I have this problem, I created a JWE in node.js using node-jose by this way:
const keystore = [
{
kty: 'oct',
kid: 'QLdRkgyMx_po0fPo5XnOzQQB4iTcyay36m_PA62SBiw',
k: 'A-OAikjssQZeLkj8N_2Xb9qPBG6lSq10YeLbiTF-kQuM_qKy08jwFqQwsLzn9fmNPkayM9uRg1lHBrPoK_fGtQ'
}
]
const ks = await jose.JWK.asKeyStore(keystore);
const rawKey = ks.get(keystore[0].kid)
const key = await jose.JWK.asKey(rawKey);
const jwe = await jose.JWE
.createEncrypt({format: 'compact'}, key)
.update(payload)
.final();
According to the documentation it is created with "alg": "PBES2-HS256+A128KW", "enc": "A128CBC-HS256", and if I check it in jwt.io, it is.
Then, I need to decrypt in golang, so I do like this using go-jose.v2:
package main
import (
"fmt"
"gopkg.in/square/go-jose.v2"
)
const jweRaw string = "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUUxkUmtneU14X3BvMGZQbzVYbk96UVFCNGlUY3lheTM2bV9QQTYyU0JpdyIsInAyYyI6ODE5MiwicDJzIjoiaVktZEdKaWtYbUZCdXMwRFp5eHdIQSJ9.QkuIGmPojLDX-wpTVTjZRnA093fJRVM6OHkpmoQeyLubahOABg62WQ.z6dm86nWHcWgzmPXiuk0kg.7mOgYF6d9hgfXtTj9RUv7BNuYH-jBAs8px0boOFj1mke_JPetIT44yY7ceffFRfS2QYc6RQMtTvb7vdMArkqeB483g3-tcoCGWxafOb0VfVQHrPTdjpGMLF-9uIJw9z5.RA0Dn-B_Y3kvXYRvVTiNFQ"
const kid string = "QLdRkgyMx_po0fPo5XnOzQQB4iTcyay36m_PA62SBiw"
const k string = "A-OAikjssQZeLkj8N_2Xb9qPBG6lSq10YeLbiTF-kQuM_qKy08jwFqQwsLzn9fmNPkayM9uRg1lHBrPoK_fGtQ"
func main() {
jwe, err1 := jose.ParseEncrypted(jweRaw)
if err1 != nil {
panic(err1)
}
fmt.Println("jwe", jwe)
bytes, err2 := jwe.Decrypt(jose.JSONWebKey{Algorithm: "PBES2-HS256+A128KW", Use: "A128CBC-HS256", KeyID: kid, Key: k})
if err2 != nil {
panic(err2)
}
fmt.Println("bytes", string(bytes))
}
But it panics "panic: square/go-jose: error in cryptographic primitive" You can check it here: https://play.golang.org/p/qB3QNtGwBsK
I already tried with https://github.com/lestrrat-go/jwx but, it doesn't support PBES2-HS256+A128KW algorithm
Thanks.
UPDATE: here's more information:
They key in node was created with this:
const keystore = await jose.JWK.createKeyStore()
const key = await a.generate('oct', 512)
console.log(key.toJSON(true))
Then the output was saved in this array:
const keystore = [
{
kty: 'oct',
kid: 'QLdRkgyMx_po0fPo5XnOzQQB4iTcyay36m_PA62SBiw',
k: 'A-OAikjssQZeLkj8N_2Xb9qPBG6lSq10YeLbiTF-kQuM_qKy08jwFqQwsLzn9fmNPkayM9uRg1lHBrPoK_fGtQ'
}
]
I've been trying create the same JWE with the same JWK in golang and I can decrypt in golang, but neither in node (I got a "key not found" error)... So, cross decrypting doesn't work for me. What am I doing wrong?
k is a base64url encoded representation of the octet key, unless the go interface specifically mentions passing keys in JWK format, which it doesn't, you need to provide the raw key. base64url.decode() the k to get the raw key bytes.
Also, as a sidenote, PBES2-HS256+A128KW is intended to be used with passwords, not keys, given it's computationally heavy i'd recommend a different key wrapping algorithm (not a symmetric passphrase based one). You can use asymmetric crypto to encrypt for a recipient. And if you also want to achieve authentication of the message, don't use key wrapping at all, use the Direct Key Agreement from JWE instead.