[Algorithms] Support HS384 and HS512

Author: kylef

JWT/JWT.swift

@@ -11,6 +11,12 @@ public enum Algorithm : Printable {
   /// HMAC using SHA-256 hash algorithm
   case HS256(String)
 
+  /// HMAC using SHA-384 hash algorithm
+  case HS384(String)
+
+  /// HMAC using SHA-512 hash algorithm
+  case HS512(String)
+
   static func algorithm(name:String, key:String?) -> Algorithm? {
     if name == "none" {
       if let key = key {
@@ -20,6 +26,10 @@ public enum Algorithm : Printable {
     } else if let key = key {
       if name == "HS256" {
         return .HS256(key)
+      } else if name == "HS384" {
+        return .HS384(key)
+      } else if name == "HS512" {
+        return .HS512(key)
       }
     }
 
@@ -32,6 +42,10 @@ public enum Algorithm : Printable {
       return "none"
     case .HS256(let key):
       return "HS256"
+    case .HS384(let key):
+        return "HS384"
+    case .HS512(let key):
+        return "HS512"
     }
   }
 
@@ -45,6 +59,17 @@ public enum Algorithm : Printable {
       let mac = Authenticator.HMAC(key: key.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!, variant:.sha256)
       let result = mac.authenticate(message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!)!
       return base64encode(result)
+
+    case .HS384(let key):
+        let mac = Authenticator.HMAC(key: key.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!, variant:.sha384)
+        let result = mac.authenticate(message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!)!
+        return base64encode(result)
+
+    case .HS512(let key):
+        let mac = Authenticator.HMAC(key: key.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!, variant:.sha512)
+        let result = mac.authenticate(message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!)!
+        return base64encode(result)
+
     }
   }
 

JWTTests/JWTTests.swift

@@ -216,6 +216,19 @@ class JWTDecodeTests : XCTestCase {
   func testMatchesAnyAlgorithm() {
     let jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.2_8pWJfyPup0YwOXK7g9Dn0cF1E3pdn299t4hSeJy5w."
     assertFailure(decode(jwt, [.HS256("anothersecret"), .HS256("secret")]))
+
+  func testHS384Algorithm() {
+    let jwt = "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.lddiriKLoo42qXduMhCTKZ5Lo3njXxOC92uXyvbLyYKzbq4CVVQOb3MpDwnI19u4"
+    assertSuccess(decode(jwt, .HS384("secret"))) { payload in
+      XCTAssertEqual(payload as NSDictionary, ["some": "payload"])
+    }
+  }
+
+  func testHS512Algorithm() {
+    let jwt = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.WTzLzFO079PduJiFIyzrOah54YaM8qoxH9fLMQoQhKtw3_fMGjImIOokijDkXVbyfBqhMo2GCNu4w9v7UXvnpA"
+    assertSuccess(decode(jwt, .HS512("secret"))) { payload in
+      XCTAssertEqual(payload as NSDictionary, ["some": "payload"])
+    }
   }
 }
 

Podfile

@@ -2,10 +2,10 @@ platform :osx, '10.9'
 use_frameworks!
 
 target 'JWT' do
-  podspec
+  pod 'CryptoSwift', :head
 end
 
 target 'JWTTests' do
-  podspec
+  pod 'CryptoSwift', :head
 end
 

Podfile.lock

@@ -1,8 +1,8 @@
 PODS:
-  - CryptoSwift (0.0.8)
+  - CryptoSwift (HEAD based on 0.0.8)
 
 DEPENDENCIES:
-  - CryptoSwift (~> 0.0.8)
+  - CryptoSwift (HEAD)
 
 SPEC CHECKSUMS:
   CryptoSwift: 6d1b93af5b48e02e57366bfad28b00170af405ee

README.md

@@ -64,6 +64,8 @@ This library supports the following algorithms:
 
 - None - Unsecured JWTs
 - HS256 - HMAC using SHA-256 hash algorithm (default)
+- HS384 - HMAC using SHA-384 hash algorithm
+- HS512 - HMAC using SHA-512 hash algorithm
 
 #### Additional Algorithms