7516, if AEAD is used in JWE, `aad` must be included to JSON
serialization of the JWE. See

https://datatracker.ietf.org/doc/html/rfc7516#section-7.2.1

Signed-off-by: Xynnn007 <[email protected]>
  • Loading branch information
Xynnn007 authored and tylerfanelli committed Nov 29, 2024
1 parent ec9b1b4 commit 2bdde03
Showing 1 changed file with 25 additions and 0 deletions.
25 changes: 25 additions & 0 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,8 @@ pub struct Attestation {
pub struct Response {
pub protected: String,
pub encrypted_key: String,
#[serde(skip_serializing_if = "Option::is_none")]
pub aad: Option<String>,
pub iv: String,
pub ciphertext: String,
pub tag: String,
Expand Down Expand Up @@ -153,6 +155,29 @@ mod tests {
assert_eq!(response.iv, "randomdata");
assert_eq!(response.ciphertext, "fakeencoutput");
assert_eq!(response.tag, "faketag");
assert_eq!(response.aad, None);
}

#[test]
fn parse_response_with_aad() {
let data = r#"
{
"protected": "fakejoseheader",
"encrypted_key": "fakekey",
"iv": "randomdata",
"aad": "fakeaad",
"ciphertext": "fakeencoutput",
"tag": "faketag"
}"#;

let response: Response = serde_json::from_str(data).unwrap();

assert_eq!(response.protected, "fakejoseheader");
assert_eq!(response.encrypted_key, "fakekey");
assert_eq!(response.iv, "randomdata");
assert_eq!(response.ciphertext, "fakeencoutput");
assert_eq!(response.tag, "faketag");
assert_eq!(response.aad, Some("fakeaad".into()));
}

#[test]
Expand Down

0 comments on commit 2bdde03

Please sign in to comment.