JSON Web Encryption (JWE) with XChaCha20 / Poly 1305 (XC20P) authenticated content encryption
XChaCha20 / Poly 1305 is a content encryption method that was recently specified for use in JSON Web Encryption (JWE) and given the JWE "enc" XC20P identifier.
Example JWE header for direct symmetric encryption with XC20P:
{
"alg" : "dir",
"enc" : "XC20P"
}
With 256 bit encryption it is intended to provide an alternative to the
existing AES-based algorithms for JWE, A256CBC-HS512
and A256GCM
. Because it
allows for efficient implementation in software, applications on constrained
devices that lack dedicated CPU instructions for AES may achieve performance
and power saving advantages by switching to XC20P.
The new encryption method can be used with any of the supported JWE algorithms,
such as RSA-OAEP-256
, ECDH-ES+A128KW
, ECDH-1PU
or dir
. Just create a new
JWEEncrypter
for the desired family of JWE alg
s and set the JWE enc
header parameter to
XC20P
.
Example encryption with RSA-OAEP-256
and XC20P
:
import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.*;
// Compose the JWE secured object to encrypt
JWEObject jweObject = new JWEObject(
new JWEHeader(
JWEAlgorithm.RSA_OAEP_256,
EncryptionMethod.XC20P
),
new Payload("Hello, world!")
);
// Create a JWE encrypter for some public RSA key as
// java.security.interfaces.RSAPublicKey or
// com.nimbusds.jose.jwk.RSAKey
JWEEncrypter encrypter = new RSAEncrypter(publicKey);
// Perform the encryption
jweObject.encrypt(encrypter);
// Serialise the JWE to compact form
String jweString = jweObject.serialize();
Note, in order to use XC20P content encryption your application must import the optional Google Tink dependency:
<dependency>
<groupId>com.google.crypto.tink</groupId>
<artifactId>tink</artifactId>
<version>[ version ]</version>
</dependency>
Support for XC20P was introduced in Nimbus JOSE+JWT version 9.13.