Add JWT Verify, Decode and Sign

package.json

@@ -99,6 +99,7 @@
     "jsbn": "^1.1.0",
     "jsesc": "^2.5.1",
     "jsonpath": "^1.0.0",
+    "jsonwebtoken": "^8.3.0",
     "jsrsasign": "8.0.12",
     "kbpgp": "^2.0.77",
     "lodash": "^4.17.10",

src/core/config/Categories.json

@@ -89,7 +89,10 @@
             "Derive EVP key",
             "Bcrypt",
             "Scrypt",
-            "Pseudo-Random Number Generator"
+            "Pseudo-Random Number Generator",
+            "JWT Sign",
+            "JWT Verify",
+            "JWT Decode"
         ]
     },
     {

src/core/operations/JWTDecode.mjs

@@ -0,0 +1,46 @@
+/**
+ * @author gchq77703 []
+ * @copyright Crown Copyright 2018
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import jwt from "jsonwebtoken";
+
+/**
+ * JWT Decode operation
+ */
+class JWTDecode extends Operation {
+
+    /**
+     * JWTDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "JWT Decode";
+        this.module = "Crypto";
+        this.description = "Decodes a JSON Web Token without checking whether the provided secret / private key is valid.";
+        this.infoURL = "https://jwt.io";
+        this.inputType = "string";
+        this.outputType = "JSON";
+        this.args = [
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {JSON}
+     */
+    run(input, args) {
+        try {
+            return jwt.decode(input);
+        } catch (err) {
+            return err;
+        }
+    }
+
+}
+
+export default JWTDecode;

src/core/operations/JWTSign.mjs

@@ -0,0 +1,94 @@
+/**
+ * @author gchq77703 []
+ * @copyright Crown Copyright 2018
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import jwt from "jsonwebtoken";
+
+/**
+ * JWT Sign operation
+ */
+class JWTSign extends Operation {
+
+    /**
+     * JWTSign constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "JWT Sign";
+        this.module = "Crypto";
+        this.description = "Signs a JSON object as a JSON Web Token using a provided secret / private key.";
+        this.infoURL = "https://jwt.io/";
+        this.inputType = "JSON";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Private / Secret Key",
+                type: "shortString",
+                value: "secret_cat"
+            },
+            {
+                name: "Signing Algorithm",
+                type: "populateOption",
+                value: [
+                    {
+                        name: "HS256",
+                        value: "HS256"
+                    },
+                    {
+                        name: "HS384",
+                        value: "HS384",
+                    },
+                    {
+                        name: "HS512",
+                        value: "HS512",
+                    },
+                    {
+                        name: "RS256",
+                        value: "RS256",
+                    },
+                    {
+                        name: "RS384",
+                        value: "RS384",
+                    },
+                    {
+                        name: "RS512",
+                        value: "RS512",
+                    },
+                    {
+                        name: "ES256",
+                        value: "ES256",
+                    },
+                    {
+                        name: "ES384",
+                        value: "ES384",
+                    },
+                    {
+                        name: "ES512",
+                        value: "ES512",
+                    },
+                    {
+                        name: "None",
+                        value: "none",
+                    },
+                ]
+            }
+        ];
+    }
+
+    /**
+     * @param {JSON} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const [key, algorithm] = args;
+        return jwt.sign(input, key, { algorithm: algorithm === "None" ? "none" : algorithm });
+    }
+
+}
+
+export default JWTSign;

src/core/operations/JWTVerify.mjs

@@ -0,0 +1,53 @@
+/**
+ * @author gchq77703 []
+ * @copyright Crown Copyright 2018
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import jwt from "jsonwebtoken";
+
+/**
+ * JWT Verify operation
+ */
+class JWTVerify extends Operation {
+
+    /**
+     * JWTVerify constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "JWT Verify";
+        this.module = "Crypto";
+        this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.";
+        this.infoURL = "https://jwt.io/";
+        this.inputType = "string";
+        this.outputType = "JSON";
+        this.args = [
+            {
+                name: "Private / Secret Key",
+                type: "shortString",
+                value: "secret_cat"
+            },
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const [key] = args;
+
+        try {
+            return jwt.verify(input, key);
+        } catch (err) {
+            return err;
+        }
+    }
+
+}
+
+export default JWTVerify;