Getting a JWEInvalid error?

[yuvigrg]

Expected behaviour
Get a JWE

Environment:
"jose": "^1.16.0",

node version: v12.0.0

I am trying to decrypt a JWE token. I have got public key and the private key. However, the sample JWE token that I received from a third party was throwing JWEInvalid.
To test whether my key was in fault, I tried creating an encrypted token using the public key. But the token is not being generated and throwing the JWEInvalid error on JWE.encrypt.
The string parameter, I took it from the https://github.com/panva/jose encrypt example.

  try {
    const publicKey = JWK.asKey(pub)
    const privateKey = JWK.asKey(pvt)
    const token = JWE.encrypt(
      'eyJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJqb2huZG9lIn0.T_SYLQV3A5_kFDDVNuoadoURSEtuSOR-dG2CMmrP-ULK9xbIf2vYeiHOkvTrnqGlWEGBGxYtsP1VkXmNsi1uOw',
      publicKey,
      { kid: publicKey.kid },
    )
    console.log(token)
    // const decrypt = JWE.decrypt(token, privateKey)
    // console.log(decrypt)
    return response.sendStatus(200)
  } catch (error) {
    logError(error)
    return response.sendStatus(400)
  }

Where am i going wrong?

[panva]

Where am i going wrong?

I don't know, please provide actual reproduction steps.

JWEInvalid
https://github.com/panva/jose/blob/master/docs/README.md#class-jweinvalid
Thrown when syntactically incorrect JWE is either requested to be encrypted or decrypted

This works just fine, so you're doing something wrong that isn't in your issue's description.

const jose = require('jose')

const privateKey = jose.JWK.generateSync('RSA')
console.log('privateKey is', privateKey.type)
const publicKey = jose.JWK.asKey(privateKey.toPEM(false))
console.log('publicKey is', publicKey.type)

const jwe = jose.JWE.encrypt(
  'eyJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJqb2huZG9lIn0.T_SYLQV3A5_kFDDVNuoadoURSEtuSOR-dG2CMmrP-ULK9xbIf2vYeiHOkvTrnqGlWEGBGxYtsP1VkXmNsi1uOw',
  publicKey,
  { kid: publicKey.kid },
)

console.log('jwe: ', jwe)
jose.JWE.decrypt(jwe, privateKey)

[yuvigrg]

@panva Thank you for the quick response as always.

I found that the public key I was using, 'use' property was 'sign'. I changed it to 'enc' and got it decrypted.

import { JWE, JWK, JWT } from 'jose'
import { logInfo, logError } from 'logging/logger'

export const validate = async (request, response) => {
  logInfo('Validate')
  const pub = {
    use: 'enc',
    kty: 'RSA',
    e: 'CA__',
    n: 'wKojZengmd7dTT7YWW4v2PZDV7o_j6P-Xp94CSktuLw-bTVVTe5jCp_Pphs4Ej4aEhmXVaS97WHGU8uf4itA3jXXRzEHcJwdOBCg_u2wOXQvRuUID8AN4va1IZfpHSAfjRIAMVgAIdkN2NbhpbTjJ_Xg6wKxSNvESx3ekNEL3InHw-xVc06CKQccvPFodIwV5fzHRS6KL2MLYZgbfxV-uujYyfKkYNTJ0QDfhw-YqbUKaW2Ovb6xRbUMuTqDEN1DwzQs3-2BZw135Q-Mpb56hzxZofM6wWPERgC-KBlTUWZQPXSU3RPaPWiojzKrbTWsvXOcjZ0CRhdfeZ6oGEQ_FQ',
  }

  const pvt = {
    p: '7qNjgBvXiFCpYLyBHnCo5WEuCVUENYovgRsMUtS9oWpF4TGOu2Kv33xGMz7RtO28ayZcv828aV3AEyilpPQg8hHtQuHyfeCQQ5_zmKqNfvoFkwvKysFkLrPz8a5xtD5nSnvuqILul3WkHzLRxQF_97_VbGBIjOp4pH9fLQusUz0',
    kty: 'RSA',
    q: 'zq5-4h0pqfk8pfkncj4wM-9n5XWr3ugQxwc0kPraCxPrLCOp2osL4jfOp-HAFLysF0EYDDDZmY3iwrNBRI5rdy8wkz6cwgZ9Aj3aIkVex1mdKBktvodB7ct8EqipNsSTpJJymAV0-gN1lIu6OgXGveNKqWyAKy-k6pPluVYN-Lk',
    d: 'CD8Bw_pE63jIt6It767owPYYSRI_aBcE_mL5COtyzpKEdzpIpFlPrbh2QKLcLMxeXvCJIsdtB6MD-VRlhKX7_LPYrrHzdllZ-lz974uxedbwMgfwsv0IMJd1K_oFy_BW6KCAOX3r9ka1D3902TDpJa-ooLq4Arr0NCcxlsYJKkdtKPPDN79Uxboq262wkjrTdVYGqSQv8wDj1jQiuhgjfPTAKwqEXuH-5-Zu1jir7GAfhVYKZXME_K4fOOlS_XLfAzSzbOURa1PX4ySWJt2rEcEq2G7SL_SEOiUEnUW3g7xpoRHFKb3Vqe2VcmteDkNURMHZ-uf_kmWBetquYYVQHw',
    e: 'CA__',
    qi: 'X2Z1vrtmMS6rdu0hZi5NWfsk3VkXPv3_nYaAHiROq567fk4ttGuypb2op4ebxED34KAALl7XF3O7mudf9ijUVtiy_2a8OCz8a-SkEZuLuZHYdSZ4nJqe-t8TS5jA03R1-rFkGmJJCWPqxgKXgJ35qpatOJiM7R7zojecE02TW4c',
    dp: 'ywtMeBEMs2XZX2gvk70aDynJgIevy9kzvLWCnDTHTTpqG-Xq55uO3ex-oHshNkkZ0TAgl-qEHznMpD7HN0MZQAW8xq6j8aJ7YhAhq9rq90rkTW9dCcGABHUz-jTnhprnrTCmp_MojVlmp_91VlyxKPEZST2jxkF6Y5JCRggFq48',
    dq: 'x6XwVWLReCTqMT2aUBxoP6j7ZxTiZKZyfxXhleFJXJ87-k4GSNKnZ-nWFYK0dgqLgbxj4S5Q5ijKLTKC_xgGp7s06zR1dkwIPSyVvJz-hJAnj64itvUZBSBLsND6SvzME_TzO7I4_muVQv53R1sQ3UTeuxfqT4kMeFdF74hZ_I8',
    n: 'wKojZengmd7dTT7YWW4v2PZDV7o_j6P-Xp94CSktuLw-bTVVTe5jCp_Pphs4Ej4aEhmXVaS97WHGU8uf4itA3jXXRzEHcJwdOBCg_u2wOXQvRuUID8AN4va1IZfpHSAfjRIAMVgAIdkN2NbhpbTjJ_Xg6wKxSNvESx3ekNEL3InHw-xVc06CKQccvPFodIwV5fzHRS6KL2MLYZgbfxV-uujYyfKkYNTJ0QDfhw-YqbUKaW2Ovb6xRbUMuTqDEN1DwzQs3-2BZw135Q-Mpb56hzxZofM6wWPERgC-KBlTUWZQPXSU3RPaPWiojzKrbTWsvXOcjZ0CRhdfeZ6oGEQ_FQ',
  }

  try {
    const publicKey = JWK.asKey(pub)
    const privateKey = JWK.asKey(pvt)
    const token = JWE.encrypt(
      'eyJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJqb2huZG9lIn0.T_SYLQV3A5_kFDDVNuoadoURSEtuSOR-dG2CMmrP-ULK9xbIf2vYeiHOkvTrnqGlWEGBGxYtsP1VkXmNsi1uOw',
      publicKey,
      { kid: publicKey.kid },
    )
    const decrypt = JWE.decrypt(token, privateKey)

    if (decrypt) {
      return response.sendStatus(200)
    }
    response.sendStatus(400)
  } catch (error) {
    logError(error)
    return response.sendStatus(400)
  }
}

I got one last question. Is it possible to verify and decode the JWE? A google search did not yield anything so I presume not.

[panva]

Is it possible to verify and decode the JWE?

I don't follow the question

[yuvigrg]

@panva the last question was how to if I can verify the JWE. I found that to verify it, I have to convert the buffered JWE into a sting and use JWS.verify to verify and decode.

I have one more question. I generated two keys using ssh keygen. However, I am having an issue decrypting the token. I am getting the following error:
the key does not support PBES2-HS256+A128KW key management (decryption) algorithm

const { JWK, JWE } = require('jose')

// Keys
const publicKeyPEM = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCq1Jp6YqfWV47YOgmYuG7GUusuR3mqOqJ6U7+a+gLv8bP+lfuIhg9FJ0KPyvUax6OqBOVqdAPK9AxEdZEB0CvA1sDrhZW1Y0XTSCSnTVIqhCgVFtRkbOyR3iC0DR2CgT+QA+JctyQ3C+R1+f4BZZKCkM2/IzEaCi1E8L39J3XbhuyfbGwdLwZY73Xjqf04TYCrod+ZfHfig22zNyO1ZY9EZsYLOB3rjPA+og/L/Rqq6vTcqedFVeLrQ6QcE8hBBQ6IU/Z6M3uWG3PTRN0WJdihAZfY1ENg4pap/p2wjQk2kgWRIup58vOLzTiwGk4h038txGxQY2UZDeV6gOG/HumL'

const privateKeyPEM = `-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqtSaemKn1leO2DoJmLhuxlLrLkd5qjqielO/mvoC7/Gz/pX7
iIYPRSdCj8r1GsejqgTlanQDyvQMRHWRAdArwNbA64WVtWNF00gkp01SKoQoFRbU
ZGzskd4gtA0dgoE/kAPiXLckNwvkdfn+AWWSgpDNvyMxGgotRPC9/Sd124bsn2xs
HS8GWO9146n9OE2Aq6HfmXx34oNtszcjtWWPRGbGCzgd64zwPqIPy/0aqur03Knn
RVXi60OkHBPIQQUOiFP2ejN7lhtz00TdFiXYoQGX2NRDYOKWqf6dsI0JNpIFkSLq
efLzi804sBpOIdN/LcRsUGNlGQ3leoDhvx7piwIDAQABAoIBAArj9t0qgOynNFIQ
kSANUfKOwrN2lwkFJ+qIgESO/7TwQbtPMHPpp/uOny2vkKSeaY6jNUTuFHfRyx5q
KE5nSQLILhBVuc+QfpkTllKcGUrglfWSOQQV9ZbvBEK2O1Vgi/7QYJPskQB5X50t
zMWmBgsQ1C0FP1Ibp/snJdWHuHnAK5Jfk4XghRAYNxe4t2PVz5SLlFptLq10hqFR
xJeDf38rl6M8du/K8vsP5maDMTxandTApupgG1ouW2HUd+SIJNxOpc6s3pOccdVf
rg1YxrAPtsE5QHDofX9TNcehAfdkXPJrv7mrHx746b0mTW0A0CQWaoWKJzHlub4C
SgeKt6ECgYEA2YYhiJ3k5r+0fG6G+Rf/FgULseHwJa+cdQwQyShGx1H8XOtW8Ukp
YozSJervoSDLSqRZxlDO4w7mTZSyGi1JXshXn2y13VcpOmBa+WgJ2oOFg2zMlm29
0vxhw5Q2ZY9tylY1y6+nYzBxoRKzqpz5nbbj+dLuskOnSO4mw5uF6WkCgYEAyQwc
FQoh3ts0aB7/iDKdX1rIH2Dvo4fgOdtz7mL1a8A6M0aZGzeJAWDBPaz+yNrkGIz2
kUR82EK1ec+SGljY4838dKDAFZOvl9IphroRc5YLxupAripa57fc/65dpjOusDbW
7izFU7DFTnNdaZjPwwSBrmsIUoJB/f03MIgKSNMCgYEAq7vO68okttyxRPAKFc0R
MjRHmGfVrhsoPeyJsBbhUmnzAPU4TgTB7LFbFF6YU7DNbx+0VPLlc7QGtUdpGWuZ
moA3VYGBT7+JqDH8gR3XcbIWjb0vBLCdhl6FXOC91Y7YUj+f9zC1yYSsoUtfl5qZ
JCAJeupCU3FAOD71UceOgMkCgYEAriWPLapZLHE0M/yl25P8PVylfIi7CyvnTjaJ
dTTC4VLhFwlQFgNE6ayltobjK5hve9Sev7ZTbgBaseja5XeQZ8NFqsCToh0LPLcO
wWTrOPP/v42p+TM3CwB4rgCbnhumdX0LL8QYKSY1wn6rq4xyarq8mhicXNv3zcpI
xAES54ECgYAmvE8BfjK/kQCA+P7rio3bZ4Ar9r7u/MQS+sV5FpwZomDriuCtbEZx
kjND5QfOjMUWwCiWyJCtgoFXSZDxaxTPAWcBQF8WiPe+zFzv/BAB92dWLi+sV8Qv
V9DvVhP+o0S4LPIhrevw7CAQflAPkUy531aohVOQsqUjHz1R2Eco6w==
-----END RSA PRIVATE KEY-----`

const publicKey = JWK.asKey(publicKeyPEM)
const privateKey = JWK.asKey(privateKeyPEM)

const payload = 'decryt me'

const encrpyted = JWE.encrypt(payload, publicKey)

try {
    const decryted = JWE.decrypt(encrpyted, privateKey)
    console.log(decryted)
} catch (err) {
    console.log(err)
}

The public key is what we are passing to a third party to be used to encrypt the token. When I tried consoling the public key type, it comes as secret. But my colleague is adamant that it is a public key.
And thank you very much for answering to my question. This is the first I have worked with the JWE and you responding to my queries have been helpful with the documentation found on https://tools.ietf.org/html/rfc7517

[panva]

That's not a public RSA key in a PEM format mate. Look at the instance you get back from asKey, it's going to be an oct symmetric key, therefore it's using the only available JWE alg to a weird length oct key to encrypt a CEK (PBES2-HS256+A128KW), therefore once passed to decrypt with an actual private key, which doesn't have that algorithm available, it throws.

[yuvigrg]

Yes, you are correct there. I did see that the asKey returns a oct symmetric key. I have previously explained to my colleague and he said it was.

[panva]

https://blog.oddbit.com/post/2011-05-08-converting-openssh-public-keys/

It technically is, but it's neither of the supported public key encodings (pkcs1 or spki)

[yuvigrg]

I did manage to convert it using the library too. You can use the privatekey.toPEM(false) and encrypting with that does work.

[panva]

@yuvigrg
A number of refactors and checks went into the recent releases v1.17.0 and v1.17.1 to avoid or at least better communicate the mistakes you showed in this repo.

[yuvigrg]

@panva legend.

[panva]

No problem, please consider supporting the library if it provides value and the support was of help to you and/or your company/project.