A128CBC+HS256 support in parity with Java's Nimbus JOSE + JWT #222
Description
Hi,
I have read in a lot of issues that jose-jwt strives to a level of support similar to that of the Java package nimbus-jose-jwt.
We are porting from Java to C# and I realized that the JWE token that we have always received from a partner uses A128CBC+HS256 which is not supported by jose-jwt, as it was deprecated in lieu of the similar A128CBC-HS256. **
Here is our Java code, for reference:
EncryptedJWT encryptedJWT = EncryptedJWT.parse(jwt);
JWEDecrypter decrypter = new RSADecrypter(privateKey);
encryptedJWT.decrypt(decrypter);
if (encryptedJWT.getState() != JWEObject.State.DECRYPTED) {
throw new NotAuthorizedException("Invalid token. Decryption failed.");
}
SignedJWT signedJWT = SignedJWT.parse(encryptedJWT.getPayload().toString());
JWSVerifier verifier = new RSASSAVerifier(publicKey);I was wondering if there is either:
a. A way to workaround this limitation in jose-jwt since the algorithm isn't all that different from A128CBC-HS256, but obviously those differences are very low-level.
b. A chance of supporting A128CBC+HS256
c. A recommendation for finding support elsewhere.
Error code for issue tracking: InvalidAlgorithmException: JWE algorithm is not supported: A128CBC+HS256.
and here is the Header for the encrypted token:
{
"enc": "A128CBC+HS256",
"alg": "RSA-OAEP",
"cty": "JWT",
"zip": "DEF",
"x5t": "<redacted>"
}Thanks!
** From a spec regarding their differences:
o Replaced "A128CBC+HS256" and "A256CBC+HS512" with "A128CBC-HS256"
and "A256CBC-HS512". The new algorithms perform the same
cryptographic computations as [I-D.mcgrew-aead-aes-cbc-hmac-sha2],
but with the Initialization Vector and Authentication Tag values
remaining separate from the Ciphertext value in the output
representation. Also deleted the header parameters "epu"
(encryption PartyUInfo) and "epv" (encryption PartyVInfo), since
they are no longer used.