Description
Version(s) affected
4.x
Description
I am trying get JWE tokens working in my Laravel 11 repo. But currently I am unable to get it working due to certain algorithms not being supported.
I have exactly followed the documentation as given in: https://web-token.spomky-labs.com/v4.0/the-components/encrypted-tokens-jwe/jwe-creation
I have installed using composer: web-token/jwt-framework version 4.0.4 and spomky-labs/aes-key-wrap version v7.0.0
The documentation (https://web-token.spomky-labs.com/v4.0/the-components/encrypted-tokens-jwe/encryption-algorithms) tells me to install web-token/jwt-encryption-algorithm-aescbc but this package is deprecated. So I am currently stuck, I feel like I am missing something, but can't seem to find in the documentation, below I have provided my current implementation, which is, once again, copied from the documentation.
I have tried using other encryption methods, such as "aes-128-cbc-hmac-sha256" which is available according to my openssl install, but this doesn't seem to work either.
PHP Versions ETC.
php --version
PHP 8.3.19 (cli) (built: Mar 13 2025 17:44:15) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.19, Copyright (c) Zend Technologies
with Zend OPcache v8.3.19, Copyright (c), by Zend Technologies
with Xdebug v3.4.2, Copyright (c) 2002-2025, by Derick Rethans
composer --version
Composer version 2.8.6 2025-02-25 13:03:50
PHP version 8.3.19 (/usr/bin/php8.3)
Run the "diagnose" command to get more detailed diagnostics output.
How to reproduce
<?php
declare(strict_types=1);
namespace App\Services\JWT;
use Jose\Component\Encryption\Serializer\CompactSerializer;
use Jose\Component\Core\JWK;
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Encryption\Algorithm\KeyEncryption\A256KW;
use Jose\Component\Encryption\Algorithm\ContentEncryption\A256CBCHS512;
use Jose\Component\Encryption\JWEBuilder;
class JWEService
{
public static function generateJWEToken(?array $additionalPayload = null): string
{
// The key encryption algorithm manager with the A256KW algorithm.
$keyEncryptionAlgorithmManager = new AlgorithmManager([
new A256KW(),
]);
// The content encryption algorithm manager with the A256CBC-HS256 algorithm.
$contentEncryptionAlgorithmManager = new AlgorithmManager([
new A256CBCHS512(),
]);
// We instantiate our JWE Builder.
$jweBuilder = new JWEBuilder(
$keyEncryptionAlgorithmManager,
$contentEncryptionAlgorithmManager,
);
$jwk = new JWK([
'kty' => 'oct',
'k' => 'dzI6nbW4OcNF-AtfxGAmuyz7IpHRudBI0WgGjZWgaRJt6prBn3DARXgUR8NVwKhfL43QBIU2Un3AvCGCHRgY4TbEqhOi8-i98xxmCggNjde4oaW6wkJ2NgM3Ss9SOX9zS3lcVzdCMdum-RwVJ301kbin4UtGztuzJBeg5oVN00MGxjC2xWwyI0tgXVs-zJs5WlafCuGfX1HrVkIf5bvpE0MQCSjdJpSeVao6-RSTYDajZf7T88a2eVjeW31mMAg-jzAWfUrii61T_bYPJFOXW8kkRWoa1InLRdG6bKB9wQs9-VdXZP60Q4Yuj_WZ-lO7qV9AEFrUkkjpaDgZT86w2g',
]);
// The payload we want to encrypt. It MUST be a string.
$payload = json_encode([
'iat' => time(),
'nbf' => time(),
'exp' => time() + 3600,
'iss' => 'My service',
'aud' => 'Your application',
]);
$jwe = $jweBuilder
->create() // We want to create a new JWE
->withPayload($payload) // We set the payload
->withSharedProtectedHeader([
'alg' => 'A256KW', // Key Encryption Algorithm
'enc' => 'A256CBC-HS512', // Content Encryption Algorithm
])
->addRecipient($jwk) // We add a recipient (a shared key or public key).
->build(); // We build it
$serializer = new CompactSerializer(); // The serializer
$token = $serializer->serialize($jwe, 0); // We serialize the recipient at index 0 (we only have one recipient).
}
}
// dd(openssl_get_cipher_methods()); Outputs =>
// array:124 [
// 0 => "aes-128-cbc"
// 1 => "aes-128-cbc-cts"
// 2 => "aes-128-cbc-hmac-sha1"
// 3 => "aes-128-cbc-hmac-sha256"
// 4 => "aes-128-ccm"
// 5 => "aes-128-cfb"
// 6 => "aes-128-cfb1"
// 7 => "aes-128-cfb8"
// 8 => "aes-128-ctr"
// 9 => "aes-128-ecb"
// 10 => "aes-128-gcm"
// 11 => "aes-128-ocb"
// 12 => "aes-128-ofb"
// 13 => "aes-128-siv"
// 14 => "aes-128-wrap"
// 15 => "aes-128-wrap-inv"
// 16 => "aes-128-wrap-pad"
// 17 => "aes-128-wrap-pad-inv"
// 18 => "aes-128-xts"
// 19 => "aes-192-cbc"
// 20 => "aes-192-cbc-cts"
// 21 => "aes-192-ccm"
// 22 => "aes-192-cfb"
// 23 => "aes-192-cfb1"
// 24 => "aes-192-cfb8"
// 25 => "aes-192-ctr"
// 26 => "aes-192-ecb"
// 27 => "aes-192-gcm"
// 28 => "aes-192-ocb"
// 29 => "aes-192-ofb"
// 30 => "aes-192-siv"
// 31 => "aes-192-wrap"
// 32 => "aes-192-wrap-inv"
// 33 => "aes-192-wrap-pad"
// 34 => "aes-192-wrap-pad-inv"
// 35 => "aes-256-cbc"
// 36 => "aes-256-cbc-cts"
// 37 => "aes-256-cbc-hmac-sha1"
// 38 => "aes-256-cbc-hmac-sha256"
// 39 => "aes-256-ccm"
// 40 => "aes-256-cfb"
// 41 => "aes-256-cfb1"
// 42 => "aes-256-cfb8"
// 43 => "aes-256-ctr"
// 44 => "aes-256-ecb"
// 45 => "aes-256-gcm"
// 46 => "aes-256-ocb"
// 47 => "aes-256-ofb"
// 48 => "aes-256-siv"
// 49 => "aes-256-wrap"
// 50 => "aes-256-wrap-inv"
// 51 => "aes-256-wrap-pad"
// 52 => "aes-256-wrap-pad-inv"
// 53 => "aes-256-xts"
// 54 => "aria-128-cbc"
// 55 => "aria-128-ccm"
// 56 => "aria-128-cfb"
// 57 => "aria-128-cfb1"
// 58 => "aria-128-cfb8"
// 59 => "aria-128-ctr"
// 60 => "aria-128-ecb"
// 61 => "aria-128-gcm"
// 62 => "aria-128-ofb"
// 63 => "aria-192-cbc"
// 64 => "aria-192-ccm"
// 65 => "aria-192-cfb"
// 66 => "aria-192-cfb1"
// 67 => "aria-192-cfb8"
// 68 => "aria-192-ctr"
// 69 => "aria-192-ecb"
// 70 => "aria-192-gcm"
// 71 => "aria-192-ofb"
// 72 => "aria-256-cbc"
// 73 => "aria-256-ccm"
// 74 => "aria-256-cfb"
// 75 => "aria-256-cfb1"
// 76 => "aria-256-cfb8"
// 77 => "aria-256-ctr"
// 78 => "aria-256-ecb"
// 79 => "aria-256-gcm"
// 80 => "aria-256-ofb"
// 81 => "camellia-128-cbc"
// 82 => "camellia-128-cbc-cts"
// 83 => "camellia-128-cfb"
// 84 => "camellia-128-cfb1"
// 85 => "camellia-128-cfb8"
// 86 => "camellia-128-ctr"
// 87 => "camellia-128-ecb"
// 88 => "camellia-128-ofb"
// 89 => "camellia-192-cbc"
// 90 => "camellia-192-cbc-cts"
// 91 => "camellia-192-cfb"
// 92 => "camellia-192-cfb1"
// 93 => "camellia-192-cfb8"
// 94 => "camellia-192-ctr"
// 95 => "camellia-192-ecb"
// 96 => "camellia-192-ofb"
// 97 => "camellia-256-cbc"
// 98 => "camellia-256-cbc-cts"
// 99 => "camellia-256-cfb"
// 100 => "camellia-256-cfb1"
// 101 => "camellia-256-cfb8"
// 102 => "camellia-256-ctr"
// 103 => "camellia-256-ecb"
// 104 => "camellia-256-ofb"
// 105 => "chacha20"
// 106 => "chacha20-poly1305"
// 107 => "des-ede-cbc"
// 108 => "des-ede-cfb"
// 109 => "des-ede-ecb"
// 110 => "des-ede-ofb"
// 111 => "des-ede3-cbc"
// 112 => "des-ede3-cfb"
// 113 => "des-ede3-cfb1"
// 114 => "des-ede3-cfb8"
// 115 => "des-ede3-ecb"
// 116 => "des-ede3-ofb"
// 117 => "des3-wrap"
// 118 => "null"
// 119 => "sm4-cbc"
// 120 => "sm4-cfb"
// 121 => "sm4-ctr"
// 122 => "sm4-ecb"
// 123 => "sm4-ofb"
// ]Possible Solution
No response
Additional Context
No response