public void EncryptDecrypt_ModeGeneralJsonRoundTripMultipleRecipients_ValidRecipientsCanDecrypt(object decryptKey)
{
//given
byte[] payload = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 };
var recipients = new Recipient[]
{
recipientAes256KW1,
recipientAes256KW2,
recipientRsa1,
};
var sharedProtectedHeaders = new Dictionary <string, object>
{
{ "cty", "application/octet-string" },
};
//when
var jwe = JWE.Encrypt(
plaintext: payload,
recipients: recipients,
JweEncryption.A256GCM,
mode: SerializationMode.Json,
extraHeaders: sharedProtectedHeaders);
var decrypted = JWE.Decrypt(jwe, decryptKey);
//then
Assert.Equal(payload, decrypted.Plaintext);
}
public void Decrypt_MultipleRecipients_MismatchEncOrAlgThrows(JweEncryption expectedJweEnc, JweAlgorithm expectedJweAlg, string expectedMessage)
{
//given
byte[] payload = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 };
var recipients = new Recipient[]
{
recipientAes256KW1,
recipientAes256KW2,
recipientRsa1,
};
var sharedProtectedHeaders = new Dictionary <string, object>
{
{ "cty", "application/octet-string" },
};
var jwe = JWE.Encrypt(
plaintext: payload,
recipients: recipients,
JweEncryption.A256GCM,
mode: SerializationMode.Json,
extraHeaders: sharedProtectedHeaders);
//when
var exception = Record.Exception(() => JWE.Decrypt(jwe, aes256KWKey2, expectedJweAlg, expectedJweEnc));
//then
Assert.IsType <InvalidAlgorithmException>(exception);
Assert.Equal(expectedMessage, exception.Message);
}
public void Encrypt_ModeJsonOneRecipientWithEmptyBytesA128KW_A128CBC_HS256_ExpectedResults()
{
//given
byte[] plaintext = { };
//when
var jwe = JWE.Encrypt(
plaintext: plaintext,
recipients: new Recipient[] { recipientAes128KW },
JweEncryption.A128CBC_HS256,
mode: SerializationMode.Json);
//then
Console.Out.WriteLine("Empty bytes A128KW_A128CBC_HS256 (Flattened Json Serialization) = {0}", jwe);
#if NETCOREAPP
JObject deserialized = JObject.Parse(jwe);
Assert.Equal("{\"enc\":\"A128CBC-HS256\"}",
UTF8Encoding.UTF8.GetString(Base64Url.Decode((string)deserialized["protected"])));
Assert.True(deserialized["header"] is JObject);
Assert.Equal("{\"alg\":\"A128KW\"}", deserialized["header"].ToString(Newtonsoft.Json.Formatting.None));
Assert.Equal("A128KW", deserialized["header"]["alg"]);
Assert.Equal(54, ((string)deserialized["encrypted_key"]).Length); //CEK size
Assert.Equal(22, ((string)deserialized["iv"]).Length); //IV size
Assert.Equal(22, ((string)deserialized["ciphertext"]).Length); //cipher text size
Assert.Equal(22, ((string)deserialized["tag"]).Length); //auth tag size
Assert.Equal(new byte[0], JWE.Decrypt(jwe, aes128KWKey).Plaintext);
#else
throw new NotImplementedException("Test not currently implemented on net461");
#endif
}
public void EncryptDecrypt_RoundTripOneRecipient_PlaintextSurvives(SerializationMode mode)
{
//given
byte[] payload = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 };
var recipients = new Recipient[]
{
recipientAes256KW1,
};
var sharedProtectedHeaders = new Dictionary <string, object>
{
{ "cty", "application/octet-string" },
};
//when
var jwe = JWE.Encrypt(
plaintext: payload,
recipients: recipients,
JweEncryption.A256GCM,
mode: mode,
extraHeaders: sharedProtectedHeaders);
var decrypted = JWE.Decrypt(jwe, aes256KWKey1);
//then
Assert.Equal(payload, decrypted.Plaintext);
}
public void Encrypt_ModeCompactWithEmptyBytesA128KW_A128CBC_HS256_ExpectedResults()
{
//given
byte[] plaintext = { };
//when
var jwe = JWE.Encrypt(
plaintext: plaintext,
recipients: new Recipient[] { recipientAes128KW },
JweEncryption.A128CBC_HS256);
//then
Console.Out.WriteLine("Empty bytes A128KW_A128CBC_HS256 = {0}", jwe);
string[] parts = jwe.Split('.');
Assert.Equal(5, parts.Length); //Make sure 5 parts
Assert.Equal("{\"alg\":\"A128KW\",\"enc\":\"A128CBC-HS256\"}",
UTF8Encoding.UTF8.GetString(Base64Url.Decode(parts[0])));
Assert.Equal("eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0", parts[0]); //Header is non-encrypted and static text
Assert.Equal(54, parts[1].Length); //CEK size
Assert.Equal(22, parts[2].Length); //IV size
Assert.Equal(22, parts[3].Length); //cipher text size
Assert.Equal(22, parts[4].Length); //auth tag size
Assert.Equal(new byte[0], JWE.Decrypt(jwe, aes128KWKey).Plaintext);
}
public void Decrypt_NoMatchingRecipient_Throws()
{
//given
byte[] payload = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 };
var recipients = new Recipient[]
{
recipientAes256KW1,
recipientAes256KW2,
};
var sharedProtectedHeaders = new Dictionary <string, object>
{
{ "cty", "application/octet-string" },
};
var jwe = JWE.Encrypt(
plaintext: payload,
recipients: recipients,
JweEncryption.A256GCM,
mode: SerializationMode.Json,
extraHeaders: sharedProtectedHeaders);
//when
var exception = Record.Exception(() => { JWE.Decrypt(jwe, aes256KWKey3); });
//then
Assert.IsType <IntegrityException>(exception);
Assert.Equal("AesKeyWrap integrity check failed.", exception.Message);
}
public void Encrypt_ModeJsonTwoRecipientsWithEmptyBytesA128KW_A128CBC_HS256_ExpectedResults()
{
//given
byte[] plaintext = { };
//when
var jwe = JWE.Encrypt(
plaintext: plaintext,
recipients: new Recipient[] { recipientAes128KW, recipientAes128KW },
JweEncryption.A128CBC_HS256,
mode: SerializationMode.Json);
//then
Console.Out.WriteLine("Empty bytes A128KW_A128CBC_HS256 (General Json Serialization) = {0}", jwe);
JObject deserialized = JObject.Parse(jwe);
Assert.Equal("{\"enc\":\"A128CBC-HS256\"}",
UTF8Encoding.UTF8.GetString(Base64Url.Decode((string)deserialized["protected"])));
Assert.True(deserialized["recipients"] is JArray);
Assert.Equal(2, ((JArray)deserialized["recipients"]).Count);
var recipient0 = ((JArray)deserialized["recipients"])[0];
Assert.True(recipient0["header"] is JObject);
Assert.Equal("{\"alg\":\"A128KW\"}", recipient0["header"].ToString(Newtonsoft.Json.Formatting.None));
Assert.Equal("A128KW", recipient0["header"]["alg"]);
Assert.Equal(54, ((string)recipient0["encrypted_key"]).Length); //CEK size
Assert.Equal(22, ((string)deserialized["iv"]).Length); //IV size
Assert.Equal(22, ((string)deserialized["ciphertext"]).Length); //cipher text size
Assert.Equal(22, ((string)deserialized["tag"]).Length); //auth tag size
Assert.Equal(new byte[0], JWE.Decrypt(jwe, aes128KWKey).Plaintext);
}
public void Decrypt_WithAdditionalAuthenticatedDataTampered_Throws()
{
//given
var key = GetLegacyKeyObjectFromJwk(new JsonWebKey(Rfc7520_5_8_1_Figure151_ExampleJwk));
var tamperedJwe = Rfc7520_5_10_ExampleJwe.Replace("aad\": \"W", "aad\": \"V");
//when
var exception = Record.Exception(() => JWE.Decrypt(tamperedJwe, key));
//then
Assert.IsType <EncryptionException>(exception);
Assert.Equal("Unable to decrypt content or authentication tag do not match.", exception.Message);
}
public void EncryptDecrypt_WithAdditionalAuthenticatedData_RoundtripOk()
{
//given
var key = GetLegacyKeyObjectFromJwk(new JsonWebKey(Rfc7520_5_8_1_Figure151_ExampleJwk));
var plaintext = Rfc7520_Figure72_ExamplePlaintext;
//when
var jwe = JWE.Encrypt(
UTF8Encoding.UTF8.GetBytes(Rfc7520_Figure72_ExamplePlaintext),
new Recipient[] { new Recipient(JweAlgorithm.A128KW, key) },
JweEncryption.A128CBC_HS256,
mode: SerializationMode.Json);
//then
var decrypted = JWE.Decrypt(jwe, key);
Assert.Equal(plaintext, UTF8Encoding.UTF8.GetString(decrypted.Plaintext));
}
public void Decrypt_Rfc7516AppendixA23DecryptWithFirstRecipient_ExpectedResults()
{
//given
var key = GetLegacyKeyObjectFromJwk(new JsonWebKey(Rfc7516_A_2_3_ExampleJwk));
//when
var decrypted = JWE.Decrypt(Rfc7516_A_4_7_ExampleJwe, key);
//then
Assert.Equal("Live long and prosper.", UTF8Encoding.UTF8.GetString(decrypted.Plaintext));
Assert.Equal(4, decrypted.JoseHeaders.Count);
Assert.Equal("RSA1_5", decrypted.JoseHeaders["alg"]);
Assert.Equal("2011-04-29", decrypted.JoseHeaders["kid"]);
Assert.Equal("A128CBC-HS256", decrypted.JoseHeaders["enc"]);
Assert.Equal("https://server.example.com/keys.jwks", decrypted.JoseHeaders["jku"]);
}
public void Decrypt_WithAdditionalAuthenticatedDataOk_ReturnsExpectedResults()
{
//given
var jwk = new JsonWebKey(Rfc7520_5_8_1_Figure151_ExampleJwk);
var key = GetLegacyKeyObjectFromJwk(jwk);
var kid = jwk.Kid;
//when
var decrypted = JWE.Decrypt(Rfc7520_5_10_ExampleJwe, key);
//then
Assert.Equal(Rfc7520_Figure72_ExamplePlaintext, UTF8Encoding.UTF8.GetString(decrypted.Plaintext));
Assert.Equal(3, decrypted.JoseHeaders.Count);
Assert.Equal(jwk.Alg, decrypted.JoseHeaders["alg"]);
Assert.Equal(jwk.Kid, decrypted.JoseHeaders["kid"]);
Assert.Equal("A128GCM", decrypted.JoseHeaders["enc"]);
Assert.Equal(Rfc7520_5_10_1_ExampleAadString, UTF8Encoding.UTF8.GetString(decrypted.Aad));
}