Wrong AES key length using Crypt::JWT

Question

I'm attempting to generate a JWE with (5 parts) using Crypt::JWT. It's my first foray into perl.

Following the example from the documentation:

use Crypt::JWT qw(encode_jwt);

my $claims = {
  iss => 'some issuer',
  cd => 'some cd'
}

my $jws_token = encode_jwt(payload=>$claims, alg=>'HS256', key=>'secret');

my $jwe_token = encode_jwt(payload=>$jws_token, alg=>'dir', enc=>'A256GCM', key=>'secret');

I get the error:

JWE: wrong AES key length 32 vs 3

Other attempt using sha256 on the key first:

use Crypt::JWT qw(encode_jwt);
use Digest::SHA qw(sha256_hex);

my $key = sha256_hex('secret');

my $claims = {
  iss => 'some issuer',
  cd => 'some cd'
}

my $jws_token = encode_jwt(payload=>$claims, alg=>'HS256', key=>$key);

my $jwe_token = encode_jwt(payload=>$jws_token, alg=>'dir', enc=>'A256GCM', key=>$key);

Which gives a similar error:

JWE: wrong AES key length 32 vs 64

Any pointers would be appreciated?

P.S: I don't have control over the choice of enc and alg as I'm trying to match the output of a different module

With `enc=>'A256GCM'` the key needs to be 32 bytes, see https://funcool.github.io/buddy-sign/latest/01-jwt.html — Håkon Hægland, Jan 17 '22 at 22:01
See also https://metacpan.org/pod/Crypt::JWT#key1 which specifies the key length for each — Timothy Legge, Jan 18 '22 at 01:45
Thank you for the clarification. I misunderstood what's required. It works after generating a sha256 key. — user88659, Jan 18 '22 at 13:47

Wrong AES key length using Crypt::JWT

0 Answers0