Key Agreement with Key Wrapping

February 5, 2025Less than 1 minuterecipientencryptionkey sharing

Key Agreement with Key Wrapping

Using the exact same principle as Key Agreement, Key Agreement with Key Wrapping uses a dual private/public key pair to generate a shared secret. The only difference is the result of this derivation will be used as the Key-Encryption Key (KEK) for a Key Wrapping operation.

package main

import (
	"crypto/ecdh"
	"github.com/a-novel-kit/jwt/jwe/jwek"
)

func main() {
	// Private key used by the recipient. The public
	// version of this key MUST have been shared to
	// the producer, ahead of the token creation.
	var recipientPrivateKey *ecdh.PrivateKey

	keyDecoder := jwek.NewECDHKeyAgrKWDecoder(
		&jwek.ECDHKeyAgrKWDecoderConfig{RecipientKey: recipientPrivateKey},
		jwek.ECDHESA128KW,
	)
}

Available presets:

Preset	Target "alg"
`jwek.ECDHESA128KW`	ECDH-ES+A128KW
`jwek.ECDHESA192KW`	ECDH-ES+A192KW
`jwek.ECDHESA256KW`	ECDH-ES+A256KW