jose4j, decrypt JWE with symmetric key

Question

I'm trying to reproduce a decoding of a JWE starting from jwt.io as an example and translating into code by using library jose4j

From site jwt.io I have the following:

HEADER:

{
   "alg": "HS256"
}

PAYLOAD:

{
    "sub": "1234567890",
    "name": "John Doe",
    "iat": 1516239022
}

VERIFY SIGNATURE:

HMACSHA256(
    base64UrlEncode(header) + "." +
    base64UrlEncode(payload),
    Fdh9u8rINxfivbrianbbVT1u232VQBZYKx1HGAGPt2I
) 

the secret base64 is not encoded.

Now I try to reproduce the situation with jose4j and then having as a result the same value on the encoded field, which is:

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.jOJ7G4oijaDk9Tr4ntAXczd6PlI4oVvBU0_5cf7oaz4

Then:

    Key key = new HmacKey("Fdh9u8rINxfivbrianbbVT1u232VQBZYKx1HGAGPt2I".getBytes(StandardCharsets.UTF_8));  
    JsonWebEncryption jwe = new JsonWebEncryption();
    String payload = Json.createObjectBuilder()
            .add("sub", "1234567890")
            .add("name", "John Doe")
            .add("iat", "1516239022")
            .build()
            .toString();
    jwe.setPayload(payload);
    jwe.setHeader("alg", "HS256");
    jwe.setKey(key);
    String serializedJwe = jwe.getCompactSerialization();
    System.out.println("Serialized Encrypted JWE: " + serializedJwe);

However I get this error:

org.jose4j.lang.InvalidAlgorithmException: HS256 is an unknown, unsupported or unavailable alg algorithm (not one of [RSA1_5, RSA-OAEP, RSA-OAEP-256, dir, A128KW, A192KW, A256KW, ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW, A128GCMKW, A192GCMKW, A256GCMKW]).

Answer 1

HS256 is a JWS algorithm so you'd need to use JsonWebSignature rather than JsonWebEncryption to accomplish what it looks like you're trying to do.