Support HS384 and HS512

Closes #4

Author: kylef

JWT/JWT.swift

@@ -11,6 +11,12 @@ public enum Algorithm : Printable {
   /// HMAC using SHA-256 hash algorithm
   case HS256(String)
 
+  /// HMAC using SHA-384 hash algorithm
+  case HS384(String)
+
+  /// HMAC using SHA-512 hash algorithm
+  case HS512(String)
+
   static func algorithm(name:String, key:String?) -> Algorithm? {
     if name == "none" {
       if let key = key {
@@ -20,6 +26,10 @@ public enum Algorithm : Printable {
     } else if let key = key {
       if name == "HS256" {
         return .HS256(key)
+      } else if name == "HS384" {
+        return .HS384(key)
+      } else if name == "HS512" {
+        return .HS512(key)
       }
     }
 
@@ -32,21 +42,35 @@ public enum Algorithm : Printable {
       return "none"
     case .HS256(let key):
       return "HS256"
+    case .HS384(let key):
+      return "HS384"
+    case .HS512(let key):
+      return "HS512"
     }
   }
 
   /// Sign a message using the algorithm
   func sign(message:String) -> String {
+    func signHS(key:String, variant:CryptoSwift.HMAC.Variant) -> String {
+      let keyData = key.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
+      let messageData = message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
+      let mac = Authenticator.HMAC(key: keyData.arrayOfBytes(), variant:variant)
+      let result = mac.authenticate(messageData.arrayOfBytes())!
+      return base64encode(NSData.withBytes(result))
+    }
+
     switch self {
     case .None:
       return ""
 
     case .HS256(let key):
-      let keyData = key.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
-      let messageData = message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
-      let mac = Authenticator.HMAC(key: keyData.arrayOfBytes(), variant:.sha256)
-      let result = mac.authenticate(messageData.arrayOfBytes())!
-      return base64encode(NSData.withBytes(result))
+      return signHS(key, .sha256)
+
+    case .HS384(let key):
+      return signHS(key, .sha384)
+
+    case .HS512(let key):
+      return signHS(key, .sha512)
     }
   }
 

JWTTests/JWTTests.swift

@@ -217,6 +217,20 @@ class JWTDecodeTests : XCTestCase {
     let jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.2_8pWJfyPup0YwOXK7g9Dn0cF1E3pdn299t4hSeJy5w."
     assertFailure(decode(jwt, [.HS256("anothersecret"), .HS256("secret")]))
   }
+
+  func testHS384Algorithm() {
+    let jwt = "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.lddiriKLoo42qXduMhCTKZ5Lo3njXxOC92uXyvbLyYKzbq4CVVQOb3MpDwnI19u4"
+    assertSuccess(decode(jwt, .HS384("secret"))) { payload in
+      XCTAssertEqual(payload as NSDictionary, ["some": "payload"])
+    }
+  }
+
+  func testHS512Algorithm() {
+    let jwt = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.WTzLzFO079PduJiFIyzrOah54YaM8qoxH9fLMQoQhKtw3_fMGjImIOokijDkXVbyfBqhMo2GCNu4w9v7UXvnpA"
+    assertSuccess(decode(jwt, .HS512("secret"))) { payload in
+      XCTAssertEqual(payload as NSDictionary, ["some": "payload"])
+    }
+  }
 }
 
 // MARK: Helpers

README.md

@@ -64,15 +64,8 @@ This library supports the following algorithms:
 
 - None - Unsecured JWTs
 - HS256 - HMAC using SHA-256 hash algorithm (default)
-
-#### Additional Algorithms
-
-Support for HS384 and HS512 can be found in the `algorithms-hs` branch which depends on an unreleased version of CryptoSwift. It can be installed via:
-
-```ruby
-pod 'JSONWebToken', :git => 'https://github.com/kylef/JSONWebToken.swift.git', :branch => 'algorithms-hs'
-pod 'CryptoSwift', :head
-```
+- HS384 - HMAC using SHA-384 hash algorithm
+- HS512 - HMAC using SHA-384 hash algorithm
 
 ## License