[gnutls-help] Supported algorithms for JWE alg

Nicolas Mora nicolas at babelouest.org
Mon Mar 30 00:01:09 CEST 2020


I'm trying to implement a JSON Web Encryption (JWE [1]) library with GnuTLS.
I'm trying to figure out if all the algorithms specified in the JWA RFC
[2] can be implemented using GnuTLS.

So far, I have the following algorithm support list:

- RSA1_5: supported, using gnutls_pubkey_encrypt_data and a RSA public key
- RSA-OAEP, RSA-OAEP-256: not supported
- ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW: I assume it's
supported but I wasn't able to make it work using
gnutls_pubkey_encrypt_data and a ECC public key
- A128KW, A192KW, A192KW, A128GCMKW, A192GCMKW, A256GCMKW,
PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW: supported,
but couldn't find how yet

Are my assumptions correct?

If so, how can I implement ECDH-ES* encryption/decryption?

Thanks in advance!

[1] - https://tools.ietf.org/html/rfc7516
[2] - https://tools.ietf.org/html/rfc7518#section-4.1

More information about the Gnutls-help mailing list