SYMKey handling difference to jwkest #189
Description
Hi,
I'm currently looking to port some old code using jwkest to this newer library.
Consider these two example pieces:
from jwkest.jwk import SYMKey
from jwkest.jwe import JWE
key = "this-is-the-secret-key"
cyphered_token = "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiQTEyOEtXIn0.H5jWzzXQISSh_QPCO5mWhT0EI9RRV45xA7vbWoxeBIjiCL3qwAmlzg.bBWVKwGTkta5y99c.ArycfFtrlmWgyZ4lwXw_JiSVmkn9YF6Xwlh8nVDku0BLW8kvaxNy3XRbbb17MtZ7mg.pDkpgDwffCyCy4sYNQI6zA"
sym_key = SYMKey(key=key, alg="A128KW")
token = JWE().decrypt(cyphered_token, keys=[sym_key])
print(token)from cryptojwt.jwk.hmac import SYMKey
from cryptojwt.jwe.jwe import JWE
key = "this-is-the-secret-key"
cyphered_token = "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiQTEyOEtXIn0.H5jWzzXQISSh_QPCO5mWhT0EI9RRV45xA7vbWoxeBIjiCL3qwAmlzg.bBWVKwGTkta5y99c.ArycfFtrlmWgyZ4lwXw_JiSVmkn9YF6Xwlh8nVDku0BLW8kvaxNy3XRbbb17MtZ7mg.pDkpgDwffCyCy4sYNQI6zA"
sym_key = SYMKey(key=key, alg="A128KW")
token = JWE().decrypt(cyphered_token, keys=[sym_key])
print(token)In the latter case, an exception is thrown because key does not represent a valid AES key length-wise.
This is because the old library did an extra derivation step on the key, while the new one simply accesses key.key directly.
Is this intended behavior?
If so, the whole existence of the encryption_key() func in the new library is a bit fishy, because it's only used in the appropriate_for() function and nowhere else.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels