Skip to content

Commit

Permalink
feat: removed sharedKey since it just caused confusion recipientKey s…
Browse files Browse the repository at this point in the history
…hould be used

BREAKING CHANGE
  • Loading branch information
beatt83 committed Dec 7, 2024
1 parent a263b8e commit 3a4d449
Show file tree
Hide file tree
Showing 17 changed files with 29 additions and 117 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,6 @@ struct AESJWEDecryptor: JWEDecryptor {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data {
guard let alg = getKeyAlgorithm(
Expand Down Expand Up @@ -87,7 +86,7 @@ struct AESJWEDecryptor: JWEDecryptor {
)
}

guard let kek = sharedKey ?? recipientKey else{
guard let kek = recipientKey else{
throw JWE.JWEError.missingKek
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ struct DirectJWEDecryptor: JWEDecryptor {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data {
guard let enc = getEncoding(
Expand Down Expand Up @@ -82,7 +81,7 @@ struct DirectJWEDecryptor: JWEDecryptor {
throw JWE.JWEError.missingContentAuthenticationTag
}

guard let cek = sharedKey?.key else {
guard let cek = recipientKey?.key else {
throw JWE.JWEError.missingCek
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ struct ECDH1PUJWEDecryptor: JWEDecryptor {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data {
guard let alg = getKeyAlgorithm(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ struct ECDHJWEDecryptor: JWEDecryptor {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data {
guard let alg = getKeyAlgorithm(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ public protocol JWEDecryptor: Sendable {
/// - additionalAuthenticationData: Additional authenticated data.
/// - senderKey: Optional sender's key.
/// - recipientKey: Optional recipient's key.
/// - sharedKey: Optional shared key.
/// - password: Optional password for key derivation.
/// - Returns: Decrypted data as `Data`.
/// - Throws: Encryption related errors.
Expand All @@ -53,7 +52,6 @@ public protocol JWEDecryptor: Sendable {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data
}
Expand All @@ -70,7 +68,6 @@ public protocol JWEMultiDecryptor: Sendable {
/// - authenticationTag: Authentication tag for verifying the integrity of the decrypted data.
/// - senderKey: Optional sender's key.
/// - recipientKey: Optional recipient's key.
/// - sharedKey: Optional shared key.
/// - additionalAuthenticationData: Additional authenticated data.
/// - tryAllRecipients: Flag to attempt decryption with all provided recipient keys.
/// - password: Optional password for key derivation.
Expand All @@ -86,7 +83,6 @@ public protocol JWEMultiDecryptor: Sendable {
authenticationTag: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
additionalAuthenticationData: Data?,
tryAllRecipients: Bool,
password: Data?,
Expand All @@ -109,7 +105,6 @@ public extension JWEDecryptor {
/// - additionalAuthenticationData: Additional authenticated data (optional).
/// - senderKey: Sender's key (optional).
/// - recipientKey: Recipient's key (optional).
/// - sharedKey: Shared key (optional).
/// - password: Password for key derivation (optional).
/// - Returns: Decrypted data as `Data`.
/// - Throws: Encryption related errors.
Expand All @@ -128,7 +123,6 @@ public extension JWEDecryptor {
additionalAuthenticationData: Data? = nil,
senderKey: JWK? = nil,
recipientKey: JWK? = nil,
sharedKey: JWK? = nil,
password: Data? = nil
) throws -> Data {
try self.decrypt(
Expand All @@ -142,7 +136,6 @@ public extension JWEDecryptor {
additionalAuthenticationData: additionalAuthenticationData,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey,
password: password
)
}
Expand All @@ -159,7 +152,6 @@ public extension JWEDecryptor {
/// - additionalAuthenticationData: Additional authenticated data (optional).
/// - senderKey: Sender's key (optional).
/// - recipientKey: Recipient's key (optional).
/// - sharedKey: Shared key (optional).
/// - password: Password for key derivation (optional).
/// - Returns: Decrypted data as `Data`.
/// - Throws: Encryption related errors.
Expand All @@ -176,7 +168,6 @@ public extension JWEDecryptor {
additionalAuthenticationData: Data? = nil,
senderKey: JWK? = nil,
recipientKey: JWK? = nil,
sharedKey: JWK? = nil,
password: Data? = nil
) throws -> Data {
let aad = try AAD.computeAAD(header: encodedProtectedHeader, aad: additionalAuthenticationData)
Expand All @@ -194,7 +185,6 @@ public extension JWEDecryptor {
additionalAuthenticationData: aad,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey,
password: password
)
}
Expand All @@ -213,7 +203,6 @@ public extension JWEMultiDecryptor {
/// - authenticationTag: Authentication tag (optional).
/// - senderKey: Sender's key (optional).
/// - recipientKey: Recipient's key (optional).
/// - sharedKey: Shared key (optional).
/// - additionalAuthenticationData: Additional authenticated data (optional).
/// - tryAllRecipients: Flag to attempt decryption with all provided recipient keys (optional).
/// - password: Password for key derivation (optional).
Expand All @@ -233,7 +222,6 @@ public extension JWEMultiDecryptor {
authenticationTag: Data? = nil,
senderKey: JWK? = nil,
recipientKey: JWK? = nil,
sharedKey: JWK? = nil,
additionalAuthenticationData: Data? = nil,
tryAllRecipients: Bool = false,
password: Data? = nil,
Expand All @@ -248,7 +236,6 @@ public extension JWEMultiDecryptor {
authenticationTag: authenticationTag,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey,
additionalAuthenticationData: additionalAuthenticationData,
tryAllRecipients: tryAllRecipients,
password: password,
Expand All @@ -266,7 +253,6 @@ public extension JWEMultiDecryptor {
/// - authenticationTag: Authentication tag (optional).
/// - senderKey: Sender's key (optional).
/// - recipientKey: Recipient's key (optional).
/// - sharedKey: Shared key (optional).
/// - additionalAuthenticationData: Additional authenticated data (optional).
/// - tryAllRecipients: Flag to attempt decryption with all provided recipient keys (optional).
/// - password: Password for key derivation (optional).
Expand All @@ -284,7 +270,6 @@ public extension JWEMultiDecryptor {
authenticationTag: Data? = nil,
senderKey: JWK? = nil,
recipientKey: JWK? = nil,
sharedKey: JWK? = nil,
additionalAuthenticationData: Data?,
tryAllRecipients: Bool = false,
password: Data? = nil,
Expand All @@ -302,7 +287,6 @@ public extension JWEMultiDecryptor {
authenticationTag: authenticationTag,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey,
additionalAuthenticationData: aad,
tryAllRecipients: tryAllRecipients,
password: password,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,15 +32,14 @@ struct MultiDecryptor: JWEMultiDecryptor {
authenticationTag: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
additionalAuthenticationData: Data?,
tryAllRecipients: Bool,
password: Data? = nil,
encryptionModule: JWEEncryptionModule
) throws -> Data {
let aad = try AAD.computeAAD(header: protectedHeader, aad: additionalAuthenticationData)

guard let key = recipientKey ?? sharedKey else {
guard let key = recipientKey else {
throw JWE.JWEError.missingRecipientKey
}

Expand All @@ -64,8 +63,7 @@ struct MultiDecryptor: JWEMultiDecryptor {
authenticationTag: authenticationTag,
additionalAuthenticationData: aad,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey
recipientKey: recipientKey
)) != nil
}

Expand All @@ -91,8 +89,7 @@ struct MultiDecryptor: JWEMultiDecryptor {
authenticationTag: authenticationTag,
additionalAuthenticationData: aad,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey
recipientKey: recipientKey
)
}

Expand Down Expand Up @@ -123,8 +120,7 @@ struct MultiDecryptor: JWEMultiDecryptor {
authenticationTag: authenticationTag,
additionalAuthenticationData: aad,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey
recipientKey: recipientKey
)
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ struct PasswordBasedJWEDecryptor: JWEDecryptor {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data {
guard let iterationCount = getSaltCount(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ struct RSAJWEDecryptor: JWEDecryptor {
additionalAuthenticationData: Data?,
senderKey: JWK?,
recipientKey: JWK?,
sharedKey: JWK?,
password: Data?
) throws -> Data {
guard let alg = getKeyAlgorithm(
Expand Down
12 changes: 0 additions & 12 deletions Sources/JSONWebEncryption/JWE+Decrypt.swift
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,12 @@ extension JWE {
/// - Parameters:
/// - senderKey: The sender's key, if applicable. Used in certain key agreement protocols.
/// - recipientKey: The recipient's key, if applicable. Typically used for asymmetric decryption.
/// - sharedKey: A shared key, if applicable. Used for symmetric decryption.
/// - password: An optional password for decryption algorithms that require it.
/// - Returns: The decrypted data as `Data`.
/// - Throws: `JWEError` for errors related to missing algorithms, keys, or failed decryption.
public func decrypt(
senderKey: KeyRepresentable? = nil,
recipientKey: KeyRepresentable? = nil,
sharedKey: KeyRepresentable? = nil,
password: Data? = nil
) throws -> Data {
guard let alg = getKeyAlgorithm(
Expand All @@ -84,7 +82,6 @@ extension JWE {
additionalAuthenticationData: additionalAuthenticatedData,
senderKey: senderKey.map { try prepareJWK(key: $0) },
recipientKey: recipientKey.map { try prepareJWK(key: $0) },
sharedKey: sharedKey.map { try prepareJWK(key: $0) },
password: password
)
}
Expand All @@ -101,22 +98,19 @@ extension JWE {
/// - compactString: The compact serialization string of the JWE.
/// - senderKey: The sender's key, if applicable.
/// - recipientKey: The recipient's key, if applicable.
/// - sharedKey: A shared key, if applicable.
/// - password: An optional password for decryption algorithms that require it.
/// - Returns: The decrypted data as `Data`.
/// - Throws: `JWEError` for errors related to parsing the compact string, missing algorithms, keys, or failed decryption.
public static func decrypt(
compactString: String,
senderKey: KeyRepresentable? = nil,
recipientKey: KeyRepresentable? = nil,
sharedKey: KeyRepresentable? = nil,
password: Data? = nil
) throws -> Data {
try JWE(compactString: compactString)
.decrypt(
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey,
password: password
)
}
Expand All @@ -133,7 +127,6 @@ extension JWE {
/// - jweJson: The JSON data representing the JWE.
/// - senderKey: The sender's key, if applicable.
/// - recipientKey: The recipient's key, if applicable.
/// - sharedKey: A shared key, if applicable.
/// - password: An optional password for decryption algorithms that require it.
/// - tryAllRecipients: A flag to try all recipient keys in the JSON data for decryption.
/// - Returns: The decrypted data as `Data`.
Expand All @@ -142,7 +135,6 @@ extension JWE {
jweJson: Data,
senderKey: KeyRepresentable? = nil,
recipientKey: KeyRepresentable? = nil,
sharedKey: KeyRepresentable? = nil,
password: Data? = nil,
tryAllRecipients: Bool = false
) throws -> Data {
Expand All @@ -151,7 +143,6 @@ extension JWE {
jweJson: jsonObj,
senderKey: senderKey,
recipientKey: recipientKey,
sharedKey: sharedKey,
password: password,
tryAllRecipients: tryAllRecipients
)
Expand All @@ -169,7 +160,6 @@ extension JWE {
/// - jweJson: The `JWEJson` object representing the JWE.
/// - senderKey: The sender's key, if applicable.
/// - recipientKey: The recipient's key, if applicable.
/// - sharedKey: A shared key, if applicable.
/// - password: An optional password for decryption algorithms that require it.
/// - tryAllRecipients: A flag to try all recipient keys in the `JWEJson` object for decryption.
/// - Returns: The decrypted data as `Data`.
Expand All @@ -182,7 +172,6 @@ extension JWE {
jweJson: JWEJson<P, U, R>,
senderKey: KeyRepresentable? = nil,
recipientKey: KeyRepresentable? = nil,
sharedKey: KeyRepresentable? = nil,
password: Data? = nil,
tryAllRecipients: Bool = false
) throws -> Data {
Expand All @@ -200,7 +189,6 @@ extension JWE {
authenticationTag: jweJson.authenticationTag,
senderKey: senderKey.map { try prepareJWK(key: $0) },
recipientKey: recipientKey.map { try prepareJWK(key: $0) },
sharedKey: sharedKey.map { try prepareJWK(key: $0) },
additionalAuthenticationData: aad,
tryAllRecipients: tryAllRecipients,
password: password
Expand Down
Loading

0 comments on commit 3a4d449

Please sign in to comment.