- changed status to invalid
Make ECDHEncrypter take ephemeral key as argument
Issue #275
invalid
I am having difficulties implementing Diffie Hellman with static key (ECDH_ES).
The issue is that on each ECDHEncrypter.encrypt
new ephemeral key is generated and I don't have access to it.
Reference:
https://bitbucket.org/connect2id/nimbus-jose-jwt/src/5f53c563450a4ffeee5547c4fc47e19abc4dcfb8/src/main/java/com/nimbusds/jose/crypto/ECDHEncrypter.java?at=master&fileviewer=file-view-default#ECDHEncrypter.java-162:165
I want to have access to the private key so i can create ECDHDecrypter
so i can achieve secure two way communication.
It seems to me that I am using the library wrong, please correct me if this is the case. Otherwise, I would gladly submit a PR.
Comments (1)
-
- Log in to comment
Hi Antonio,
The ephemeral key is a one-time-use intermediate key used to derive the so called shared key Z. It must not be passed to the recipient.
https://tools.ietf.org/html/rfc7518#section-4.6
At the recipient ECDHDecrypter just pass the private key for the public one used to create the ECDHEncrypter.