Skip to content

Commit

Permalink
test: stop testing JWE RSA1_5 Algorithm
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Mar 7, 2024
1 parent 1b91d88 commit e839ecb
Show file tree
Hide file tree
Showing 7 changed files with 33 additions and 74 deletions.
66 changes: 0 additions & 66 deletions cookbook/jwe.mjs
Original file line number Diff line number Diff line change
@@ -1,70 +1,4 @@
export default [
{
title:
'https://www.rfc-editor.org/rfc/rfc7520#section-5.1 - Key Encryption using RSA v1.5 and AES-HMAC-SHA2',
webcrypto: false,
reproducible: false,
input: {
plaintext:
'You can trust us to stick with you through thick and thin–to the bitter end. And you can trust us to keep any secret of yours–closer than you keep it yourself. But you cannot trust us to let you face trouble alone, and go off without a word. We are your friends, Frodo.',
key: {
kty: 'RSA',
ext: false,
kid: 'frodo.baggins@hobbiton.example',
use: 'enc',
n: 'maxhbsmBtdQ3CNrKvprUE6n9lYcregDMLYNeTAWcLj8NnPU9XIYegTHVHQjxKDSHP2l-F5jS7sppG1wgdAqZyhnWvXhYNvcM7RfgKxqNx_xAHx6f3yy7s-M9PSNCwPC2lh6UAkR4I00EhV9lrypM9Pi4lBUop9t5fS9W5UNwaAllhrd-osQGPjIeI1deHTwx-ZTHu3C60Pu_LJIl6hKn9wbwaUmA4cR5Bd2pgbaY7ASgsjCUbtYJaNIHSoHXprUdJZKUMAzV0WOKPfA6OPI4oypBadjvMZ4ZAj3BnXaSYsEZhaueTXvZB4eZOAjIyh2e_VOIKVMsnDrJYAVotGlvMQ',
e: 'AQAB',
d: 'Kn9tgoHfiTVi8uPu5b9TnwyHwG5dK6RE0uFdlpCGnJN7ZEi963R7wybQ1PLAHmpIbNTztfrheoAniRV1NCIqXaW_qS461xiDTp4ntEPnqcKsyO5jMAji7-CL8vhpYYowNFvIesgMoVaPRYMYT9TW63hNM0aWs7USZ_hLg6Oe1mY0vHTI3FucjSM86Nff4oIENt43r2fspgEPGRrdE6fpLc9Oaq-qeP1GFULimrRdndm-P8q8kvN3KHlNAtEgrQAgTTgz80S-3VD0FgWfgnb1PNmiuPUxO8OpI9KDIfu_acc6fg14nsNaJqXe6RESvhGPH2afjHqSy_Fd2vpzj85bQQ',
p: '2DwQmZ43FoTnQ8IkUj3BmKRf5Eh2mizZA5xEJ2MinUE3sdTYKSLtaEoekX9vbBZuWxHdVhM6UnKCJ_2iNk8Z0ayLYHL0_G21aXf9-unynEpUsH7HHTklLpYAzOOx1ZgVljoxAdWNn3hiEFrjZLZGS7lOH-a3QQlDDQoJOJ2VFmU',
q: 'te8LY4-W7IyaqH1ExujjMqkTAlTeRbv0VLQnfLY2xINnrWdwiQ93_VF099aP1ESeLja2nw-6iKIe-qT7mtCPozKfVtUYfz5HrJ_XY2kfexJINb9lhZHMv5p1skZpeIS-GPHCC6gRlKo1q-idn_qxyusfWv7WAxlSVfQfk8d6Et0',
dp: 'UfYKcL_or492vVc0PzwLSplbg4L3-Z5wL48mwiswbpzOyIgd2xHTHQmjJpFAIZ8q-zf9RmgJXkDrFs9rkdxPtAsL1WYdeCT5c125Fkdg317JVRDo1inX7x2Kdh8ERCreW8_4zXItuTl_KiXZNU5lvMQjWbIw2eTx1lpsflo0rYU',
dq: 'iEgcO-QfpepdH8FWd7mUFyrXdnOkXJBCogChY6YKuIHGc_p8Le9MbpFKESzEaLlN1Ehf3B6oGBl5Iz_ayUlZj2IoQZ82znoUrpa9fVYNot87ACfzIG7q9Mv7RiPAderZi03tkVXAdaBau_9vs5rS-7HMtxkVrxSUvJY14TkXlHE',
qi: 'kC-lzZOqoFaZCr5l0tOVtREKoVqaAYhQiqIRGL-MzS4sCmRkxm5vZlXYx6RtE1n_AagjqajlkjieGlxTTThHD8Iga6foGBMaAr5uR1hGQpSc7Gl7CF1DZkBJMTQN6EshYzZfxW08mIO8M6Rzuh0beL6fG9mkDcIyPrBXx2bQ_mM',
},
alg: 'RSA1_5',
enc: 'A128CBC-HS256',
},
generated: {
cek: '3qyTVhIWt5juqZUCpfRqpvauwB956MEJL2Rt-8qXKSo',
iv: 'bbd5sTkYwhAIqfHsx8DayA',
},
encrypting_key: {},
encrypting_content: {
protected: {
alg: 'RSA1_5',
kid: 'frodo.baggins@hobbiton.example',
enc: 'A128CBC-HS256',
},
},
output: {
compact:
'eyJhbGciOiJSU0ExXzUiLCJraWQiOiJmcm9kby5iYWdnaW5zQGhvYmJpdG9uLmV4YW1wbGUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.laLxI0j-nLH-_BgLOXMozKxmy9gffy2gTdvqzfTihJBuuzxg0V7yk1WClnQePFvG2K-pvSlWc9BRIazDrn50RcRai__3TDON395H3c62tIouJJ4XaRvYHFjZTZ2GXfz8YAImcc91Tfk0WXC2F5Xbb71ClQ1DDH151tlpH77f2ff7xiSxh9oSewYrcGTSLUeeCt36r1Kt3OSj7EyBQXoZlN7IxbyhMAfgIe7Mv1rOTOI5I8NQqeXXW8VlzNmoxaGMny3YnGir5Wf6Qt2nBq4qDaPdnaAuuGUGEecelIO1wx1BpyIfgvfjOhMBs9M8XL223Fg47xlGsMXdfuY-4jaqVw.bbd5sTkYwhAIqfHsx8DayA.0fys_TY_na7f8dwSfXLiYdHaA2DxUjD67ieF7fcVbIR62JhJvGZ4_FNVSiGc_raa0HnLQ6s1P2sv3Xzl1p1l_o5wR_RsSzrS8Z-wnI3Jvo0mkpEEnlDmZvDu_k8OWzJv7eZVEqiWKdyVzFhPpiyQU28GLOpRc2VbVbK4dQKPdNTjPPEmRqcaGeTWZVyeSUvf5k59yJZxRuSvWFf6KrNtmRdZ8R4mDOjHSrM_s8uwIFcqt4r5GX8TKaI0zT5CbL5Qlw3sRc7u_hg0yKVOiRytEAEs3vZkcfLkP6nbXdC_PkMdNS-ohP78T2O6_7uInMGhFeX4ctHG7VelHGiT93JfWDEQi5_V9UN1rhXNrYu-0fVMkZAKX3VWi7lzA6BP430m.kvKuFBXHe5mQr4lqgobAUg',
json: {
recipients: [
{
encrypted_key:
'laLxI0j-nLH-_BgLOXMozKxmy9gffy2gTdvqzfTihJBuuzxg0V7yk1WClnQePFvG2K-pvSlWc9BRIazDrn50RcRai__3TDON395H3c62tIouJJ4XaRvYHFjZTZ2GXfz8YAImcc91Tfk0WXC2F5Xbb71ClQ1DDH151tlpH77f2ff7xiSxh9oSewYrcGTSLUeeCt36r1Kt3OSj7EyBQXoZlN7IxbyhMAfgIe7Mv1rOTOI5I8NQqeXXW8VlzNmoxaGMny3YnGir5Wf6Qt2nBq4qDaPdnaAuuGUGEecelIO1wx1BpyIfgvfjOhMBs9M8XL223Fg47xlGsMXdfuY-4jaqVw',
},
],
protected:
'eyJhbGciOiJSU0ExXzUiLCJraWQiOiJmcm9kby5iYWdnaW5zQGhvYmJpdG9uLmV4YW1wbGUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0',
iv: 'bbd5sTkYwhAIqfHsx8DayA',
ciphertext:
'0fys_TY_na7f8dwSfXLiYdHaA2DxUjD67ieF7fcVbIR62JhJvGZ4_FNVSiGc_raa0HnLQ6s1P2sv3Xzl1p1l_o5wR_RsSzrS8Z-wnI3Jvo0mkpEEnlDmZvDu_k8OWzJv7eZVEqiWKdyVzFhPpiyQU28GLOpRc2VbVbK4dQKPdNTjPPEmRqcaGeTWZVyeSUvf5k59yJZxRuSvWFf6KrNtmRdZ8R4mDOjHSrM_s8uwIFcqt4r5GX8TKaI0zT5CbL5Qlw3sRc7u_hg0yKVOiRytEAEs3vZkcfLkP6nbXdC_PkMdNS-ohP78T2O6_7uInMGhFeX4ctHG7VelHGiT93JfWDEQi5_V9UN1rhXNrYu-0fVMkZAKX3VWi7lzA6BP430m',
tag: 'kvKuFBXHe5mQr4lqgobAUg',
},
json_flat: {
protected:
'eyJhbGciOiJSU0ExXzUiLCJraWQiOiJmcm9kby5iYWdnaW5zQGhvYmJpdG9uLmV4YW1wbGUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0',
encrypted_key:
'laLxI0j-nLH-_BgLOXMozKxmy9gffy2gTdvqzfTihJBuuzxg0V7yk1WClnQePFvG2K-pvSlWc9BRIazDrn50RcRai__3TDON395H3c62tIouJJ4XaRvYHFjZTZ2GXfz8YAImcc91Tfk0WXC2F5Xbb71ClQ1DDH151tlpH77f2ff7xiSxh9oSewYrcGTSLUeeCt36r1Kt3OSj7EyBQXoZlN7IxbyhMAfgIe7Mv1rOTOI5I8NQqeXXW8VlzNmoxaGMny3YnGir5Wf6Qt2nBq4qDaPdnaAuuGUGEecelIO1wx1BpyIfgvfjOhMBs9M8XL223Fg47xlGsMXdfuY-4jaqVw',
iv: 'bbd5sTkYwhAIqfHsx8DayA',
ciphertext:
'0fys_TY_na7f8dwSfXLiYdHaA2DxUjD67ieF7fcVbIR62JhJvGZ4_FNVSiGc_raa0HnLQ6s1P2sv3Xzl1p1l_o5wR_RsSzrS8Z-wnI3Jvo0mkpEEnlDmZvDu_k8OWzJv7eZVEqiWKdyVzFhPpiyQU28GLOpRc2VbVbK4dQKPdNTjPPEmRqcaGeTWZVyeSUvf5k59yJZxRuSvWFf6KrNtmRdZ8R4mDOjHSrM_s8uwIFcqt4r5GX8TKaI0zT5CbL5Qlw3sRc7u_hg0yKVOiRytEAEs3vZkcfLkP6nbXdC_PkMdNS-ohP78T2O6_7uInMGhFeX4ctHG7VelHGiT93JfWDEQi5_V9UN1rhXNrYu-0fVMkZAKX3VWi7lzA6BP430m',
tag: 'kvKuFBXHe5mQr4lqgobAUg',
},
},
},
{
title:
'https://www.rfc-editor.org/rfc/rfc7520#section-5.2 - Key Encryption using RSA-OAEP with AES-GCM',
Expand Down
5 changes: 4 additions & 1 deletion src/runtime/node/zlib.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
import { promisify } from 'util'
import { inflateRaw as inflateRawCb, deflateRaw as deflateRawCb } from 'zlib'
import { JWEDecompressionFailed } from '../../util/errors.js'

import type { InflateFunction, DeflateFunction } from '../../types.d'

const inflateRaw = promisify(inflateRawCb)
const deflateRaw = promisify(deflateRawCb)

export const inflate: InflateFunction = (input: Uint8Array) =>
inflateRaw(input, { maxOutputLength: 250_000 })
inflateRaw(input, { maxOutputLength: 250_000 }).catch(() => {
throw new JWEDecompressionFailed()
})
export const deflate: DeflateFunction = (input: Uint8Array) => deflateRaw(input)
29 changes: 29 additions & 0 deletions src/util/errors.ts
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,35 @@ export class JWEDecryptionFailed extends JOSEError {
message = 'decryption operation failed'
}

/**
* An error subclass thrown when a JWE ciphertext decompression fails.
*
* @example Checking thrown error is this one using a stable error code
*
* ```js
* if (err.code === 'ERR_JWE_DECOMPRESSION_FAILED') {
* // ...
* }
* ```
*
* @example Checking thrown error is this one using `instanceof`
*
* ```js
* if (err instanceof jose.errors.JWEDecompressionFailed) {
* // ...
* }
* ```
*/
export class JWEDecompressionFailed extends JOSEError {
static get code(): 'ERR_JWE_DECOMPRESSION_FAILED' {
return 'ERR_JWE_DECOMPRESSION_FAILED'
}

code = 'ERR_JWE_DECOMPRESSION_FAILED'

message = 'decompression operation failed'
}

/**
* An error subclass thrown when a JWE is invalid.
*
Expand Down
1 change: 0 additions & 1 deletion tap/jwk.ts
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ export default (QUnit: QUnit, lib: typeof jose) => {
['RSA-OAEP-384', KEYS.RSA.jwk, true],
['RSA-OAEP-512', KEYS.RSA.jwk, true],
['RSA-OAEP', KEYS.RSA.jwk, true],
['RSA1_5', KEYS.RSA.jwk, env.isNodeCrypto || env.isElectron],
]

function publicJwk(jwk: JsonWebKey) {
Expand Down
3 changes: 0 additions & 3 deletions tap/pem.ts
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,6 @@ export default (QUnit: QUnit, lib: typeof jose) => {
['RSA-OAEP', KEYS.RSA.pkcs8, true],
['RSA-OAEP', KEYS.RSA.spki, true],
['RSA-OAEP', KEYS.RSA.x509, true],
['RSA1_5', KEYS.RSA.pkcs8, env.isNodeCrypto || env.isElectron],
['RSA1_5', KEYS.RSA.spki, env.isNodeCrypto || env.isElectron],
['RSA1_5', KEYS.RSA.x509, env.isNodeCrypto || env.isElectron],
[['ECDH-ES', 'P-256'], KEYS.P256.pkcs8, true],
[['ECDH-ES', 'P-256'], KEYS.P256.spki, true],
[['ECDH-ES', 'P-256'], KEYS.P256.x509, true],
Expand Down
2 changes: 0 additions & 2 deletions tap/rsaes.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
import type QUnit from 'qunit'
import * as env from './env.js'
import type * as jose from '../src/index.js'
import * as roundtrip from './encrypt.js'

Expand All @@ -11,7 +10,6 @@ export default (QUnit: QUnit, lib: typeof jose) => {

type Vector = [string, boolean]
const algorithms: Vector[] = [
['RSA1_5', env.isNodeCrypto || env.isElectron],
['RSA-OAEP', true],
['RSA-OAEP-256', true],
['RSA-OAEP-384', true],
Expand Down
1 change: 0 additions & 1 deletion test/jws/restrictions.test.mjs
Original file line number Diff line number Diff line change
Expand Up @@ -122,5 +122,4 @@ test(testECDSASigEncoding, 'ES256')
test(testECDSASigEncoding, 'ES384')
test(testECDSASigEncoding, 'ES512')

test(testRSAenc, 'RSA1_5')
test(testECDSASigEncoding, 'ES256K')

0 comments on commit e839ecb

Please sign in to comment.