- edited description
encrypting a simple text using RSA-OAEP-256 as algorithm and encrypting using A256CBC-HS512
0 down vote favorite I am using the library jose.4.j to do an encryption of a password using JWE with the RSA-OAEP-256 algorithm and A256CBC-HS512 encryption method. There is a public key that is used for the encryption is a certificate.
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setPayload("Hello World!");
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
FileInputStream fin = new FileInputStream("C:/xxx.cer");
CertificateFactory f = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
RSAPublicKey pk = (RSAPublicKey) certificate.getPublicKey();
jwe.setKey(pk);
//jwe.setCertificateChainHeaderValue(certificate);
String serializedJwe = jwe.getCompactSerialization();
System.out.println("Serialized Encrypted JWE: " + serializedJwe);
I am getting the following error though
RSA-OAEP-256 is an unknown, unsupported or unavailable alg algorithm (not one of [RSA1_5, RSA-OAEP, dir, A128KW, A192KW, A256KW, ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW]).
Comments (6)
-
reporter -
repo owner RSA-OAEP-256 needs a JCA provider that supports RSA/ECB/OAEPWithSHA-256AndMGF1Padding and an OAEPParameterSpec that indicates SHA-256 for MGF1. That error suggests that your JVM doesn't have that.
The debug logging from when jose4j Initializes itself might give a little more insight. That starts with something like,
DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - Initializing jose4j (running with Java ...
and ends with something likeDEBUG o.jose4j.jwa.AlgorithmFactoryFactory - Initialized jose4j in 7m
.You could also just use RSA-OAEP.
-
reporter Hello, Thanks for your reply. Appreciate it. I have downloaded the JCE Unlimited Strength Jurisdiction Policy package from Oracle and replaced some files in the lib folder of the JRE. Should it have worked or JCA is something entirely different? Thanks
-
Shouldn't have anything to do with Unlimited Strength Jurisdiction Policy files (those are mostly about symmetric key length). It's just a matter of what the underlying JCA providers support. As far as I know it should just work with recent versions of Oracle's Java and the providers that it ships with.
-
reporter I am using Java 7. Maybe that is the problem. I will try the latest JDK. Thanks.
-
repo owner - changed status to invalid
- Log in to comment