Good afternoon.
I have an APEX application that receives a token.
This token has been created in JAVA with the nimbus JOSE library.
It is first signed with the following method:
public static String signer(final String signerKey, final Payload payload) throws JOSEException, ParseException {
JWSObject jwsObject = new JWSObject(new JWSHeader(JWSAlgorithm.HS256), payload);
final OctetSequenceKey keySigner = OctetSequenceKey.parse(signerKey);
JWSSigner jwssigner = new MACSigner(keySigner);
jwsObject.sign(jwssigner);
return jwsObject.serialize();
}
It is subsequently encrypted with the following method:
public static String encrypt(final String PayloadString, final String cypherKey) throws ParseException, JOSEException {
final Payload payload = new Payload(PayloadString);
final JWEObject jweObject = new JWEObject(new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A128CBC_HS256)
.contentType("JWT").compressionAlgorithm(CompressionAlgorithm.DEF).build(), payload);
final OctetSequenceKey keyEncrypter = OctetSequenceKey.parse(cypherKey);
final JWEEncrypter jweEncrypter = new DirectEncrypter(keyEncrypter);
jweObject.encrypt(jweEncrypter);
return jweObject.serialize();
}
I have both the encryption key and the signing key.
My question is whether it would be possible to decrypt said token from PL/SQL.
If possible, could you tell me how it could be done?I've tried to do it with DBMS_CRYPTO but I haven't succeeded.
If it were not possible to do it with PL/SQL code, would it be possible to load the nimbus JOSE JAR file into Oracle to perform the decryption process?
Thank you in advance for your attention and help.
Greetings