diff options
-rw-r--r-- | jwcrypto/jwe.py | 14 | ||||
-rw-r--r-- | jwcrypto/tests.py | 12 |
2 files changed, 24 insertions, 2 deletions
diff --git a/jwcrypto/jwe.py b/jwcrypto/jwe.py index eb48d94..978fc5e 100644 --- a/jwcrypto/jwe.py +++ b/jwcrypto/jwe.py @@ -440,6 +440,17 @@ class JWE(object): jh = self.merge_headers(jh, rh) return jh + def get_alg_enc_from_headers(self, jh): + algname = jh.get('alg', None) + if algname is None: + raise InvalidJWEData('Missing "alg" from headers') + alg = self._jwa(algname) + encname = jh.get('enc', None) + if encname is None: + raise InvalidJWEData('Missing "enc" from headers') + enc = self._jwa(encname) + return alg, enc + def add_recipient(self, key, header=None): """ Encrypt the provided payload with the given key. @@ -455,8 +466,7 @@ class JWE(object): raise ValueError('key is not a JWK object') jh = self.get_jose_header(header) - alg = self._jwa(jh.get('alg', None)) - enc = self._jwa(jh.get('enc', None)) + alg, enc = self.get_alg_enc_from_headers(jh) rec = dict() if header: diff --git a/jwcrypto/tests.py b/jwcrypto/tests.py index 40fbbbc..cff4f95 100644 --- a/jwcrypto/tests.py +++ b/jwcrypto/tests.py @@ -654,6 +654,18 @@ class ConformanceTests(unittest.TestCase): enc.add_recipient(jwk.JWK(kty='oct', k=base64url_encode('A'*16)), '{"alg":"A128KW","enc":"A128GCM"}') + def test_jwe_no_alg_in_jose_headers(self): + enc = jwe.JWE(plaintext='plain') + self.assertRaises(jwe.InvalidJWEData, enc.add_recipient, + jwk.JWK(kty='oct', k=base64url_encode('A'*16)), + '{"enc":"A128GCM"}') + + def test_jwe_no_enc_in_jose_headers(self): + enc = jwe.JWE(plaintext='plain') + self.assertRaises(jwe.InvalidJWEData, enc.add_recipient, + jwk.JWK(kty='oct', k=base64url_encode('A'*16)), + '{"alg":"A128KW"}') + def test_aes_128(self): enc = jwe.JWE(plaintext='plain') key128 = jwk.JWK(kty='oct', k=base64url_encode('A' * (128 / 8))) |