Update tdf.ts

opentdf · Feb 21, 2025 · 5ccf6f5 · 5ccf6f5
1 parent 5742ee8
commit 5ccf6f5
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/lib/tdf3/src/tdf.ts b/lib/tdf3/src/tdf.ts
@@ -674,20 +674,23 @@ async function unwrapKey({
     const url = `${keySplitInfo.url}/v2/rewrap`;
     let ephemeralEncryptionKeysRaw: AnyKeyPair;
     let ephemeralEncryptionKeys: PemKeyPair;
+    let algorithm: string;
     if (wrappingKeyAlgorithm === 'ec:secp256r1') {
       ephemeralEncryptionKeysRaw = await generateKeyPair();
       ephemeralEncryptionKeys = await cryptoService.cryptoToPemPair(ephemeralEncryptionKeysRaw);
+      algorithm = 'ES256';
     } else if (wrappingKeyAlgorithm === 'rsa:2048' || !wrappingKeyAlgorithm) {
       ephemeralEncryptionKeysRaw = await cryptoService.generateKeyPair();
       ephemeralEncryptionKeys = await cryptoService.cryptoToPemPair(ephemeralEncryptionKeysRaw);
+      algorithm = 'RS256';
     } else {
       throw new ConfigurationError(`Unsupported wrapping key algorithm [${wrappingKeyAlgorithm}]`);
     }
 
     const clientPublicKey = ephemeralEncryptionKeys.publicKey;
 
     const requestBodyStr = JSON.stringify({
-      algorithm: 'RS256',
+      algorithm,
       keyAccess: keySplitInfo,
       policy: manifest.encryptionInformation.policy,
       clientPublicKey,