Support JWE with aws-lc

[gilgameshoo]

Hi, I'm working on adding JWE support in jsonwebtoken-aws-lc since this crate only currently supports JWS. Can I contribute my code to this crate? I've implemented JWE decryption with aescbc algorithm and continually added new algorithms. I'm currently focusing on the decryption part because that's what my project needed, but I will add the encryption feature to it later.
Do you guys have any plans to support JWE?

[Keats]

I'm not opposed to it but I would wait on #410 before doing any work

[gilgameshoo]

@Keats Thanks, let me clean up my code and create a PR first. Right now I only cover the dir for CEK and I'm working on adding rsa algorithm.

[gilgameshoo]

@Keats, am I allowed to add more dependencies? I'm merging my jwe validate code to a fork of jsonwebtoken-aws-lc and noticed that it doesn't have the regex crate which I need to use to parse the pem format certificate.

[Keats]

Why do you need the regex crate?

[rimutaka]

If you do any, please make sure it compiles into wasm32.

…

On Tue, 4 Feb 2025, 08:34 Jianan Ou, ***@***.***> wrote: @Keats <https://github.com/Keats>, am I allowed to add more dependencies? I'm merging my jwe validate code to a fork of jsonwebtoken-aws-lc and noticed that it doesn't have the regex crate which I need to use to parse the pem format certificate. — Reply to this email directly, view it on GitHub <#414 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABNGZDDLIZICOAYQBW3YYJ32N7AE3AVCNFSM6AAAAABWBNXXD2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMMZRHA4TOMZYGI> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[gilgameshoo]

@Keats I'm using that crate to create a helper function that converts pem format to der format. Just a general question, the company I'm working for is trying to make this feature available asap, so are you interested in making JWE validate code available without the encryption? I can continue to contribute and maintain that part of the code.

[Keats]

Just a general question, the company I'm working for is trying to make this feature available asap, so are you interested in making JWE validate code available without the encryption? I can continue to contribute and maintain that part of the code.

Since you need jsonwebtoken-aws-lc I wouldn't really bother with a PR for now since #410 needs to be finished before adding aws-lc support

[gilgameshoo]

@rimutaka I don't see any wasm32 related configurations in the jsonwebtoken-aws-lc code base. Do I need to set the wasm32 target and configure it?

[rimutaka]

@gilgameshoo , pls ignore. I misunderstood your request. jsonwebtoken-aws-lc states it doesn't have wasm32 support to begin with.

[gilgameshoo]

@Keats I have a question about the error messages in errors.rs. Many errors don't have any detailed messages, such as InvalidKeyFormat error. Looking into your examples in the main function, you are setting the error message from there. I feel it would be more convenient if I could make those error types accept a String as the error message, do you have any concern if I make that change?

[Keats]

What kind of message do you want to add? I feel like a comment above the enum entry would be enough

[gilgameshoo]

@Keats For example, when checking the jwk, I have the custom error messages for each different parameter, something like this:

Err(new_error(ErrorKind::CustomError(format!(
                            "The JWK {} parameter is required.",
                            key
                        ))))?

I added a new enum in errors.rs called CustomError, it basically accepts any String as the error message returned and printed. I also use it to return key format errors with detailed error messages.