Update documentation with new functionalities

babelouest · Sep 17, 2021 · d7e93ba · d7e93ba
1 parent 9610f24
commit d7e93ba
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 44 deletions.
diff --git a/API.md b/API.md
@@ -872,33 +872,32 @@ You can specify the ephemeral key to use though, by setting an encryption key to
 Example with a specified ephemeral key:
 
 ```C
-#define PAYLOAD "The true sign of intelligence is not knowledge but imagination..."
-
+const unsigned char payload[] = "The true sign of intelligence is not knowledge but imagination...";
 // This is the ephemeral key
 const char eph[] = " {\"kty\":\"EC\",\"crv\":\"P-256\",\"x\":\"gI0GAILBdu7T53akrFmMyGcsF3n5dO7MmwNBHKW5SV0\","
 "\"y\":\"SLW_xSffzlPWrHEVI30DHM_4egVwt3NQqeUD7nMFpps\",\"d\":\"0_NxaRPUMQoAJt50Gz8YiTr8gRTwyEaCumd-MToTmIo\"}",
 bob[] = "{\"kty\":\"EC\",\"crv\":\"P-256\",\"x\":\"weNJy2HscCSM6AEDTDg04biOvhFhyyWvOHQfeF_PxMQ\","
 "\"y\":\"e8lnCO-AlStT-NJVX-crhB7QRYhiix03illJOVAOyck\"}"; // This is the public key
-jwk_t * jwk_eph, * jwk_bob;
-jwe_t * jwe;
+jwk_t * jwk_eph = NULL, * jwk_bob = NULL;
+jwe_t * jwe = NULL;
 char * token;
 
-r_jwk_init(&jwk_eph);
-r_jwk_init(&jwk_bob);
+jwk_eph = r_jwk_quick_import(R_IMPORT_JSON_STR, eph);
+jwk_bob = r_jwk_quick_import(R_IMPORT_JSON_STR, bob);
+
 r_jwe_init(&jwe);
-r_jwk_import_from_json_str(jwk_eph, eph);
-r_jwk_import_from_json_str(jwk_bob, bob);
-r_jwe_set_payload(jwe, (const unsigned char *)PAYLOAD, o_strlen(PAYLOAD));
+r_jwe_set_payload(jwe, payload, sizeof(payload));
 
 r_jwe_add_keys(jwe, jwk_eph, jwk_bob); // Add both public and ephemeral keys here
 
-r_jwe_set_alg(jwe, R_JWA_ALG_ECDH_ES);
+r_jwe_set_alg(jwe, R_JWA_ALG_ECDH_ES_A128KW);
 r_jwe_set_enc(jwe, R_JWA_ENC_A128GCM);
 r_jwe_set_header_str_value(jwe, "apu", "QWxpY2U");
 r_jwe_set_header_str_value(jwe, "apv", "Qm9i");
 
-token = r_jwe_serialize(jwe, NULL, 0);
+token = r_jwe_serialize(jwe, NULL, 0); // token will contain the compact representation of the serialized token, e.g. eyJhcHUiOiJRV3hwWTJVIiwiYXB2IjoiUW0[...]
 
+r_free(token);
 r_jwk_free(jwk_eph);
 r_jwk_free(jwk_bob);
 r_jwe_free(jwe);

diff --git a/README.md b/README.md
@@ -112,49 +112,45 @@ Example program to parse and verify the signature of a JWT using its public key
 #include <rhonabwy.h>
 
 int main(void) {
-  const char token[] = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjEifQ."
-  "eyJzdHIiOiJwbG9wIiwiaW50Ijo0Miwib2JqIjp0cnVlfQ."
-  "ooXNEt3JWFGMuvkGUM-szUOU1QTu4DvyC3qQP64UGeeJQuMGupBCVATnGkiqNLiPSJ9uBsjZbyUrWe8z7Iag_A";
-
-  const char jwk_pubkey_ecdsa_str[] = "{\"kty\":\"EC\",\"crv\":\"P-256\",\"x\":\"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4\","\
-                                      "\"y\":\"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM\",\"use\":\"enc\",\"kid\":\"1\",\"alg\":\"ES256\"}";
-
+  const char token[] = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjEifQ."                                     // Header
+                       "eyJzdHIiOiJwbG9wIiwiaW50Ijo0Miwib2JqIjp0cnVlfQ."                                         // Claims
+                       "ooXNEt3JWFGMuvkGUM-szUOU1QTu4DvyC3qQP64UGeeJQuMGupBCVATnGkiqNLiPSJ9uBsjZbyUrWe8z7Iag_A"; // Signature
+
+  const char jwk_pubkey_ecdsa_str[] = "{"
+                                        "\"kty\":\"EC\","
+                                        "\"crv\":\"P-256\","
+                                        "\"alg\":\"ES256\","
+                                        "\"x\":\"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4\","
+                                        "\"y\":\"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM\","
+                                        "\"kid\":\"1\","
+                                        "\"use\":\"sig\""
+                                      "}";
+
   unsigned char output[2048];
   size_t output_len = 2048;
-  jwk_t * jwk;
-  jwt_t * jwt;
+  jwk_t * jwk = NULL;
+  jwt_t * jwt = NULL;
   char * claims;
 
-  if (r_jwk_init(&jwk) == RHN_OK) {
-    if (r_jwt_init(&jwt) == RHN_OK) {
-      if (r_jwk_import_from_json_str(jwk, jwk_pubkey_ecdsa_str) == RHN_OK) {
-        if (r_jwk_export_to_pem_der(jwk, R_FORMAT_PEM, output, &output_len, 0) == RHN_OK) {
-          printf("Exported key:\n%.*s\n", (int)output_len, output);
-          if (r_jwt_parse(jwt, token, 0) == RHN_OK) {
-            if (r_jwt_verify_signature(jwt, jwk, 0) == RHN_OK) {
-              claims = r_jwt_get_full_claims_str(jwt);
-              printf("Verified payload:\n%s\n", claims);
-              r_free(claims);
-            } else {
-              fprintf(stderr, "Error r_jwt_verify_signature\n");
-            }
-          } else {
-            fprintf(stderr, "Error r_jwt_parse\n");
-          }
-        } else {
-          fprintf(stderr, "Error r_jwk_export_to_pem_der\n");
-        }
+  if ((jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_pubkey_ecdsa_str)) != NULL && (jwt = r_jwt_quick_parse(token, R_PARSE_NONE, 0)) != NULL) {
+    if (r_jwk_export_to_pem_der(jwk, R_FORMAT_PEM, output, &output_len, 0) == RHN_OK) {
+      printf("Exported key:\n%.*s\n", (int)output_len, output);
+      if (r_jwt_verify_signature(jwt, jwk, 0) == RHN_OK) {
+        claims = r_jwt_get_full_claims_str(jwt);
+        printf("Verified payload:\n%s\n", claims);
+        r_free(claims);
       } else {
-        fprintf(stderr, "Error r_jwk_import_from_json_str\n");
+        fprintf(stderr, "Error r_jwt_verify_signature\n");
       }
-      r_jwt_free(jwt);
     } else {
-      fprintf(stderr, "Error r_jwt_init\n");
+      fprintf(stderr, "Error r_jwk_export_to_pem_der\n");
     }
-    r_jwk_free(jwk);
   } else {
-    fprintf(stderr, "Error r_jwk_init\n");
+    fprintf(stderr, "Error parsing\n");
   }
+  r_jwk_free(jwk);
+  r_jwt_free(jwt);
+
   return 0;
 }
 ```