Result too verbose after encryption. Am I using the library propertly?

[fcanela]

Hello, @panva. I hope you are well and safe. Thanks for the effort placed on creating this library. I recently found it trying to switch from manually encrypting JWT to the JOSE standard.

I have created an example (using a symmetric key) which I want to share in case it is useful for other users. I would also love to have some feedback to ensure this is the way the library should be consumed.

Some specific questions:

• The small payload ({ foo: 'bar' }) results in a 147 bytes JWT (expected) and 417 bytes after encryption. Am I doing something wrong here? It seems to be a huge overhead just for encryption.
• Which hash/encryption algorithms are supported? I dived in the code and I found some switch cases for public/private key cases but I was unable to find a list of supported values for symmetric cases.

Thanks.

const { JWK, JWT, JWE } = require('jose');

const signKey = JWK.asKey('sign secret');
const encryptKey = JWK.asKey('encrypt secret');

// Token creation
const payload = { foo: 'bar' };
const jwtOptions = { expiresIn: '1 day' };

const jwt = JWT.sign(payload, signKey, jwtOptions);

console.log('jwt', jwt);

const jose = JWE.encrypt(jwt, encryptKey);

console.log('jose', jose);

// Token verification
const decryptedJWT = JWE.decrypt(jose, encryptKey).toString();

console.log('jwt matches', jwt === decryptedJWT);

const jwtPayload = JWT.verify(decryptedJWT, signKey);

console.log('payload', jwtPayload);

The output is this:

$ node index.js
jwt eyJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIiLCJpYXQiOjE1ODYxNjY5OTgsImV4cCI6MTU4NjI1MzM5OH0.9cX2xxHwY8Tz9tZ65e_iXB1DFSP2QfWKv8YPGOqgUJM
jose eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiUEJFUzItSFMyNTYrQTEyOEtXIiwicDJjIjoyMDQ5LCJwMnMiOiJESllvdDJSMG1TRjBTV01WQXVtcHdRIn0.Wda_1wVo54kJHU1fPs3AkWKThWsABCFnnY7OEDU8jZ5IyMlfreif6g.3npfxL8xrqPBV4eglf_GCA.iS7wNY3GRsimpt29k47ZIe5L4GRdzIP12WIBgSUPKUjkaTVzFvoPabVxMlph7669ZXxRI1soIgIQozrw8WfcGTB0JpftNxArtBVvH4wQpwwaubyt_G3THWDG1fwRGr3yJMd_LVm8-BTsYJD42p75Vj0vOeAyaWrxOm4_hnhE1f_Wn7EZwG4X34Bplb_NDQHn.jkhfql2_IjnefjjE4wGzKg
jwt matches true
payload { foo: 'bar', iat: 1586166998, exp: 1586253398 }

[panva]

It seems to be a huge overhead just for encryption.

It isn't once you consider the fact that the JWE token contains the protected header (base64url encoded JSON with used algorithms and key wrapping params), an actual CEK, the used iv, authentication tag and then the ciphertext itself.

Which hash/encryption algorithms are supported? I was unable to find a list of supported values for symmetric cases.

Unable? It's right in the readme. https://github.com/panva/jose#detailed-support-matrix

Am I using the library properly?

I think you'd be better of with a 32 byte secret instead of this random length one. What happens with these "passwords" is that PBES2 is used to derive the key wrapping secret. Please see the supported algorithms, understand what they do and use one appropriate for you. You probably want to use an AES based key wrap.