Comments (7)
Ahhhh....
I'm currently away from my computer so I haven't got much more than play.golang.org to fiddle with, but seems like there might have been an omission in the Encrypt/Decrypt API to pass these extra values.
Will look into it further when I'm back in my seat
from jwx.
@lestrrat Thanks. Yes this seems working now.
you are right i was setting headers same way you did in the test however i was having issue in decrypting message.
Thanks again.
from jwx.
@mirrayeesahmad release done. Thanks for the heads up.
from jwx.
Hi, this code does not compile.
Also, what is your expected behavior, and what is it giving you instead?
from jwx.
Sorry i pasted wrong code. there was typo.
Here is the latest.
package main
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"fmt"
"github.com/lestrrat-go/jwx/v2/jwa"
"github.com/lestrrat-go/jwx/v2/jwe"
"log"
)
func main() {
privateKey, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
if err != nil {
log.Printf("failed to generate private key: %s", err)
return
}
payload := []byte("Message to Communicate")
// I want to pass apv for ECDH algo
encrypted, err := jwe.Encrypt(
payload,
jwe.WithJSON(),
jwe.WithKey(jwa.ECDH_ES, privateKey.PublicKey),
jwe.WithContentEncryption(jwa.A128GCM),
)
if err != nil {
fmt.Println(err)
}
fmt.Println(string(encrypted))
decrypted, err := jwe.Decrypt(
encrypted,
jwe.WithKey(jwa.ECDH_ES, privateKey),
)
if err != nil {
fmt.Printf("failed to decrypt payload: %s\n", err)
return
}
fmt.Printf("%s\n", decrypted)
}
I need to pass apv when algo is ECDH_S. it is shared between sender and receiver. i want to encrypt and decrypt using same apv.
from jwx.
Okay so I made #804.
So I think there were a couple of problems:
The first one was that I didn't document anywhere how to use apu/apv or any other header values. TBH I just didn't have enough test cases that uses apu/apv to recognize this. So if in the future if you feel like it, we would very much appreciate it if you can provide more actual use cases to the JWE test suite. I didn't add a big section on it, but I at least mentioned it here.
The second one was a real bug. When encrypting, apu/apv values were not taken into account to compute the aad value, so when these values were present you were able to encrypt (but the encryption was wrong) and the decryption would thus fail. This has been addressed in #804
All in all, I think the test case in #804 should be the expected behavior, and also shows the way to access these field (jwe.WithPerRecipientHeaders
for encryption, and use jwe.WithMessage
to retrieve them when decrypting). Please check and let me know if this works as expected, and I'll merge + make a release
from jwx.
Thanks for speedy response! I really appreciate it.
from jwx.
Related Issues (20)
- bad index out of range test HOT 2
- [chore] Fix flaky tests
- X.509 URL key - wrong value HOT 1
- any plan for paseto ? HOT 3
- M1 Silicon Mac Compile Failure HOT 7
- unable to `go run` / `go install` directly HOT 14
- Dynamic key lookup for JWT / fetching kid from JWT header HOT 5
- [v3] List of possible breaking changes HOT 1
- move internal/iter to the iter package for convenient codegen HOT 5
- Auth0 access token cannot proceed with JWE encrypted payload without decryption parameters HOT 9
- Data race in test
- [v3] RFC: Doing away with iterators HOT 1
- [v3] RFC: Changing the API for Get() HOT 3
- Ability to get `err` status from CachedSet HOT 14
- Problem when adding JWK in JWT Headers HOT 4
- Per Token FlatAudience Option HOT 7
- go 1.19 `panic` due to missing EC key validation HOT 4
- Confusing error when processing JWT with trailing garbage. HOT 4
- The order of selecting correct key to verify signature HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwx.