jose_utils v0.1.0 JOSEUtils.JWE View Source
Convenience function to work with encrypted JWTs
Link to this section Summary
Types
Serialized JWE encrypted token
Functions
Decrypts a JWE encrypted token and returns the decryption key
Returns the JOSE algorithm name from a %JOSE.JWE{}
structure
Returns the JOSE encryption algorithm name from a %JOSE.JWE{}
structure
Link to this section Types
Serialized JWE encrypted token
For instance:
"eyJhbGciOiJBMTI4R0NNS1ciLCJlbmMiOiJBMTI4R0NNIiwiaXYiOiJzODNFNjhPNjhsWlM5ZVprIiwidGFnIjoieF9Ea2M5dm1LMk5RQV8tU2hvTkFRdyJ9.8B2qX8fVEa-s61RsZXqkCg.J7yJ8sKLbUlzyor6.FRs.BhBwImTv9B14NwVuxmfU6A"
Link to this section Functions
Link to this function
decrypt(jwe, jwk, allowed_algs, allowed_encs)
View Sourcedecrypt( jwe :: serialized(), jwk_or_jwks :: JOSEUtils.JWK.t() | [JOSEUtils.JWK.t()], allowed_algs :: [JOSEUtils.JWA.enc_alg()], allowed_encs :: [JOSEUtils.JWA.enc_enc()] ) :: {:ok, {decrypted_message :: binary(), JOSEUtils.JWK.t()}} | :error
Decrypts a JWE encrypted token and returns the decryption key
It filters the keys to select only those suitable for decryption, using
JOSEUtils.JWKS.decryption_keys/3
. If the JWE has an identifier ("kid"
), it only uses
that specific key.
Example
iex> jwk_oct256 = JOSE.JWK.from_oct(<<0::256>>)
iex> jwk_oct256_map = JOSE.JWK.from_oct(<<0::256>>) |> JOSE.JWK.to_map() |> elem(1)
iex> encrypted_a256gcmkw = JOSE.JWE.block_encrypt(jwk_oct256, "{}", %{ "alg" => "A256GCMKW", "enc" => "A256GCM" }) |> JOSE.JWE.compact |> elem(1)
iex> JOSEUtils.JWE.decrypt(encrypted_a256gcmkw, jwk_oct256_map, ["A256KW"], ["A256GCM"])
:error
iex> JOSEUtils.JWE.decrypt(encrypted_a256gcmkw, jwk_oct256_map, ["A256KW", "A256GCMKW"], ["A256GCM"])
{:ok,
{"{}", %{"k" => "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", "kty" => "oct"}}}
Link to this function
jose_alg(jwe)
View Sourcejose_alg(%JOSE.JWE{alg: term(), enc: term(), fields: term(), zip: term()}) :: JOSEUtils.JWA.enc_alg()
Returns the JOSE algorithm name from a %JOSE.JWE{}
structure
iex> jwk_oct128 = JOSE.JWK.from_oct(<<0::128>>)
iex> encrypted_a128gcmkw = JOSE.JWE.block_encrypt(jwk_oct128, "{}", %{ "alg" => "A128GCMKW", "enc" => "A128GCM" }) |> JOSE.JWE.compact |> elem(1)
iex> JOSE.JWE.block_decrypt(jwk_oct128, encrypted_a128gcmkw) |> elem(1) |> JOSEUtils.JWE.jose_alg()
"A128GCMKW"
Link to this function
jose_enc(jwe)
View Sourcejose_enc(%JOSE.JWE{alg: term(), enc: term(), fields: term(), zip: term()}) :: JOSEUtils.JWA.enc_enc()
Returns the JOSE encryption algorithm name from a %JOSE.JWE{}
structure