JWE tokens generated using A128CBC_HS256 by other libraries fail to be decrypted correctly as the authentication fails. This seems to be due wrong length authentication tag being checked. It should only check the first 128 bits.
If you try to decrypt the example token given in RFC7516 the decryption fails.
RFC7518 specifies only the first 128 bits to be used in the tag
Example
using System;
using JsonWebToken;
public class Program
{
public static void Main()
{
// Key and token from https://www.rfc-editor.org/rfc/rfc7516.html#appendix-A.3
Jwk encryptionKey = new SymmetricJwk("GawgguFyGrWKav7AX4VKUg");
string token = "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ.AxY8DCtDaGlsbGljb3RoZQ.KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.U0m_YmjN04DJvceFICbCVQ";
JwtReader jwtReader = new JwtReader(encryptionKey);
var policy = new TokenValidationPolicyBuilder().AcceptUnsecureToken().Build();
var result = jwtReader.TryReadToken(token, policy);
Console.WriteLine($"Decryption Statue: {result.Status}");
// The token should be decrypted and equal "Live long and prosper." However it fails decryption
}
}
JWE tokens generated using A128CBC_HS256 by other libraries fail to be decrypted correctly as the authentication fails. This seems to be due wrong length authentication tag being checked. It should only check the first 128 bits.
If you try to decrypt the example token given in RFC7516 the decryption fails.
RFC7518 specifies only the first 128 bits to be used in the tag
Example
https://dotnetfiddle.net/YdEJXG