connect2id / Nimbus-JOSE-JWT / issues / #502 - Restore encrypt/decrypt for multiple recipients — Bitbucket

Issue #502 resolved

Thomas Diesler created an issue 2022-12-19

In nimbus-jose-jwt:9.16-preview.1 (Oct-2021) there was some support for encrypt/decrypt multi, which has been removed for 9.16. Since then it was never introduced back again.

Support for this needed by DIDComm V2 - the DIDComm Java library is stuck with 9.16-preview.1

CrossRef: https://github.com/sicpa-dlab/didcomm-jvm/issues/63

Comments (6)

Thomas Diesler reporter
- edited description
- 2022-12-19T13:35:49+00:00
Vladimir Dzhuvinov
Hi Thomas,

The contributors of the code you mention didn’t come back to get it into proper shape for a release (fixing the API, bugs, adding tests and JavaDocs) and it was removed after a while. I suppose they moved on to other things or simply lost interest.

The JWSObjectJSON class can serve as an API model for the JWEObjectJSON , so that it’s consistent with the overall library API.
- 2022-12-20T17:28:42+00:00
Vladimir Dzhuvinov
Hi Thomas,

There is a new PR for this:

https://bitbucket.org/connect2id/nimbus-jose-jwt/pull-requests/105

Reviews and comments are welcome!
- 2023-04-01T16:52:24+00:00
Vladimir Dzhuvinov
- changed status to open
- 2023-04-01T16:52:34+00:00

Vladimir Dzhuvinov

changed status to resolved

JWE with multiple recipients released:

version 9.32 (2023-09-13)
    * Adds JWEObjectJSON class to support general and flattened JSON
      serialisation.
    * Adds MultiEncrypter and MultiDecrypter classes for multi-recipient JWE.
    * Updates JWEHeader to support "enc" header parameter only construction for
      multi-recipient JWE.
    * Updates the BaseJWEProvider classes to support multi-recipient JWE.
    * Updates ContentCryptoProvider to support passing of an optional AAD. If
      no AAD is specified the JWE header becomes the AAD (default behaviour).
    * Updates the RSAEncrypter and RSADecrypter to support passing of an
      optional AAD. If no AAD is specified the JWE header becomes the AAD
      (default behaviour). Intended to support JWE JSON serialisation to
      multiple recipients.
    * Updates the ECDHEncrypter and ECDHDecrypter to support passing of an
      optional AAD. If no AAD is specified the JWE header becomes the AAD
      (default behaviour). Intended to support JWE JSON serialisation to
      multiple recipients.
    * Adds a getInitializedSignature method to the CompletableJWSObjectSigning
      interface. Enables the binding of a user verification to a specific
      instance of a java.security.Signature.
    * Updates the ECDSASigner for the ESxxx JWS algorithms to support the
      UserAuthenticationRequired option, originally introduced in the
      RSASSASigner for the RSxxx and PSxxx JWS algorithms.
    * Adds a new RSASSASigner(RSAKey, Set<JWSSignerOption>) constructor.
    * Updates JSONObjectUtils.parse(String,int) to ensure generic types are not
      erased by obfuscation tools (iss #518).
    * Updates GSon to 2.10.1.
    * Updates Google Tink to 1.10.0.

2023-09-14T19:38:33+00:00

Vladimir Dzhuvinov
The article that goes along with the release:

https://connect2id.com/products/nimbus-jose-jwt/examples/jwe-json-multiple-recipients
- 2023-09-14T19:39:07+00:00
Log in to comment

Assignee: –

Type: enhancement

Priority: major

Status: resolved

Component: –

Milestone: –

Votes: 0

Watchers: 1

Jira Software: the preferred issue tracker for Bitbucket. Join the team!