Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Raising error always when trying to decrypt compact JWE

See original GitHub issue

What happened?

While using Python backend to encrypt a string to get compact JWE string and then trying to decrypt it with jose it’s raising error.

Full traceback -

C:\Users\Priyam\Documents\test\node_modules\jose\dist\node\cjs\lib\check_key_type.js:9
        throw new TypeError((0, invalid_key_input_js_1.default)(key, ...is_key_like_js_1.types, 'Uint8Array'));
              ^

TypeError: Key must be one of type KeyObject, CryptoKey, or Uint8Array.
    at symmetricTypeCheck (C:\Users\Priyam\Documents\test\node_modules\jose\dist\node\cjs\lib\check_key_type.js:9:15)
    at checkKeyType (C:\Users\Priyam\Documents\test\node_modules\jose\dist\node\cjs\lib\check_key_type.js:41:9)
    at decryptKeyManagement (C:\Users\Priyam\Documents\test\node_modules\jose\dist\node\cjs\lib\decrypt_key_management.js:15:37)
    at flattenedDecrypt (C:\Users\Priyam\Documents\test\node_modules\jose\dist\node\cjs\jwe\flattened\decrypt.js:101:61)
    at compactDecrypt (C:\Users\Priyam\Documents\test\node_modules\jose\dist\node\cjs\jwe\compact\decrypt.js:18:63)
    at Object.<anonymous> (C:\Users\Priyam\Documents\test\index.js:4:40)
    at Module._compile (node:internal/modules/cjs/loader:1101:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)

Python code -

>>> from jose import jwe
>>> jwe.encrypt('Hello, World!', 'asecret128bitkey', algorithm='dir', encryption='A128GCM')
'eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4R0NNIn0..McILMB3dYsNJSuhcDzQshA.OfX9H_mcUpHDeRM4IA.CcnTWqaqxNsjT4eCaUABSg'

Doc ref - >>> from jose import jwe

jwe.encrypt(‘Hello, World!’, ‘asecret128bitkey’, algorithm=‘dir’, encryption=‘A128GCM’) ‘eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4R0NNIn0…McILMB3dYsNJSuhcDzQshA.OfX9H_mcUpHDeRM4IA.CcnTWqaqxNsjT4eCaUABSg’

Version

4.1.4

Runtime

Node.js

Runtime Details

Node - 16.13.10

Code to reproduce

const { compactDecrypt } = require('jose')
const decoder = new TextDecoder()
const jwe = 'eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4R0NNIn0..McILMB3dYsNJSuhcDzQshA.OfX9H_mcUpHDeRM4IA.CcnTWqaqxNsjT4eCaUABSg'
const { plaintext, protectedHeader } = compactDecrypt(jwe, 'asecret128bitkey')

console.log(protectedHeader)
console.log(decoder.decode(plaintext))

  • I have searched the issues tracker and discussions for similar topics and couldn’t find anything related.
  • I agree to follow this project’s Code of Conduct

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:7 (5 by maintainers)

github_iconTop GitHub Comments

1reaction
panvacommented, Nov 9, 2021

You’re also missing the fact that compactDecrypt returns a Promise. In the examples it gets awaited because the examples are ESM where top level await is available.

1reaction
panvacommented, Nov 9, 2021

Of course it stucks, because the IV is of invalid length. The produced JWE is invalid.

Mf_ay7o5AbhoPIzUBHAf0Q is 128 bits encoded as base64url. As per the spec it is required to be 96 bits.

The python library is not producing conform tokens.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Why do I get an error decrypting JWE between Java and Go
Go: square/go-jose: error in cryptographic primitive. Java: AES/GCM/NoPadding decryption failed: mac check in GCM failed.
Read more >
Does AES specify error messages when using the wrong ...
It doesn't specify the unpadding method nor the possible error conditions. Decryption of a complete block of data with a symmetric block cipher ......
Read more >
SecKeyCreateWithData Returns 'Nil' with Error
We are trying to create a 'SecKey' from a '.der' file. But 'SecKeyCreateWithData' always throw 'Nil ' with Error. Steps Followed:: First we...
Read more >
Decrypt Error | Ubiquiti Community
Hi guys,. I read a lot of staff here about Decrypt Error but nothing seems to help. I have plenty of AP all...
Read more >
Challenge 27: Recover the key from CBC with IV=Key - GitLab
How do we get AES_decrypt(C1, K) ? By submitting (0, C1) for decryption, where 0 represents a block of ciphertext containing only zeros....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Node.js API used in jose/dist/browser/runtime/env.js on line 6

Next page

ReferenceError: TextEncoder is not defined