Merge pull request #12 from talha-API/main

Adding support for A128/192GCM decryption

Author: danny-gallagher

lib/mcapi/encryption/crypto/jwe-crypto.rb

@@ -84,6 +84,10 @@ def decrypt_data(encrypted_data:)
 
         if enc_method == "A256GCM"
           enc_string = "aes-256-gcm"
+        elsif enc_method == "A128GCM"
+          enc_string = "aes-128-gcm"
+        elsif enc_method == "A192GCM"
+          enc_string = "aes-192-gcm"
         elsif enc_method == "A128CBC-HS256"
           cek = cek.byteslice(16, cek.length)
           enc_string = "aes-128-cbc"
@@ -98,6 +102,12 @@ def decrypt_data(encrypted_data:)
         if enc_method == "A256GCM"
           cipher.auth_data = encrypted_header
           cipher.auth_tag = cipher_tag
+        elsif enc_method == "A128GCM"
+          cipher.auth_data = encrypted_header
+          cipher.auth_tag = cipher_tag
+        elsif enc_method == "A192GCM"
+          cipher.auth_data = encrypted_header
+          cipher.auth_tag = cipher_tag
         end
 
         cipher.update(cipher_text) + cipher.final

test/mock/jwe-response-a128gcm.json

@@ -0,0 +1,8 @@
+{
+    "request": {
+      "url": "/resource"
+    },
+    "body": {
+      "encrypted_data":"eyJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.WtvYljbsjdEv-Ttxx1p6PgyIrOsLpj1FMF9NQNhJUAHlKchAo5QImgEgIdgJE7HC2KfpNcHiQVqKKZq_y201FVzpicDkNzlPJr5kIH4Lq-oC5iP0agWeou9yK5vIxFRP__F_B8HSuojBJ3gDYT_KdYffUIHkm_UysNj4PW2RIRlafJ6RKYanVzk74EoKZRG7MIr3pTU6LIkeQUW41qYG8hz6DbGBOh79Nkmq7Oceg0ZwCn1_MruerP-b15SGFkuvOshStT5JJp7OOq82gNAOkMl4fylEj2-vADjP7VSK8GlqrA7u9Tn-a4Q28oy0GOKr1Z-HJgn_CElknwkUTYsWbg.PKl6_kvZ4_4MjmjW.AH6pGFkn7J49hBQcwg.zdyD73TcuveImOy4CRnVpw"
+    }
+  }

test/mock/jwe-response-a192gcm.json

@@ -0,0 +1,8 @@
+{
+    "request": {
+      "url": "/resource"
+    },
+    "body": {
+      "encrypted_data":"eyJlbmMiOiJBMTkyR0NNIiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.FWC8PVaZoR2TRKwKO4syhSJReezVIvtkxU_yKh4qODNvlVr8t8ttvySJ-AjM8xdI6vNyIg9jBMWASG4cE49jT9FYuQ72fP4R-Td4vX8wpB8GonQj40yLqZyfRLDrMgPR20RcQDW2ThzLXsgI55B5l5fpwQ9Nhmx8irGifrFWOcJ_k1dUSBdlsHsYxkjRKMENu5x4H6h12gGZ21aZSPtwAj9msMYnKLdiUbdGmGG_P8a6gPzc9ih20McxZk8fHzXKujjukr_1p5OO4o1N4d3qa-YI8Sns2fPtf7xPHnwi1wipmCC6ThFLU80r3173RXcpyZkF8Y3UacOS9y1f8eUfVQ.JRE7kZLN4Im1Rtdb.eW_lJ-U330n0QHqZnQ._r5xYVvMCrvICwLz4chjdw"
+    }
+  }

test/mock/jwe-response-gcm.json test/mock/jwe-response-a256gcm.jsontest/mock/jwe-response-gcm.json renamed to test/mock/jwe-response-a256gcm.json

@@ -85,13 +85,29 @@ def test_decrypt_field_level
     assert !decrypted['body']['encrypted_payload']
   end
 
-  def test_decrypt_gcm
-    resp = File.read('./test/mock/jwe-response-gcm.json')
+  def test_decrypt_a256gcm
+    resp = File.read('./test/mock/jwe-response-a256gcm.json')
     jwe = McAPI::Encryption::JweEncryption.new(@test_config)
     decrypted = JSON.parse(jwe.decrypt(resp))
     assert_equal decrypted['body']['mapping']['customer_identifier'], 'CUST_12345'
     assert !decrypted['body']['encrypted_data']
   end
+  
+  def test_decrypt_a128gcm
+    resp = File.read('./test/mock/jwe-response-a128gcm.json')
+    jwe = McAPI::Encryption::JweEncryption.new(@test_config)
+    decrypted = JSON.parse(jwe.decrypt(resp))
+    assert_equal decrypted['body']['foo'], 'bar'
+    assert !decrypted['body']['encrypted_data']
+  end
+
+  def test_decrypt_a192gcm
+    resp = File.read('./test/mock/jwe-response-a192gcm.json')
+    jwe = McAPI::Encryption::JweEncryption.new(@test_config)
+    decrypted = JSON.parse(jwe.decrypt(resp))
+    assert_equal decrypted['body']['foo'], 'bar'
+    assert !decrypted['body']['encrypted_data']
+  end
 
   def test_decrypt_cbc
     resp = File.read('./test/mock/jwe-response-cbc.json')