github.com/lestrrat-go/jwx/v2@v2.0.21/jwe/README.md (about) 1 # JWE [](https://pkg.go.dev/github.com/lestrrat-go/jwx/v2/jwe) 2 3 Package jwe implements JWE as described in [RFC7516](https://tools.ietf.org/html/rfc7516) 4 5 * Encrypt and Decrypt arbitrary data 6 * Content compression and decompression 7 * Add arbitrary fields in the JWE header object 8 9 How-to style documentation can be found in the [docs directory](../docs). 10 11 Examples are located in the examples directory ([jwe_example_test.go](../examples/jwe_example_test.go)) 12 13 Supported key encryption algorithm: 14 15 | Algorithm | Supported? | Constant in [jwa](../jwa) | 16 |:-----------------------------------------|:-----------|:-------------------------| 17 | RSA-PKCS1v1.5 | YES | jwa.RSA1_5 | 18 | RSA-OAEP-SHA1 | YES | jwa.RSA_OAEP | 19 | RSA-OAEP-SHA256 | YES | jwa.RSA_OAEP_256 | 20 | AES key wrap (128) | YES | jwa.A128KW | 21 | AES key wrap (192) | YES | jwa.A192KW | 22 | AES key wrap (256) | YES | jwa.A256KW | 23 | Direct encryption | YES (1) | jwa.DIRECT | 24 | ECDH-ES | YES (1) | jwa.ECDH_ES | 25 | ECDH-ES + AES key wrap (128) | YES | jwa.ECDH_ES_A128KW | 26 | ECDH-ES + AES key wrap (192) | YES | jwa.ECDH_ES_A192KW | 27 | ECDH-ES + AES key wrap (256) | YES | jwa.ECDH_ES_A256KW | 28 | AES-GCM key wrap (128) | YES | jwa.A128GCMKW | 29 | AES-GCM key wrap (192) | YES | jwa.A192GCMKW | 30 | AES-GCM key wrap (256) | YES | jwa.A256GCMKW | 31 | PBES2 + HMAC-SHA256 + AES key wrap (128) | YES | jwa.PBES2_HS256_A128KW | 32 | PBES2 + HMAC-SHA384 + AES key wrap (192) | YES | jwa.PBES2_HS384_A192KW | 33 | PBES2 + HMAC-SHA512 + AES key wrap (256) | YES | jwa.PBES2_HS512_A256KW | 34 35 * Note 1: Single-recipient only 36 37 Supported content encryption algorithm: 38 39 | Algorithm | Supported? | Constant in [jwa](../jwa) | 40 |:----------------------------|:-----------|:--------------------------| 41 | AES-CBC + HMAC-SHA256 (128) | YES | jwa.A128CBC_HS256 | 42 | AES-CBC + HMAC-SHA384 (192) | YES | jwa.A192CBC_HS384 | 43 | AES-CBC + HMAC-SHA512 (256) | YES | jwa.A256CBC_HS512 | 44 | AES-GCM (128) | YES | jwa.A128GCM | 45 | AES-GCM (192) | YES | jwa.A192GCM | 46 | AES-GCM (256) | YES | jwa.A256GCM | 47 48 # SYNOPSIS 49 50 ## Encrypt data 51 52 ```go 53 func ExampleEncrypt() { 54 privkey, err := rsa.GenerateKey(rand.Reader, 2048) 55 if err != nil { 56 log.Printf("failed to generate private key: %s", err) 57 return 58 } 59 60 payload := []byte("Lorem Ipsum") 61 62 encrypted, err := jwe.Encrypt(payload, jwe.WithKey(jwa.RSA1_5, &privkey.PublicKey), jwe.WithContentEncryption(jwa.A128CBC_HS256)) 63 if err != nil { 64 log.Printf("failed to encrypt payload: %s", err) 65 return 66 } 67 _ = encrypted 68 // OUTPUT: 69 } 70 ``` 71 72 ## Decrypt data 73 74 ```go 75 func ExampleDecrypt() { 76 privkey, encrypted, err := exampleGenPayload() 77 if err != nil { 78 log.Printf("failed to generate encrypted payload: %s", err) 79 return 80 } 81 82 decrypted, err := jwe.Decrypt(encrypted, jwe.WithKey(jwa.RSA1_5, privkey)) 83 if err != nil { 84 log.Printf("failed to decrypt: %s", err) 85 return 86 } 87 88 if string(decrypted) != "Lorem Ipsum" { 89 log.Printf("WHAT?!") 90 return 91 } 92 // OUTPUT: 93 } 94 ```