Add tooling for use with external KMS on JWE decryption/encryption

[joaoccruz]

Problem Statement

The current implementation of Jose does not export any functions to allow use of an externally managed private key on JWE encrypt/decrypt. It is always expected for the application server to have direct access to the private keys, which is not necessarily possible.

Example: Key managed by the AWS KMS, which runs KeyAgreement through a DH function and returns the SharedSecret.

Proposed Solution(s)

Expose the decryptKeyManagement function - Simple

Exporting the decryptKeyManagement function would allow us to derive the CEK directly and decrypt the JWE ciphertext with it. It is not very "idiomatic), in the sense that it seems a bit against the spirit of Jose as a library.

Add decryptFromZ function

This is probably the preferred solution: a new function to derive a jwe explicitly from a shared secret, provided by the developer, through their own means (locally running crypto.diffieHellman or using an external kms).

The main benefit is that it would hide the "dirty" crypto steps behind a black box, exposing only a single decryptFromZ method.

Similar topics

@thod Requested the export named in solution 1 here, but the discussion ended up being closed.

---

Thank you for the consideration. If any further info is needed, I'll be happy to provide it.

[panva]

As evident, I am not interested in exposing internals and making them part of the public API that needs to be maintained and stable.

[joaoccruz]

I understand that, but as it stands, it is impossible to use jose with external KMS providers. If maintaining the internals themselves private, then I would suggest the latter of the two solutions suggested.

A new function which simply takes the Z/sharedSecret and derives the enc key from it would be immensely helpful. Or, even better, does the derivation itself and decrypts using the newly derived key. We have tested this approach internally and it would work with the existing derivation functions.

[panva]

as it stands, it is impossible to use jose with external KMS providers

Yes, it was not developed for that purpose.

Maybe in the future a version of jose where algorithm implementations are passed in to producer/verifier functions will exist but a major API re-design to accomodate such design is not on my radar now.

[joaoccruz]

Alright, thank you for the feedback, we'll keep it in mind. Will close the discussion for now.