JWK alg field not matched with JWEDecryptionKeySelector when JWE header uses RSA-OAEP-256
Note the key information below is just demo keys and so are not sensitive. I used the command line JWK utility to generate my RSA keys to use when encrypting a JWEObject that has an embedded JWS Object.
The key:
{
"kty": "RSA",
"e": "AQAB",
"use": "enc",
"kid": "4ed15d81-4fee-4cfa-89d0-ae58fdc26698",
"alg": "RS256",
"n": "twYvIZC29Bq9yoffwkaF4736HQaREsjqlOc0rjTSpyuurAFWJP_bwaZAYHVUf5tAORZrR0QqxdQ0R8lHOSkjK6ulqQf9PHFBRRkrFZkbCpxlSQiJq7l8Vk04_Cz-KLykTqQVoTcoTLH5iD5l-6LjZZcRGAAZkcdW7jBiJH58CLYka1bE61yb-TW4J0sDyDgjOfW18nazapz2WyVd8Qw4JTDTa-Fqdwov6VYhkEu8JlnHAdpDzcTdbPLulsBukinzZDoTef--GhJaZgQ0WxhX7EC9fDADO1vlhcVNwrI2rEV6ga1PdUTSpq3aHYPkhzFYfkdPb0QdPD7e7fLCN7STlw"
}
Note the "alg" parameter is RS256. The utility will not let me specify the alg as RSA_OAEP_256.
I followed the examples on your site to create a signed then encrypted JWE. Its header:
{
"kid": "4ed15d81-4fee-4cfa-89d0-ae58fdc26698",
"cty": "JWT",
"enc": "A256GCM",
"alg": "RSA-OAEP-256"
}
When receiving the token, I create the JWEDecryptionKeySelector and try to find the correct key. Note the kid coming in the header matches the kid in my key set above.
selector = new JWEDecryptionKeySelector<C>(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A256GCM, config.getInternalKeySource());
keyCandidates = selector.selectJWEKeys(encryptedJWT.getHeader(), context);
This returns no keys. The selector above is looking for a key with an "alg" of RSA-OAEP-256 instead but my key key in my key set has alg=RS256.
I can manually edit my JWK JSON to change the alg parameter to RSA-OAEP-256 and then it matches.
Is this the correct approach? I question it because the utility won't let me build this type of JWK.
Or is this a bug in the JWEDecryptionKeySelector where it doesn't translate from the JWEAlgorithm to a corresponding key algorithm?
Thanks! Great library!
- Mac
Comments (2)
-
-
- changed status to invalid
- Log in to comment
Hi,
You can use the
-a
command line switch to set the intended algorithm for the RSA key pair to be generated:This will output an RSA key formatted like
Editing the "alg" in the JWK is also fine.
The JWK generator is actually maintained in a different project, by Justin Richer, at https://github.com/mitreid-connect/json-web-key-generator.
The JWEDecryptionKeySelector is quite strict, and if a JWK is marked for some other algorithm, it will be skipped.
Hope this helped. Thanks for the feedback!
Vladimir