Closed ziming closed 3 months ago
For the last minor 3.x and 4.0, you should pass only one algorithm manager and set null
for the second one.
$algorithmManager = new AlgorithmManager([new RSAOAEP, new A256GCM]);
$jweDecrypter = new JWEDecrypter($algorithmManager, null);
$recipient = 0;
$jweDecrypter->decryptUsingKey($jwe, $jwk, $recipient); // Fail this time!
$payload = $jwe->getPayload();
$payload = str_replace('"', '', $payload);
Hi @Spomky
Yes I did that in the last minor of v3
$jweDecrypter = new JWEDecrypter($algorithmManager, null);
$jweDecrypter->decryptUsingKey($jwe, $jwk, $recipient); // error
I got this error
The algorithm "A256GCM" is not supported.
The external api return me a response that needs the $contentEncryptionAlgorithmManager (2nd argument) or i cannot decrypt it. So I don't have a choice
as for the $jwk and $jwe, they are the following (previously working if i pass in the 2nd argument to new JweDecrypter)
$jwk = JWKFactory::createFromKey(
config('private_key_content'),
$passphrase
);
$serializerManager = new JWESerializerManager([
new \Jose\Component\Encryption\Serializer\CompactSerializer,
]);
$jwe = $serializerManager->unserialize($responseDataToken);
If it helps to give more context, the code is in 1 of my open source libraries
https://github.com/ziming/laravel-myinfo-sg/blob/master/src/Services/MyinfoSecurityService.php
Under the method decryptJWE
Thank you. So I hope you can allow them again in v4 as I'm constrained by external API requirements
Hi, my bad. My miss out on the part where you put the 2nd algorithm inside $algorithmnManager
$algorithmManager = new AlgorithmManager([new RSAOAEP, new A256GCM]);
Sorry
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Description
Hi I am trying to upgrade to v4 of your library, however, If i were to remove $contentEncryptionAlgorithmManager when creating my JWEDecrypter object, An external API integration of mine will fail.
I cannot change how an external API operates, so will be good if you still allow us to pass these 2 items to JWEDecrypter so that I can upgrade to v4 of this library.
My code in v3 that works
My code in v4 that fails because without $contentEncryptionAlgorithmManager I cannot decrypt what the external API sends back to me.