Bug 27814 - Section A.2 - the usage mapping of "enc" is incorrect

[mwatson2]

Bug 27814:

The text of A.2 says that
enc maps to ["encrypt", "decrypt", "wrapKey", "unwrapKey"]

however my reading of section 4.2 of the JWK specification (http://tools.ietf.org/html/draft-ietf-jose-json-web-key-39#section-4.2) as well as the example in Appendix A.2 say that for keys of type "EC" the value of enc is correct. This means that the mapping should be

enc maps to ["encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveBits", "deriveKey"]

This also changes the algorithm for importing of ECDH keys when using a jwk format. (No changes are needed for Diffie-Hellman because it does not support a jwk format.)

[mwatson2]

I'm not sure there was a conclusion to the very long discussion on the original bug back in January 2015.

Given that JOSE uses the use value enc for keys to be used for key agreement, I would suggest that we change ECDH JWK key import to accept this use value, instead of throwing an error if use is present.

[mwatson2]

I'm also not sure A.2 is useful. Perhaps we should remove it ?

[jimsch]

I do not believe there was any final decision to do something from the last discussion.

I would tend to agree that removing A.2 is not a harmful operation.

I am in favor of any thing that makes the usage of JWK structures here better match that of the IETF specification.

[mwatson2]

In the absence of further input, I will implement this by removing section A.2 and allowing the presence of the use field with value enc for ECDH JWK import.

[jimsch]

sounds good to me.

[hhalpin]

LGTM.

[mwatson2]

PR #114

[ericroman920]

PR #114 looks good to me.