Skip to content

Commit

Permalink
jwe: ensure we always generate appropriate content encryption key sizes
Browse files Browse the repository at this point in the history 
This fixes failures in some ECDH-ES + CBC scenarios. The generator is
meant to generate cek's, so it should be the content algorithm's key
size, not the key encryption algorithm's key size.
  • Loading branch information
@imirkin
imirkin committed Dec 15, 2020
1 parent f786eda commit 2ed99a5
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 6 deletions.
6 changes: 2 additions & 4 deletions jwe/jwe.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{},
}

var enc keyenc.Encrypter
var keysize int
switch keyalg {
case jwa.RSA1_5:
var pubkey rsa.PublicKey
Expand All @@ -45,7 +44,6 @@ func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{},
if err != nil {
return nil, errors.Wrap(err, "failed to create RSA PKCS encrypter")
}
keysize = contentcrypt.KeySize()
case jwa.RSA_OAEP, jwa.RSA_OAEP_256:
var pubkey rsa.PublicKey
if err := keyconv.RSAPublicKey(&pubkey, key); err != nil {
Expand All @@ -56,7 +54,6 @@ func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{},
if err != nil {
return nil, errors.Wrap(err, "failed to create RSA OAEP encrypter")
}
keysize = contentcrypt.KeySize()
case jwa.A128KW, jwa.A192KW, jwa.A256KW,
jwa.A128GCMKW, jwa.A192GCMKW, jwa.A256GCMKW,
jwa.PBES2_HS256_A128KW, jwa.PBES2_HS384_A192KW, jwa.PBES2_HS512_A256KW:
Expand All @@ -75,7 +72,6 @@ func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{},
if err != nil {
return nil, errors.Wrap(err, "failed to create key wrap encrypter")
}
keysize = contentcrypt.KeySize()
// NOTE: there was formerly a restriction, introduced
// in PR #26, which disallowed certain key/content
// algorithm combinations. This seemed bogus, and
Expand All @@ -86,6 +82,7 @@ func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{},
return nil, errors.Errorf("failed to build %s key encrypter", keyalg)
}

var keysize int
switch keyalg {
case jwa.ECDH_ES:
// https://tools.ietf.org/html/rfc7518#page-15
Expand All @@ -111,6 +108,7 @@ func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{},
return nil, errors.Errorf(`invalid key encryption algorithm (%s)`, keyalg)
}

keysize := contentcrypt.KeySize()
if pdebug.Enabled {
pdebug.Printf("Encrypt: keysize = %d", keysize)
}
Expand Down
4 changes: 2 additions & 2 deletions jwx_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,9 +171,9 @@ func TestJoseCompatibility(t *testing.T) {
{jwa.RSA_OAEP_256, jwa.A256CBC_HS512},
// {jwa.ECDH_ES, jwa.A256CBC_HS512},
{jwa.ECDH_ES_A128KW, jwa.A128GCM},
// {jwa.ECDH_ES_A128KW, jwa.A128CBC_HS256},
{jwa.ECDH_ES_A128KW, jwa.A128CBC_HS256},
{jwa.ECDH_ES_A256KW, jwa.A256GCM},
// {jwa.ECDH_ES_A256KW, jwa.A256CBC_HS512},
{jwa.ECDH_ES_A256KW, jwa.A256CBC_HS512},
{jwa.A128KW, jwa.A128GCM},
{jwa.A128KW, jwa.A128CBC_HS256},
{jwa.A256KW, jwa.A256GCM},
Expand Down

0 comments on commit 2ed99a5

Please sign in to comment.