Skip to content

Key Agreement

Key Agreement is, much like Key Wrapping, a method to pass the CEK in the token using a Key-Encryption Key (KEK). Unlike Key Wrapping, which requires exchanging a symmetric KEK between the producer and the recipient, Key Agreement uses a mathematical property of Elliptic Curves to generate a shared secret, which can be used as a KEK.

How it works

Given Derive a method that computes a secret Z from a private key and a public key. The 2 equations:

Zprod = Derive(ProducerPrivateKey, RecipientPublicKey)

and

Zrec = Derive(RecipientPrivateKey, ProducerPublicKey)

Will both yield the same result, meaning:

Zprod = Zrec

Using this property, both party can exchange their (non-critical) public keys, and compute a secret only known to themselves, without ever exposing private information.

go
package main

import (
	"crypto/ecdh"
	"github.com/a-novel-kit/jwt/jwe/jwek"
)

func main() {
	// Private key used by the recipient. The public
	// version of this key MUST have been shared to
	// the producer, ahead of the token creation.
	var recipientPrivateKey *ecdh.PrivateKey

	keyDecoder := jwek.NewECDHKeyAgrDecoder(
		&jwek.ECDHKeyAgrDecoderConfig{RecipientKey: recipientPrivateKey},
		jwek.ECDHESA128CBC,
	)
}

Available presets:

PresetTarget "enc"
jwek.ECDHESA128CBCA128CBC
jwek.ECDHESA192CBCA192CBC
jwek.ECDHESA256CBCA256CBC
jwek.ECDHESA128GCMA128GCM
jwek.ECDHESA192GCMA192GCM
jwek.ECDHESA256GCMA256GCM