I am trying to sign and encrypt my payload. When the other party tries to decrypt my data it returns “AES/GCM/NoPadding decryption failed: Tag mismatch!” error. Can you anyone help me to figure out the problem? Thanks in advance
I am using https://web-token.spomky-labs.com/ JWT framework 3.3 version
My Code:
public static function encryptPayload($payload)
{
$payload = json_encode($payload);
$selfPrivateKey = self::getSelfPrivateKey();
$publicKey = self::getPublicKey();
// ----- Build JWS Object ----- Begin -----
// Init JWS algorithm
$jwsAlgorithmManager = new AlgorithmManager([new RS256()]);
// Build JWS object and sign the message by merchant's private key
$jwsBuilder = new JWSBuilder($jwsAlgorithmManager);
$jws = $jwsBuilder
->create()
->withPayload($payload)
->addSignature($selfPrivateKey, [
'alg' => 'RS256',
'kid' => 0002,
])
->build();
$jwsSerializer = new JwsCompactSerializer();
$jwsString = $jwsSerializer->serialize($jws, 0);
// ----- Build JWS Object ----- END -----
// ----- Build JWE Object ----- Begin -----
// Init JWE algorithm
$jweKeyEncryptionAlgorithmManager = new AlgorithmManager([
new RSAOAEP256(),
]);
// Init JWE encryption algorithm
$jweContentEncryptionAlgorithmManager = new AlgorithmManager([
new A128GCM(),
]);
$compressionMethodManager = new CompressionMethodManager([
new Deflate(),
]);
// Build JWE object and encrypt the message by public key
$jweBuilder = new JWEBuilder(
$jweKeyEncryptionAlgorithmManager,
$jweContentEncryptionAlgorithmManager,
$compressionMethodManager
);
$jwe = $jweBuilder
->create()
->withPayload($jwsString)
->withSharedProtectedHeader([
'alg' => 'RSA-OAEP-256',
'enc' => 'A128GCM',
'kid' => '0005',
])
->addRecipient($publicKey)
->build();
$jweSerializer = new JweCompactSerializer();
$jweString = $jweSerializer->serialize($jwe, 0);
// ----- Build JWE Object ----- END -----
// $this->logger->info("Encrypted String: $jweString");
return $jweString;
}