This patch changes from using biscuit to josekit for JWE.
josekit uses OpenSSL for its crypto instead of ring.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
Previously, we were expecting that the input is always utf8 encoded
text.
Since we just convert it to bytes, and print it back out as bytes, we
can just skip the unicode parsing, and accept any provided input.
Fixes: #5
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This should send people strongly to use the defaults, so that other
tools can easily determine whether policies are in use and what their
values are.
It still allows overriding them.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
It was decided to use standard base64 instead of base64-url because
that's what the Go implementation did by default for a []byte.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
My hardware TPM only supports AES128, so let's use that for now to
be more compatible.
The tpm_sym_def function does take a mutable ctx borrow, so that in
the future it can automatically detect the best supported symdef.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>