Java (Android): Diffie-Hellman key exchange process according to JWA (RFC 7518)

Question

I need to use ECDH key exchange process in order to encrypt/decrypt messages between the client and the server.
I use jose4j library for cryptographic functionality.

I have the local key pair (private dC and public QC), I have the remote public key QT and I have transactionID and referenceNumber.

Now, I need to generate a content encryption key (CEK) from all these details and use it for decrypting messages received from server and for encrypting messages sent to server.

I can't find how it should be done.

The spec:

Diffie-Hellman key exchange process according to JWA (RFC 7518) in Direct Key Agreement mode using curve P-256, dC and QT to produce a pair of CEKs (one for each direction), which are identified to the transactionID. In order to obtain 256 bits of keying material from the included Concat KDF function assume an "enc" parameter of ECDH-ES+A256KW and assume the algorithmID to be null for the KDF (Note this is using RFC 7518 only for key derivation). The parameter values supported in this version of the specification are:

"alg": ECDH-ES

"apv": referenceNumber

"epk": QТ

{"kty":"EC" "crv":"P-256"}

All other parameters: not present

CEK: "kty": oct-256 bits extracted as:

CEK(a->s): 256 bits

CEK(s->a): 256 bits

Thank you!

Were you able to achieve this? Doing similar thing – Sarthak Jun 28 '23 at 11:51 — Sarthak, Jun 28 '23 at 11:51

Java (Android): Diffie-Hellman key exchange process according to JWA (RFC 7518)

0 Answers0