From 600ce7c5ee2192e283f0940691e3ca2d184ad16e Mon Sep 17 00:00:00 2001
From: Dave Sag <davesag@gmail.com>
Date: Tue, 4 Dec 2018 17:21:29 +1030
Subject: [PATCH 1/2] #35 pass through options to underlying encryption

---
 README.md                    | 13 +++++++
 src/utils/jose.js            |  4 +-
 test/unit/utils/jose_spec.js | 75 ++++++++++++++++++++++--------------
 3 files changed, 62 insertions(+), 30 deletions(-)

diff --git a/README.md b/README.md
index 29665d6..9ddc055 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,19 @@ Works fine under Node 11.3+, and might run under versions of node going back to
       })
     })
 
+### Options
+
+See [encrypt.js#L661](https://github.com/cisco/node-jose/blob/master/lib/jwe/encrypt.js#L661)
+
+You can add `encrypt` options as follows:
+
+    const { encrypt, decrypt } = jose(privateKey, publicKey, {
+      format: 'compact'
+      protect: true,
+      // or any of the encrypt options than can be passed to JWE.createEncrypt.
+      // https://github.com/cisco/node-jose/blob/master/lib/jwe/encrypt.js#L661
+    })
+
 ## Issues
 
 Cisco's [node-jose](https://github.com/cisco/node-jose/issues) library has issues with **private keys with a passphrase** and cypher set. See [add support for passphrase in pem certificate](https://github.com/cisco/node-jose/issues/234).
diff --git a/src/utils/jose.js b/src/utils/jose.js
index 216ae5d..00e9f1f 100644
--- a/src/utils/jose.js
+++ b/src/utils/jose.js
@@ -1,11 +1,11 @@
 const { JWE } = require('node-jose')
 const { encode, decode } = require('./base64')
 
-const jose = (privateKey, publicKey) => {
+const jose = (privateKey, publicKey, options = {}) => {
   const encrypt = async raw => {
     if (!raw) throw new Error('Missing raw data.')
     const buffer = Buffer.from(JSON.stringify(raw))
-    const encrypted = await JWE.createEncrypt(publicKey)
+    const encrypted = await JWE.createEncrypt(options, publicKey)
       .update(buffer)
       .final()
     return encode(encrypted)
diff --git a/test/unit/utils/jose_spec.js b/test/unit/utils/jose_spec.js
index 48bda91..4135037 100644
--- a/test/unit/utils/jose_spec.js
+++ b/test/unit/utils/jose_spec.js
@@ -8,16 +8,17 @@ const jose = require('../../../src/utils/jose')
 const makeKey = async pem => JWK.asKey(pem, 'pem')
 
 describe('jose', () => {
+  let privateKey
+  let publicKey
   let j
 
   before(async () => {
     const keys = await keygen()
-    const privateKey = await makeKey(keys.privateKey)
-    const publicKey = await makeKey(keys.publicKey)
-    j = jose(privateKey, publicKey)
+    privateKey = await makeKey(keys.privateKey)
+    publicKey = await makeKey(keys.publicKey)
   })
 
-  context('happy path', () => {
+  const doTests = () => {
     const raw = {
       iss: 'test',
       exp: faker.date.future().getTime(),
@@ -26,40 +27,58 @@ describe('jose', () => {
       }
     }
 
-    let encrypted
-    let decrypted
+    context('happy path', () => {
+      let encrypted
+      let decrypted
 
-    before(async () => {
-      encrypted = await j.encrypt(raw)
-      decrypted = await j.decrypt(encrypted)
-    })
+      before(async () => {
+        encrypted = await j.encrypt(raw)
+        decrypted = await j.decrypt(encrypted)
+      })
+
+      it('encrypted', () => {
+        expect(encrypted).to.exist
+        expect(encrypted).to.be.a('string')
+      })
 
-    it('encrypted', () => {
-      expect(encrypted).to.exist
-      expect(encrypted).to.be.a('string')
+      it('decrypted', () => {
+        expect(decrypted).to.exist
+        expect(decrypted).to.be.an('object')
+      })
+
+      it('decrypted version of encrypted is raw', () => {
+        expect(decrypted).to.eql(raw)
+      })
     })
 
-    it('decrypted', () => {
-      expect(decrypted).to.exist
-      expect(decrypted).to.be.an('object')
+    context('unhappy path', () => {
+      describe('encrypt', () => {
+        context('given no input', () => {
+          it('rejects', () => expect(j.encrypt()).to.be.rejected)
+        })
+      })
+
+      describe('decrypt', () => {
+        context('given no input', () => {
+          it('rejects', () => expect(j.decrypt()).to.be.rejected)
+        })
+      })
     })
+  }
 
-    it('decrypted version of encrypted is raw', () => {
-      expect(decrypted).to.eql(raw)
+  context('without options', () => {
+    before(() => {
+      j = jose(privateKey, publicKey)
     })
+
+    doTests()
   })
 
-  context('unhappy path', () => {
-    describe('encrypt', () => {
-      context('given no input', () => {
-        it('rejects', () => expect(j.encrypt()).to.be.rejected)
-      })
+  context('with options', () => {
+    before(() => {
+      j = jose(privateKey, publicKey, { format: 'compact' })
     })
 
-    describe('decrypt', () => {
-      context('given no input', () => {
-        it('rejects', () => expect(j.decrypt()).to.be.rejected)
-      })
-    })
+    doTests()
   })
 })

From 7c5af9435074aa78e15fcc6224546f7461e740d4 Mon Sep 17 00:00:00 2001
From: Dave Sag <davesag@gmail.com>
Date: Tue, 4 Dec 2018 17:27:09 +1030
Subject: [PATCH 2/2] 1.2.0 update version

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 6ede5d1..1fdbeb7 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jose-simple",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "description": "A very simple JOSE encryption/decription utility",
   "engines": {
     "node": ">= 10.14.1",