Skip to content

Commit

Permalink
ProtectedHeader: change other_fields to Map to allow nested fields
Browse files Browse the repository at this point in the history
For JWE using EC or ECX, the ephemeral asymmetric public key should be
included in the ProtectedHeader. It will be a nested structure rather
than flatten fields.

Signed-off-by: Xynnn007 <[email protected]>
  • Loading branch information
Xynnn007 authored and tylerfanelli committed Jan 6, 2025
1 parent b5dcfed commit 4cc3e46
Showing 1 changed file with 41 additions and 6 deletions.
47 changes: 41 additions & 6 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ mod error;
pub use error::{KbsTypesError, Result};

#[cfg(all(feature = "alloc", not(feature = "std")))]
use alloc::{collections::btree_map::BTreeMap, string::String, vec::Vec};
use alloc::{string::String, vec::Vec};
use base64::{prelude::BASE64_URL_SAFE_NO_PAD, Engine};
use serde_json::Value;
use serde_json::{Map, Value};
#[cfg(all(feature = "std", not(feature = "alloc")))]
use std::{collections::BTreeMap, string::String};
use std::string::String;

use serde::{Deserialize, Serialize};

Expand Down Expand Up @@ -97,8 +97,8 @@ pub struct ProtectedHeader {
pub enc: String,

/// Other fields of Protected Header
#[serde(skip_serializing_if = "BTreeMap::is_empty", flatten)]
pub other_fields: BTreeMap<String, String>,
#[serde(skip_serializing_if = "Map::is_empty", flatten)]
pub other_fields: Map<String, Value>,
}

impl ProtectedHeader {
Expand Down Expand Up @@ -277,7 +277,7 @@ mod tests {
let protected_header = ProtectedHeader {
alg: "fakealg".to_string(),
enc: "fakeenc".to_string(),
other_fields: BTreeMap::new(),
other_fields: Map::new(),
};

let aad = protected_header.generate_aad().unwrap();
Expand Down Expand Up @@ -311,6 +311,41 @@ mod tests {
assert_eq!(response.aad, None);
}

#[test]
fn parse_response_nested_protected_header() {
let data = r#"
{
"protected": "eyJhbGciOiJmYWtlYWxnIiwiZW5jIjoiZmFrZWVuYyIsImVwayI6eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4IjoiaFNEd0NZa3dwMVIwaTMzY3RENzNXZzJfT2cwbU9CcjA2NlNwanFxYlRtbyJ9fQo",
"encrypted_key": "ZmFrZWtleQ",
"iv": "cmFuZG9tZGF0YQ",
"ciphertext": "ZmFrZWVuY291dHB1dA",
"tag": "ZmFrZXRhZw"
}"#;

let response: Response = serde_json::from_str(data).unwrap();

assert_eq!(response.protected.alg, "fakealg");
assert_eq!(response.protected.enc, "fakeenc");

let expected_other_fields = json!({
"epk": {
"kty" : "OKP",
"crv": "X25519",
"x": "hSDwCYkwp1R0i33ctD73Wg2_Og0mOBr066SpjqqbTmo"
}
})
.as_object()
.unwrap()
.clone();

assert_eq!(response.protected.other_fields, expected_other_fields);
assert_eq!(response.encrypted_key, "fakekey".as_bytes());
assert_eq!(response.iv, "randomdata".as_bytes());
assert_eq!(response.ciphertext, "fakeencoutput".as_bytes());
assert_eq!(response.tag, "faketag".as_bytes());
assert_eq!(response.aad, None);
}

#[test]
fn parse_response_with_aad() {
let data = r#"
Expand Down

0 comments on commit 4cc3e46

Please sign in to comment.