mirror of
https://github.com/danbulant/jose
synced 2026-05-24 20:41:46 +00:00
45 lines
1.2 KiB
JavaScript
45 lines
1.2 KiB
JavaScript
const isDisjoint = require('../help/is_disjoint')
|
|
const base64url = require('../help/base64url')
|
|
const { JWEInvalidHeader } = require('../errors')
|
|
|
|
module.exports = (prot, unprotected, recipients) => {
|
|
if (typeof prot === 'string') {
|
|
prot = base64url.JSON.decode(prot)
|
|
}
|
|
|
|
const alg = new Set()
|
|
const enc = new Set()
|
|
if (!isDisjoint(prot, unprotected) || !recipients.every(({ header }) => {
|
|
if (typeof header === 'object') {
|
|
alg.add(header.alg)
|
|
enc.add(header.enc)
|
|
}
|
|
return isDisjoint(header, prot) && isDisjoint(header, unprotected)
|
|
})) {
|
|
throw new JWEInvalidHeader('JWE Shared Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint')
|
|
}
|
|
|
|
if (typeof prot === 'object') {
|
|
alg.add(prot.alg)
|
|
enc.add(prot.enc)
|
|
}
|
|
if (typeof unprotected === 'object') {
|
|
alg.add(unprotected.alg)
|
|
enc.add(unprotected.enc)
|
|
}
|
|
|
|
alg.delete(undefined)
|
|
enc.delete(undefined)
|
|
|
|
if (enc.size !== 1) {
|
|
throw new JWEInvalidHeader('TODO: there should be just one enc')
|
|
}
|
|
|
|
if (recipients.length !== 1) {
|
|
if (alg.has('dir') || alg.has('ECDH-ES')) {
|
|
throw new JWEInvalidHeader('dir and ECDH-ES alg may only be used with a single recipient')
|
|
}
|
|
}
|
|
|
|
return [...enc][0]
|
|
}
|