- edited description
Restore encrypt/decrypt for multiple recipients
In nimbus-jose-jwt:9.16-preview.1 (Oct-2021) there was some support for encrypt/decrypt multi, which has been removed for 9.16. Since then it was never introduced back again.
Support for this needed by DIDComm V2 - the DIDComm Java library is stuck with 9.16-preview.1
CrossRef: https://github.com/sicpa-dlab/didcomm-jvm/issues/63
Comments (6)
-
reporter -
Hi Thomas,
The contributors of the code you mention didn’t come back to get it into proper shape for a release (fixing the API, bugs, adding tests and JavaDocs) and it was removed after a while. I suppose they moved on to other things or simply lost interest.
The
JWSObjectJSON
class can serve as an API model for theJWEObjectJSON
, so that it’s consistent with the overall library API. -
Hi Thomas,
There is a new PR for this:
https://bitbucket.org/connect2id/nimbus-jose-jwt/pull-requests/105
Reviews and comments are welcome!
-
- changed status to open
-
- changed status to resolved
JWE with multiple recipients released:
version 9.32 (2023-09-13) * Adds JWEObjectJSON class to support general and flattened JSON serialisation. * Adds MultiEncrypter and MultiDecrypter classes for multi-recipient JWE. * Updates JWEHeader to support "enc" header parameter only construction for multi-recipient JWE. * Updates the BaseJWEProvider classes to support multi-recipient JWE. * Updates ContentCryptoProvider to support passing of an optional AAD. If no AAD is specified the JWE header becomes the AAD (default behaviour). * Updates the RSAEncrypter and RSADecrypter to support passing of an optional AAD. If no AAD is specified the JWE header becomes the AAD (default behaviour). Intended to support JWE JSON serialisation to multiple recipients. * Updates the ECDHEncrypter and ECDHDecrypter to support passing of an optional AAD. If no AAD is specified the JWE header becomes the AAD (default behaviour). Intended to support JWE JSON serialisation to multiple recipients. * Adds a getInitializedSignature method to the CompletableJWSObjectSigning interface. Enables the binding of a user verification to a specific instance of a java.security.Signature. * Updates the ECDSASigner for the ESxxx JWS algorithms to support the UserAuthenticationRequired option, originally introduced in the RSASSASigner for the RSxxx and PSxxx JWS algorithms. * Adds a new RSASSASigner(RSAKey, Set<JWSSignerOption>) constructor. * Updates JSONObjectUtils.parse(String,int) to ensure generic types are not erased by obfuscation tools (iss #518). * Updates GSon to 2.10.1. * Updates Google Tink to 1.10.0.
-
The article that goes along with the release:
https://connect2id.com/products/nimbus-jose-jwt/examples/jwe-json-multiple-recipients
- Log in to comment