RSA-OAEP-256 encryption added to the Nimbus JOSE+JWT library
We would like to announce the release of Nimbus JOSE+JWT 2.26, the popular open source library for JWS signatures, JWE encryption and for processing JSON Web Tokens (JWT) in Java.
RSA-OEAP encryption using SHA-256 and MGF1 with SHA-256
Thanks to Justin Richer, Brian Campbell and other members of the JOSE WG you
can now make use of
RSA-OAEP-256 encryption. The algorithm was added about
a month ago to the latest JWA
The new encryption algorithm can be used like this:
// To encrypt JWEHeader header = new JWEHeader(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A128GCM); Payload payload = new Payload("Hello world!"); JWEObject jweObject = new JWEObject(header, payload); JWEEncrypter encrypter = new RSAEncrypter(publicKey); encrypter.setKeyEncryptionProvider(BouncyCastleProviderSingleton.getInstance()); jweObject.encrypt(encrypter); String jweString = jweObject.serialize(); // To decrypt jweObject = JWEObject.parse(jweString); JWEDecrypter decrypter = new RSADecrypter(privateKey); decrypter.setKeyEncryptionProvider(BouncyCastleProviderSingleton.getInstance()); jweObject.decrypt(decrypter); System.out.println(jweObject.getPayload());
The library comes with numerous examples and excellent JavaDocs to get you started quickly and minimum hassle.
Restored A128CBC+HS256 and A256CBC+HS512 support
We also put back support for the deprecated
encryption algorithms (from JOSE version 08), to enable client applications to
decode JWEs and JWTs encrypted with the old algorithm. Clients of Xbox SSO can
benefit from this until the engineers from Microsoft have everything set up and
ready for a smooth JWT rollover to the new AES/CBC/HMAC encryption algorithm
(introduced in JOSE 09).
You can get the new Nimbus JOSE+JWT library release from Maven Central, please read our download instructions for more info.
Bug reports, suggestions?
Do you have any comments or feedback to share? Please, read our how to contribute guide.