More ECDH-ES example documentation.

potatosalad · Jan 3, 2020 · e2be74a · e2be74a
1 parent 5b79e50
commit e2be74a
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -145,8 +145,9 @@ JOSE.JWA.supports()
      "ECDH-1PU+A256KW", "ECDH-1PU+C20PKW", "ECDH-ES", "ECDH-ES+A128GCMKW",
      "ECDH-ES+A128KW", "ECDH-ES+A192GCMKW", "ECDH-ES+A192KW",
      "ECDH-ES+A256GCMKW", "ECDH-ES+A256KW", "ECDH-ES+C20PKW",
-     "PBES2-HS256+A128KW", "PBES2-HS384+A192KW", "PBES2-HS512+A256KW",
-     "RSA-OAEP", "RSA-OAEP-256", "RSA1_5", "dir"]},
+     "PBES2-HS256+A128GCMKW", "PBES2-HS256+A128KW", "PBES2-HS384+A192GCMKW",
+     "PBES2-HS384+A192KW", "PBES2-HS512+A256GCMKW", "PBES2-HS512+A256KW",
+     "PBES2-HS512+C20PKW", "RSA-OAEP", "RSA-OAEP-256", "RSA1_5", "dir"]},
    {:enc,
     ["A128CBC-HS256", "A128GCM", "A192CBC-HS384", "A192GCM", "A256CBC-HS512",
      "A256GCM", "C20P"]}, {:zip, ["DEF"]}},
@@ -162,6 +163,7 @@ JOSE.crypto_fallback(true)
 
 # additional algorithms are now available for use
 JOSE.JWA.supports()
+
 [
   {:jwe,
    {:alg,
@@ -171,9 +173,10 @@ JOSE.JWA.supports()
      "ECDH-1PU+A256KW", "ECDH-1PU+C20PKW", "ECDH-1PU+XC20PKW", "ECDH-ES",
      "ECDH-ES+A128GCMKW", "ECDH-ES+A128KW", "ECDH-ES+A192GCMKW",
      "ECDH-ES+A192KW", "ECDH-ES+A256GCMKW", "ECDH-ES+A256KW", "ECDH-ES+C20PKW",
-     "ECDH-ES+XC20PKW", "PBES2-HS256+A128KW", "PBES2-HS384+A192KW",
-     "PBES2-HS512+A256KW", "RSA-OAEP", "RSA-OAEP-256", "RSA1_5", "XC20PKW",
-     "dir"]},
+     "ECDH-ES+XC20PKW", "PBES2-HS256+A128GCMKW", "PBES2-HS256+A128KW",
+     "PBES2-HS384+A192GCMKW", "PBES2-HS384+A192KW", "PBES2-HS512+A256GCMKW",
+     "PBES2-HS512+A256KW", "PBES2-HS512+C20PKW", "PBES2-HS512+XC20PKW",
+     "RSA-OAEP", "RSA-OAEP-256", "RSA1_5", "XC20PKW", "dir"]},
    {:enc,
     ["A128CBC-HS256", "A128GCM", "A192CBC-HS384", "A192GCM", "A256CBC-HS512",
      "A256GCM", "C20P", "XC20P"]}, {:zip, ["DEF"]}},
@@ -480,9 +483,14 @@ EncryptedECDHES = jose_jwk:box_encrypt(AliceToBob, BobPublicJWK, AlicePrivateJWK
 - [X] `ECDH-ES+A256KW`
 - [X] `ECDH-ES+C20PKW` <sup>[draft-amringer-jose-chacha](https://tools.ietf.org/html/draft-amringer-jose-chacha-01)</sup>
 - [X] `ECDH-ES+XC20PKW` <sup>[draft-amringer-jose-chacha](https://tools.ietf.org/html/draft-amringer-jose-chacha-01)</sup>
+- [X] `PBES2-HS256+A128GCMKW` <sup>non-standard</sup>
+- [X] `PBES2-HS384+A192GCMKW` <sup>non-standard</sup>
+- [X] `PBES2-HS512+A256GCMKW` <sup>non-standard</sup>
 - [X] `PBES2-HS256+A128KW`
 - [X] `PBES2-HS384+A192KW`
 - [X] `PBES2-HS512+A256KW`
+- [X] `PBES2-HS512+C20PKW` <sup>non-standard</sup>
+- [X] `PBES2-HS512+XC20PKW` <sup>non-standard</sup>
 - [X] `RSA1_5`
 - [X] `RSA-OAEP`
 - [X] `RSA-OAEP-256`

diff --git a/lib/jose/jwe.ex b/lib/jose/jwe.ex
@@ -16,9 +16,14 @@ defmodule JOSE.JWE do
     * `"A256KW"`
     * `"dir"`
     * `"ECDH-ES"`
+    * `"ECDH-ES+A128GCMKW"`
+    * `"ECDH-ES+A192GCMKW"`
+    * `"ECDH-ES+A256GCMKW"`
     * `"ECDH-ES+A128KW"`
     * `"ECDH-ES+A192KW"`
     * `"ECDH-ES+A256KW"`
+    * `"ECDH-ES+C20PKW"`
+    * `"ECDH-ES+XC20PKW"`
     * `"PBES2-HS256+A128KW"`
     * `"PBES2-HS384+A192KW"`
     * `"PBES2-HS512+A256KW"`
@@ -36,7 +41,8 @@ defmodule JOSE.JWE do
     * `"A128GCM"`
     * `"A192GCM"`
     * `"A256GCM"`
-    * `"ChaCha20/Poly1305"`
+    * `"C20P"`
+    * `"XC20P"`
 
   ## Compression Algorithms
 
@@ -302,14 +308,19 @@ defmodule JOSE.JWE do
       iex> JOSE.JWE.block_decrypt(jwk_oct256, encrypted_a256gcm) |> elem(0)
       "{}"
 
-  ### ChaCha20/Poly1305
+  ### ChaCha20/Poly1305 and XChaCha20/Poly1305
 
-  This is highly experimental and based on [RFC 7539](https://tools.ietf.org/html/rfc7539).
+  This is experimental and based on [RFC 7539](https://tools.ietf.org/html/rfc7539) and [draft-amringer-jose-chacha](https://tools.ietf.org/html/draft-amringer-jose-chacha-01).
 
-      # ChaCha20/Poly1305
-      iex> encrypted_chacha20_poly1305 = JOSE.JWE.block_encrypt(jwk_oct256, "{}", %{ "alg" => "dir", "enc" => "ChaCha20/Poly1305" }) |> JOSE.JWE.compact |> elem(1)
-      "eyJhbGciOiJkaXIiLCJlbmMiOiJDaGFDaGEyMC9Qb2x5MTMwNSJ9..gunc-Xr1t1jqZX1l.8Yc.yi9qKB4ANjfQCPjgYwf-zQ"
-      iex> JOSE.JWE.block_decrypt(jwk_oct256, encrypted_chacha20_poly1305) |> elem(0)
+      # C20P
+      iex> encrypted_c20p = JOSE.JWE.block_encrypt(jwk_oct256, "{}", %{ "alg" => "dir", "enc" => "C20P" }) |> JOSE.JWE.compact |> elem(1)
+      "eyJhbGciOiJkaXIiLCJlbmMiOiJDMjBQIn0..W3qFkCKCEJz5H5jt.Hag.2TUFobBK_TYdtC2auoiiKA"
+      iex> JOSE.JWE.block_decrypt(jwk_oct256, encrypted_c20p) |> elem(0)
+      "{}"
+      # XC20P
+      iex> encrypted_xc20p = JOSE.JWE.block_encrypt(jwk_oct256, "{}", %{ "alg" => "dir", "enc" => "XC20P" }) |> JOSE.JWE.compact |> elem(1)
+      "eyJhbGciOiJkaXIiLCJlbmMiOiJYQzIwUCJ9..aMrioLxn-KO8Dyy8LcYD2mSNY7yPE_yf.Wxg.PJgIuI0ZADBE6Gi5-f7Tfg"
+      iex> JOSE.JWE.block_decrypt(jwk_oct256, encrypted_xc20p) |> elem(0)
       "{}"
 
   ## Compression Examples

diff --git a/src/jwa/jose_jwa.erl b/src/jwa/jose_jwa.erl
@@ -278,9 +278,14 @@ supports() ->
 		<<"ECDH-ES+A256KW">>,
 		{<<"ECDH-ES+C20PKW">>, ciphers, {chacha20_poly1305, 256}},
 		{<<"ECDH-ES+XC20PKW">>, ciphers, {xchacha20_poly1305, 256}},
+		{<<"PBES2-HS256+A128GCMKW">>, ciphers, {aes_gcm, 128}},
+		{<<"PBES2-HS384+A192GCMKW">>, ciphers, {aes_gcm, 192}},
+		{<<"PBES2-HS512+A256GCMKW">>, ciphers, {aes_gcm, 256}},
 		{<<"PBES2-HS256+A128KW">>, ciphers, {aes_ecb, 128}},
 		{<<"PBES2-HS384+A192KW">>, ciphers, {aes_ecb, 192}},
 		{<<"PBES2-HS512+A256KW">>, ciphers, {aes_ecb, 256}},
+		{<<"PBES2-HS512+C20PKW">>, ciphers, {chacha20_poly1305, 256}},
+		{<<"PBES2-HS512+XC20PKW">>, ciphers, {xchacha20_poly1305, 256}},
 		{<<"RSA1_5">>, rsa_crypt, rsa1_5},
 		{<<"RSA-OAEP">>, rsa_crypt, rsa_oaep},
 		{<<"RSA-OAEP-256">>, rsa_crypt, rsa_oaep_256},