Skip to content

Commit

Permalink
Define ProtectedHeader for Response
Browse files Browse the repository at this point in the history
The struct of the ProtectedHeader is actually well defined in RFC7519,
the changing from string to a struct would do help to serialization and
deserialization.

See https://datatracker.ietf.org/doc/html/rfc7516

Signed-off-by: Xynnn007 <[email protected]>
  • Loading branch information
Xynnn007 authored and tylerfanelli committed Nov 29, 2024
1 parent 2bdde03 commit f313edb
Showing 1 changed file with 56 additions and 5 deletions.
61 changes: 56 additions & 5 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ extern crate alloc;
#[cfg(all(feature = "alloc", not(feature = "std")))]
use alloc::string::String;
use serde_json::Value;
use std::collections::BTreeMap;
#[cfg(feature = "std")]
use std::string::String;

Expand Down Expand Up @@ -85,9 +86,21 @@ pub struct Attestation {
pub tee_evidence: Value,
}

#[derive(Clone, Serialize, Deserialize, Debug)]
pub struct ProtectedHeader {
/// Enryption algorithm for encrypted key
alg: String,
/// Encryption algorithm for payload
enc: String,

/// Other fields of Protected Header
#[serde(skip_serializing_if = "BTreeMap::is_empty", flatten)]
other_fields: BTreeMap<String, String>,
}

#[derive(Clone, Serialize, Deserialize, Debug)]
pub struct Response {
pub protected: String,
pub protected: ProtectedHeader,
pub encrypted_key: String,
#[serde(skip_serializing_if = "Option::is_none")]
pub aad: Option<String>,
Expand Down Expand Up @@ -141,7 +154,10 @@ mod tests {
fn parse_response() {
let data = r#"
{
"protected": "fakejoseheader",
"protected": {
"alg": "fakealg",
"enc": "fakeenc"
},
"encrypted_key": "fakekey",
"iv": "randomdata",
"ciphertext": "fakeencoutput",
Expand All @@ -150,7 +166,9 @@ mod tests {

let response: Response = serde_json::from_str(data).unwrap();

assert_eq!(response.protected, "fakejoseheader");
assert_eq!(response.protected.alg, "fakealg");
assert_eq!(response.protected.enc, "fakeenc");
assert!(response.protected.other_fields.is_empty());
assert_eq!(response.encrypted_key, "fakekey");
assert_eq!(response.iv, "randomdata");
assert_eq!(response.ciphertext, "fakeencoutput");
Expand All @@ -162,7 +180,38 @@ mod tests {
fn parse_response_with_aad() {
let data = r#"
{
"protected": "fakejoseheader",
"protected": {
"alg": "fakealg",
"enc": "fakeenc"
},
"encrypted_key": "fakekey",
"iv": "randomdata",
"aad": "fakeaad",
"ciphertext": "fakeencoutput",
"tag": "faketag"
}"#;

let response: Response = serde_json::from_str(data).unwrap();

assert_eq!(response.protected.alg, "fakealg");
assert_eq!(response.protected.enc, "fakeenc");
assert!(response.protected.other_fields.is_empty());
assert_eq!(response.encrypted_key, "fakekey");
assert_eq!(response.iv, "randomdata");
assert_eq!(response.ciphertext, "fakeencoutput");
assert_eq!(response.tag, "faketag");
assert_eq!(response.aad, Some("fakeaad".into()));
}

#[test]
fn parse_response_with_protectedheader() {
let data = r#"
{
"protected": {
"alg": "fakealg",
"enc": "fakeenc",
"fakefield": "fakevalue"
},
"encrypted_key": "fakekey",
"iv": "randomdata",
"aad": "fakeaad",
Expand All @@ -172,7 +221,9 @@ mod tests {

let response: Response = serde_json::from_str(data).unwrap();

assert_eq!(response.protected, "fakejoseheader");
assert_eq!(response.protected.alg, "fakealg");
assert_eq!(response.protected.enc, "fakeenc");
assert_eq!(response.protected.other_fields["fakefield"], "fakevalue");
assert_eq!(response.encrypted_key, "fakekey");
assert_eq!(response.iv, "randomdata");
assert_eq!(response.ciphertext, "fakeencoutput");
Expand Down

0 comments on commit f313edb

Please sign in to comment.