Is there support for AES128GCM?

Question

Is there support for AES128GCM?

bilogic opened this issue 6 years ago · comments

Hi,

After much searching, your library was the only standalone one that allowed me to do a webpush successfully to chrome on PHP 5.6, so thank you!

My next step is to add on pushed data. It seems that pushed data needs to be encrypted using AES128GCM. Pardon my question, but I'm unfamiliar with cryptography, is JWE meant to do this?

Thank you!

Kelvin Mo · Answer 1 · Fri Apr 13 2018 18:26:20 GMT+0800 (China Standard Time)

AES128GCM is one of the encryption methods available to encrypt the payload when creating a JWE.

AES128GCM is not supported with simplejwt, as GCM is only supported from PHP 7.1 onwards.

bilogic · Answer 2 · Fri Apr 13 2018 18:29:25 GMT+0800 (China Standard Time)

I see. Does simple jwt support AES128 then?
I think my question is, is JWE the same as what is being referred to as the payload encryption at this link?
https://web-push-book.gauntface.com/chapter-04/02-web-push-protocol/

Thank you.

Kelvin Mo · Answer 3 · Fri Apr 13 2018 18:37:44 GMT+0800 (China Standard Time)

Looking at the spec, there seems to be two parts:

The WebPush Authorization header, which is formatted as a JSON Web Token (JWT). simplejwt can be used to create this
The encryption of the payload itself, which uses a form of AES128 encryption following an exchange of keys between the two machines. This is done using a completely separate format and not JWE. This means you will need to use a separate library for that part.

bilogic · Answer 4 · Fri Apr 13 2018 18:38:57 GMT+0800 (China Standard Time)

Ok, thank you!