v.2.18: decript JWEObject whit JWEAlgorithm.RSA_OAEP, EncryptionMethod.A128CBC_HS256
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN"> <HTML> <HEAD> <TITLE>Error 500--Internal Server Error</TITLE> <META NAME="GENERATOR" CONTENT="WebLogic Server"> </HEAD> <BODY bgcolor="white"> <FONT FACE=Helvetica><BR CLEAR=all> <TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all> <FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error 500--Internal Server Error</H2> </FONT></TD></TR> </TABLE> <TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% BGCOLOR=white><FONT FACE="Courier New"><pre>java.lang.NoSuchMethodError: constantTimeAreEqual at com.nimbusds.jose.crypto.AESCBC.decryptAuthenticated(AESCBC.java:263) at com.nimbusds.jose.crypto.RSADecrypter.decrypt(RSADecrypter.java:166) at com.nimbusds.jose.JWEObject.decrypt(JWEObject.java:442) at com.mediaset.be.util.JWTUtils.GetDecryptedTokenFromEncString(JWTUtils.java:52)
Comments (8)
-
-
Hi, Vladimir the v. of BouncyCastle library is: bcprov-ext-jdk15-1.40.jar
regard Lucas
-
Could you please upgrade to 1.49? 1.40 is fairly old now and doesn't seem to support the required method for constant time array comparison.
You can find the recommended dependency library versions in the pom.xml file.
-
Hi Vladimir, at the moment I cannot upgrade to 1.49;
I also have another problem:
I get a JWToken encrypted with the following specifications: "enc": "A128CBC + HS256" "alg": "RSA-OAEP"
but the code: Credential decryptionCredential SAMLUtil.getKEKCredentialForDecrypt = (); PrivateKey = (RSAPrivateKey) decryptionCredential.getPrivateKey (); JWEObject jwe = EncryptedJWT.parse (jwtEncString); if (jwe.getState () == JWEObject.State.ENCRYPTED) { RSADecrypter decrypter = new RSADecrypter (PrivateKey); jwe.decrypt (decrypter); }
generates the following exception: The "A128CBC HS256 +" encryption method is not accepted by the JWE decrypter
I use the nimbus-jose-jwt-2.18.jar
It seems to me, reading here that A128CBC + HS256 is supported: https://bitbucket.org/nimbusds/nimbus-jose-jwt/issue/32/add-a128cbc-hs256-and-a256cbc-hs512
where am I wrong?? regard Lucas
-
Hi Luca,
The A128CBC encryption method that uses HS256 integrity protection has not always been the same in the JOSE JWA spec.
In version -09 of the JWA spec the method was changed somewhat, which also resulted in changing the method identifier from "A128CBC+HS256" to "A128CBC-HS256":
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-16#appendix-F
Replaced "A128CBC+HS256" and "A256CBC+HS512" with "A128CBC-HS256" and "A256CBC-HS512". The new algorithms perform the same cryptographic computations as [I-D.mcgrew-aead-aes-cbc-hmac-sha2], but with the Initialization Vector and Authentication Tag values remaining separate from the Ciphertext value in the output representation. Also deleted the header parameters "epu" (encryption PartyUInfo) and "epv" (encryption PartyVInfo), since they are no longer used.
The current version of the Nimbus JOSE+JWT library supports the new method. The old method (with the plus sign in the identifier) was supported up until version 2.14 of the library (from April 2013).
There are two solutions to that:
- Notify the JWE generating party to upgrade their library to the latest specs.
- Downgrade the Nimbus JOSE+JWT library to version 2.14.
One is the recommended solution as the new JOSE drafts include a number of improvements and so does the library.
-
All is Ok: 1) with last version of Bouncy Castle it work; 2) with downgrade nimbus I manage properly the method A256CBC+HS512
regard lucas
-
- changed status to resolved
Good, I'm closing the issue now :)
-
This article on natural language processing data annotation challenges and opportunities is a must-read for anyone interested in the field. The author does an excellent job of outlining the challenges faced by data annotators and the opportunities that exist for improving the process. The use of real-world examples and case studies makes the article engaging and informative. Overall, a great resource - https://gbhackers.com/natural-language-processing-data-annotation-challenges-opportunities/ for anyone looking to deepen their understanding of natural language processing.
- Log in to comment
Thanks for reporting this.
It seems to be related to a BouncyCastle utility method for comparing arrays. Which version of the BouncyCastle library are you using?