Hi. This typo

• @param string $addtional additional authenticated data as a binary string

is triggering a warning:

User Deprecated: The "SimpleJWT\Crypt\AESCBC_HMACSHA2::encryptAndSign()" method will require a new "string $addtional" argument in the next major version of its interface "SimpleJWT\Crypt\EncryptionAlgorithm", not defining it is deprecated.

I'm using PHP 7.2.11 together with OpenSSL 1.1.1. This makes openssl_get_md_methods return everything as lowercase strings. Therefore no supported algs will be detected.

  0 => 'blake2b512',
  1 => 'blake2s256',
  2 => 'md4',
  3 => 'md5',
  4 => 'md5-sha1',
  5 => 'mdc2',
  6 => 'ripemd160',
  7 => 'sha1',
  8 => 'sha224',
  9 => 'sha256',
  10 => 'sha3-224',
  11 => 'sha3-256',
  12 => 'sha3-384',
  13 => 'sha3-512',
  14 => 'sha384',
  15 => 'sha512',
  16 => 'sha512-224',
  17 => 'sha512-256',
  18 => 'shake128',
  19 => 'shake256',
  20 => 'sm3',
  21 => 'whirlpool',
)

Hello Kelvinmo,

I want to generate a JWT, with ES256 algorithm with private key, and client_id in header, may you please let me know how to change below code , I have given you javascript code which is working.

var private_key = 'MIGHAgEAMBMGByqGfdfdfffffdfdfffG0wawIBAQQg11u3eXyPlKWlTpCnpaq+LfVzsXTlL3WT04KHIvDsHk6hRANCAASOQ4PjYOOzjxXt'
private_key = "-----BEGIN PRIVATE KEY-----\n" + private_key + "\n-----END PRIVATE KEY-----"

var header = {
kid: 'fcb746c8ffdf761566516580c2'
}

var payload = {
iss: '8f33f095d36bfdgfgfgd1ed9742808ca',
sub: '8f33f095d3fdgdgfd11ed9742808ca',
aud: 'https://example.talkdeskid.com/oauth/token',
jti: uuid(),
exp: Math.floor(Date.now() / 1000) + 300,
iat: Math.floor(Date.now() / 1000)
}
token = jwt.sign(payload, private_key, {header: header, algorithm: 'ES256'});

// Note
$headers['alg'] is required
$headers = ['alg' => 'ES256', 'typ' => 'JWT'];
$claims = ['iss' => 'me', 'exp' => 1234567];
$jwt = new SimpleJWT\JWT($headers, $claims);

In PHP 7.3, json_decode() supports the JSON_THROW_ON_ERROR flag that throws a JsonException if an error is encountered during JSON decoding. This can be used instead of detecting false.

Description

I'm trying to import an RSA key generated with openssl genrsa -out private_key.pem 2048.

I'm using the following syntax :

$key = new SimpleJWT\Keys\RSAKey(file_get_contents('keys/dipli_privkey.pem'), 'pem');

When I add it to a KeySet I get a lot of warnings, like Undefined array key "e".

In the RSAKey code that, when the Key is read in format pem :

• a search is done for BEGIN PUBLIC KEY,
• if it fails an other one for BEGIN RSA PRIVATE KEY,
• and if it fails the error is not reported and the class is created whitout the required fields.

Steps to reproduce

1. Private key generation

openssl genrsa -out private_key.pem 2048

2. Load the RSAKey and put it in a KeySet

require_once 'vendor/autoload.php';

$set = new SimpleJWT\Keys\KeySet();

$key = new SimpleJWT\Keys\RSAKey(file_get_contents('private_key.pem'), 'pem');
$set->add($key, true);

Expected behaviour

The key is loaded or an exception is thrown.

Environment

• Version v0.8.0
• Server OS: Windows 10

Backtrace

Fatal error: Uncaught RuntimeException: Undefined array key "e" in C:\Applications\Projets\firebase-jwt\firebase-jwt\simplejwt_basic.php on line 3

Are you sure that JWE::__construct parameter $plainttext is array?

 * @param array $plaintext the plaintext to encrypt

It is triggering phpstan errors.

SimpleJWT/JWT.php
line-259 $kid and $keys
use of uninitialized value

Hi,

After much searching, your library was the only standalone one that allowed me to do a webpush successfully to chrome on PHP 5.6, so thank you!

My next step is to add on pushed data. It seems that pushed data needs to be encrypted using AES128GCM. Pardon my question, but I'm unfamiliar with cryptography, is JWE meant to do this?

Thank you!

Description

With ECDH-ES+A256KW produce exception "Key not found or is invalid " .

Steps to reproduce

<?php


include './vendor/autoload.php';

$set = new SimpleJWT\Keys\KeySet();
$key = '{"kty": "EC",
"d": "3DCgwJeF_IRdhF1B8JYRZOm4Frt_XrknFotgE_RcVj_z053yhHF4zhM6W-z7dd2X","use": "enc","crv": "P-384",
"x": "q4yHCxdvXDA6PODaM9IkpjCUh9gRgpkIN_gV1i5HzJUOHCkC4HMrFiIduZZsVdQf",
"y": "fFrsS5ZIlf0CKAnxRXhnbSHcGTByVxULEPyN_9jKOlb85wZv4VoIEtIBxeHYkLCe","alg": "ECDH-ES+A256KW"}';
// JWK format
$key = new SimpleJWT\Keys\ECKey($key, 'json', null, 'ECDH-ES+A256KW');
$set->add($key);
$token = 'eyJhbGciOiJFQ0RILUVTK0EyNTZLVyIsImVuYyI6IkEyNTZHQ00iLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiVDFIazlQell6SUY5NW9ESDJENTFZXzJGVUZuZ3RKZWxpbW11UTZJbHlyVWhuVGlfYlk1ZFplY0lPNExQRmp1byIsInkiOiJlLVBQbTNEQjB0N2F1RUNCV0Q0MkZxMlVDeXNuQ0NjQUxDUy1NWHMwclV3U0pLQmFMWTcwb1lzcWprMnJQVjROIiwiY3J2IjoiUC0zODQifX0.6vW-S_7om9iHMYc2JzkwijQV4msn55YRrDYQ2EMs3-bg3Y7I0dBrDA.CQ45omsfTgrZlrJd.58LMMeqXOogn6i6JI5VbrFucwI_hStOGNXgOqXsExNARXlYPSHweSXXGS_nYaa90srl9a5HTbn1YJEtduB0YKekULRXK1la5uOiHnw5tuRJUqXVTA-_l_Nv7PZWzPZOua2quUGMw5c8y55c8qImO02gw_tbopnqwROUHR-eeBMiRwEkpBDl8AlSOQsLd-6MZ3kqaLuGyhw0rQ9DPZlucB1DB0rF2WYEwnz72I1aB2XLmrVuIRkTbVRRxMp9Qt8BLP8Uay-8Qr3HvMfQDftKydtAKiQLXHTMLoo5H8s69i-1baFynJjH4nNpnujJGONkBSQg9RmWf-5CdiZnQC1g4hSvL5p6RM0sGXR4jORlzd-TNSmZeOe1mvEHifCmeyCQ1T0NNBrtsSUeT6lckEFjyvjKau6eZxoa3nyzpzMooNw8u-e-s9uctYmdVmYm75PWqkzencTnccTtmZjuBdehplM0SLbGYrxoxIoBBoozrACeIQITHi73DB1kSQdbfOfb_nuo26PEaIgvsncj-he0v.y3mcOAn4nXDleSobp2eQYg';

$res = SimpleJWT\JWE::decrypt($token,$set,'ECDH-ES+A256KW');
echo $res->getPlaintext();

Expected behaviour

Expected {"refreshToken":"0607a317-044c-49dc-83ea-89bbf7766c03","authToken":"c8945473-6217-4ec7-a543-09371ee156e3","deviceId":"ffaa1991-273d-4f45-a4c2-6bfbf682db24","serverPublic":{"kty":"EC","crv":"P-384","x":"qL6f_m1pa35_UHnZFQ-4MzuSPzbQJiPmzJqbwQC4KdxnPuSe2uGpwiBMmVzr6NyZ","y":"LI_AYpAWP3DZTXHgWApUOZJHmpFJ4zhpQx8YWNueEiyQVPeP58DCjmD7LtxSrmGv"},"tokenExpirationDateTime":"2023-08-12 11:49:45.0350 +0000"}

Environment

• Version 0.7.0
• Server OS: Windows, Centos
• PHP: 8.2

Additional information

Works only with changes in JWE::decrypt

        $key_enc = AlgorithmFactory::create($headers['alg']);

        /** @var \SimpleJWT\Crypt\Encryption\EncryptionAlgorithm $content_enc */
        $content_enc = AlgorithmFactory::create($headers['enc']);


        if (false and $key_enc instanceof KeyDerivationAlgorithm) {

I encountered the problem in the specific case of using JWT::decode here I give \SimpleJWT\Keys\KeySet, but the docblock requires \SimpleJWT\SimpleJWT\Keys\KeySet.

The docblock itself shows SimpleJWT\Keys\KeySet, because of the missing \ it adds the own namespace SimpleJWT to it. There are two options to fix it.

1. Adding the missing \ to the docblock
2. Removing SimpleJWT\ from it

I can provide a pull request if I get permissions to push to the repository.

Thanks in advance! And thanks for this library, saved me a lot of time already!

Hi,
I am using the example the readme.
For some reason when I want to verify my sign token and getting the following error:

SimpleJWT\InvalidTokenException: Key not found or is invalid in SimpleJWT\JWT::decode()

$set = new SimpleJWT\Keys\KeySet();
  $key_private = new SimpleJWT\Keys\RSAKey(file_get_contents([part to the private key]/key.pem', true), 'pem');
$set->add($key_private);
$headers = array('alg' => 'RS256', 'typ' => 'JWT');
$claims = array("iss" => "joe", "exp" => 1300819380, "http://example.com/is_root" => true); //for example
$jwt_hc= new SimpleJWT\JWT($headers, $claims);
$jwt = $jwt_hc->encode($set);
$jwt_decode = SimpleJWT\JWT::decode($jwt, $set, 'RS256');

Please I need help.

Hi, I am getting this error when I use the package with Laravel 10:
Call to undefined method SimpleJWT\Crypt\RSAES::getSigningKey()

This is my code:

        $key_pem = base64_decode($serverTransportKey); // $serverTransportKey = public key enconde in base 64
        $set = new KeySet();
        $key = new RSAKey($key_pem, 'pem');
        $set->add($key);

        $headers = [
            'alg' => 'RSA-OAEP-256',
            'enc' => 'A256GCM',
        ];
        $jwt = new JWT($headers, $card); // $card is an array with data

        try {
            return $jwt->encode($set);
        } catch (Exception $e) {
            print_r('Exception Message: '. $e->getMessage());
            print_r('Exception Code: '. $e->getCode());
            print_r('Exception String: '. $e->__toString());

            return false;
        }

Currently SimpleJWT ignores any stored key_ops parameter when selecting keys from a KeySet. This should be respected, particularly for operations which are not included in the key_ops parameter.

Description

ExceptionError occurred during use of SimpleJWT library.

Steps to reproduce

// By adding a key manually
$set = new SimpleJWT\Keys\KeySet();

// PEM format - note raw key only, no X.509 certificates
try {
$key = new SimpleJWT\Keys\RSAKey(file_get_contents(storage_path('************************')),'pem');
$set->add($key);

$headers = ['alg' => 'RSA-OAEP-256', 'enc' => 'A256GCM'];
$plaintext = 'This is the plaintext I want to encrypt.';
$jwt = new JWE($headers, $plaintext);
print $jwt->encrypt($set);

} catch (RuntimeException $err) {
print $err;
}

Expected behaviour

We are desired to payload data using RSAKey encryption (algorithm - RSA-OAEP-256). During this process we are using the method "By adding a key manually".

Environment

• Version [Laravel 10]
• Server OS: [e.g. Ubuntu 20.04.6]
• PHP: [8.1]
• Packages: [
  "php": "^8.1",
  "barryvdh/laravel-dompdf": "^2.0",
  "carlos-meneses/laravel-mpdf": "^2.1",
  "dompdf/dompdf": "^2.0",
  "guzzlehttp/guzzle": "^7.2",
  "laravel/framework": "^10.10",
  "laravel/sanctum": "^3.2",
  "laravel/tinker": "^2.8",
  "laravel/ui": "^4.2",
  "maatwebsite/excel": "^3.1",
  "milon/barcode": "^10.0",
  "nwidart/laravel-modules": "^10.0",
  "spatie/laravel-permission": "^5.10",
  "spomky-labs/jose": "*"
  ]

Hi,

Yesterday I completed a JWE integration and noted that there is an error in simplejwt/src/SimpleJWT/JWE.php:134

$agreed_key = $key_enc->deriveKey($keys, $headers, $kid);

The variable $kid is not defined in this scope, it doesn't get defined untill line number 149, causing either an error or a notice, depending on the system. Default in Laravel it will throw a nasty error.

I had to remove , $kid in order to get it working with the following code:

$set = new KeySet();
$key = new SymmetricKey('HIDDEN_KEY', 'bin');
$set->add($key);

$token = $_GET['orderKey'];

try {
       $jwe = JWE::decrypt($token, $set, 'dir');
       $data = $jwe->getPlaintext();
       $data = json_decode($data);

       print_r($data);
} catch (InvalidTokenException $e) {
       print_r($e);
}

This issue seems similar to #13 , however a little bit different.

Hi!, i have a encript<->decrypt JWE problem, when i try to decrypt tell me "Key not found or is invalid".

public function encodePin($pin){
$stripe=json_decode(file_get_contents('url'));
$set = new SimpleJWT\Keys\KeySet();
$key=new SimpleJWT\Keys\RSAKey(json_encode($stripe->jwk), 'json');
$key->setKeyId($stripe->key_id);
$set->add($key);
$headers = ['alg' => 'RSA-OAEP', 'enc' => 'A128CBC-HS256'];
$jwt = new SimpleJWT\JWE($headers, $pin);
try {
return $jwt->encrypt($set);
} catch (Exception $e) {
return ['status'=>'ko','error'=>$e->getMessage()];
}
}
The url gets me a json similar:
{
"key_id": "xxxxxx",
"pkcs8": "xxxxxxx",
"jwk": {
"kty": "RSA",
"kid": "xxxx",
"use": "enc",
"n": "xxxx",
"e": "AQAB"
}
}

When i try to decode return me "Key not found or is invalid".
public function decodePin($token){
$stripe=json_decode(file_get_contents('url'));
$set = new SimpleJWT\Keys\KeySet();
$key=new SimpleJWT\Keys\RSAKey(json_encode($stripe->jwk), 'json');
$key->setKeyId($stripe->key_id);
$set->add($key);
try {
$jwt = SimpleJWT\JWE::decrypt($token, $set, 'RSA-OAEP');
printr($jwt);
printr ($jwt->getHeader('alg'));
printr ($jwt->getPlaintext());
} catch (\RuntimeException $e) {
printr ($e->getMessage());
}
}
Thanks for help.

Hi. Could you please do something like:

        $detect_result = Helper::detect($token);
        if (!$detect_result) {
            throw new \InvalidArgumentException('Incorrect format');
        }
        $format = $detect_result['format'];

to prevent triggering "undefined index"?

When decoding an invalid COMPACT_FORMAT token, the syntax to throw an exception is incorrect

Hi,
Thanks for this simple library. I have a similar problem. Getting "SimpleJWT\InvalidTokenException: Key not found or is invalid in SimpleJWT\JWE::decrypt() ". My code is as below and I am trying to decrypt the token from the other party.

$set = new \SimpleJWT\Keys\KeySet();
$key = new \SimpleJWT\Keys\RSAKey((array) $private_key, 'php');
$set->add($key);
$jwt = \SimpleJWT\JWE::decrypt($response_data['id_token'], $set, 'RSA-OAEP'); // Key not found or is invalid

My Private key format is as below:
{
"kty": "RSA",
"d": "xxx",
"e": "AQAB",
"n": "yyyy"
}

Originally posted by @makarandchavan in #13 (comment)

Unable to install the package on a "laravel/framework": "^6.2" app. Getting the following error when trying to install with composer.

Problem 1
- Installation request for kelvinmo/simplejwt ^0.4.0 -> satisfiable by kelvinmo/simplejwt[v0.4.0].
- Conclusion: remove symfony/console v4.4.10
- Conclusion: don't install symfony/console v4.4.10
- kelvinmo/simplejwt v0.4.0 requires symfony/console ~2.8 -> satisfiable by symfony/console[2.8.x-dev, v2.8.0, v2.8.0-BETA1, v2.8.1, v2.8.10, v2.8.11, v2.8.12, v2.8.13, v2.8.14, v2.8.15, v2.8.16, v2.8.17, v2.8.18, v2.8.19, v2.8.2, v2.8.20, v2.8.21, v2.8.22, v2.8.23, v2.8.24, v2.8.25, v2.8.26, v2.8.27, v2.8.28, v2.8.29, v2.8.3, v2.8.30, v2.8.31, v2.8.32, v2.8.33, v2.8.34, v2.8.35, v2.8.36, v2.8.37, v2.8.38, v2.8.39, v2.8.4, v2.8.40, v2.8.41, v2.8.42, v2.8.43, v2.8.44, v2.8.45, v2.8.46, v2.8.47, v2.8.48, v2.8.49, v2.8.5, v2.8.50, v2.8.52, v2.8.6, v2.8.7, v2.8.8, v2.8.9].

This package is required with the googleapis/google-auth-library-php package.

When using Prime 256 key the length of x and y should both be 32 byte.
but when dump key object, i got 31 and 33 byte of x and y.

Sample dump is here
object(SimpleJWT\Keys\ECKey)#1 (1) {
["data":protected]=>
array(6) {
["kty"]=>
string(2) "EC"
["crv"]=>
string(5) "P-256"
["d"]=>
string(43) "MCLUMijLCR8uuVrjgZxaMWtHnElEPhewa1vLEouThZc"
["x"]=>
string(42) "7ctn9jXL_oYnSE_jwiDyI3mxEy4s2CxbIYB_i5tmSg"
["y"]=>
string(44) "zuUFbsHCKVZhZ13IZMluI0lDXhzQkNy7MO-cYK7sWdiK"
["kid"]=>
string(6) "example"
}
}

Can't update to Laravel 11 because it requires symfony 7

This line leads to an error while converting the RSA keys to JSON Web Key Sets within my SimpleID installation:

PHP Warning: include(/var/www/simpleid/www/vendor/kelvinmo/simplejwt/bin/../vendor/autoload.php): failed to open stream: No such file or directory in /var/www/simpleid/www/vendor/kelvinmo/simplejwt/bin/jwkstool.php on line 36

Description

ECDH does not work in PHP 8.1

Steps to reproduce

Run phpunit under PHP 8.1

Backtrace

1) ECDH_AESKeyWrapTest::testECDHES_A128KW
Undefined array key "crv"

/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/Key.php:287
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/Key.php:91
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/ECKey.php:189
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH.php:190
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH.php:149
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH_AESKeyWrap.php:75
/home/runner/work/simplejwt/simplejwt/tests/ECDH_AESKeyWrapTest.php:58

2) ECDH_AESKeyWrapTest::testECDHES_A192KW
Undefined array key "crv"

/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/Key.php:287
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/Key.php:91
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/ECKey.php:189
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH.php:190
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH.php:149
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH_AESKeyWrap.php:75
/home/runner/work/simplejwt/simplejwt/tests/ECDH_AESKeyWrapTest.php:77

3) ECDH_AESKeyWrapTest::testECDHES_A256KW
Undefined array key "crv"

/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/Key.php:287
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/Key.php:91
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Keys/ECKey.php:189
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH.php:190
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH.php:149
/home/runner/work/simplejwt/simplejwt/src/SimpleJWT/Crypt/ECDH_AESKeyWrap.php:75
/home/runner/work/simplejwt/simplejwt/tests/ECDH_AESKeyWrapTest.php:95

Additional information

This is occurring because in PHP 8.1, openssl exports EC keys in PKCS#8 format instead of RFC 5915 format, and ECKey does not recognise the new format

Description

On PHP 8.3 composer install version 0.3 because of requirement: "php": "^8.0"

Expected behaviour

I am not aware of something what should not work on 8.3, so maybe requirement should be "php": "^8".

Hello,

First of all, thanks for this JWT library, it looks like to be the easiest one to use that also supports encryption.

I think i'm a bit confused as to how to create a JWE from a JWS though. I keep getting a Key not found or is invalid error when decrypting the JWE. Here's how i'm trying to do it :

<?php

    $keys = \SimpleJWT\Keys\KeySet::createFromSecret('secret123');
    $headers_jwt = ['alg' => 'HS512', 'typ' => 'JWT'];
    $claims = [
        'iss' => 'me',
        'iat' => time(),
        'exp' => time() + (24 * 60 * 60),
    ];
    $jwt = new \SimpleJWT\JWT($headers_jwt, $claims);
    $encoded = $jwt->encode($keys);

    $headers_jwe = ['alg' => 'PBES2-HS512+A256KW', 'enc' => 'A256CBC-HS512'];
    $jwe = new \SimpleJWT\JWE($headers_jwe, $encoded);
    $encrypted = $jwe->encrypt($keys);

    $decrypted = $jwe->decrypt($encrypted, $keys, 'PBES2-HS512+A256KW'); // Key not found or is invalid

    $decoded = $jwt->decode($decrypted->getPlaintext(), $keys, 'HS512');

Am i missing something regarding keys usage ?

After update 0.2.2, I am no longer able to decode PEM keys correctly.

I get the following error:
Key not found or is invalid

My unittests uses the same set of test keys always and while they work in version 0.2.1, they do not work in 0.2.2

keys.zip

Hi,

There seems to be a small error in the readme where you are referencing to decrypt a JWE:
$jwt = SimpleJWT\JWT::decrypt('abc.def.ghi.klm.nop', $set, 'PBES2-HS256+A128KW');

JWT::decrypt() is not a method, it should be:
JWE::decrypt()

Thank you :)

Hi. I am new to this. I am having trouble running these errors on all files " Uncaught Error: Class 'PHPUnit\Framework\TestCase' ". I tried changing the class extends into "PHPUnit\Framework\TestCase" , I already installed phpunit. but still, this happen.

This library does not support PHP 8.0 according to composer.json. With my limited testing, the library worked as expected on PHP 8.0 so this may just be as simple as adding ^8.0 to composer.json

i want to decrypt a JWE of this kind:
{"alg":"RSA-OAEP","enc":"A128GCM"}

i get the new Crypt/AESGCM.php file by installing the master branch with
"kelvinmo/simplejwt": "dev-master"

decryption failed with this exception:
Authentication tag does not match

turns out openssl_decrypt with OPENSSL_RAW_DATA needs binary ciphertext.

changing the line
openssl_decrypt($ciphertext, $params['cipher'], $cek, OPENSSL_RAW_DATA, $iv, $tag, $additional);

to
openssl_decrypt(Util::base64url_decode($ciphertext), $params['cipher'], $cek, OPENSSL_RAW_DATA, $iv, $tag, $additional);

works!

kelvinmo/simplejwt v0.4.0 requires symfony/console ~2.8 but it is too much old

symfony/yaml conflicts symfony/console <4.4

Description

Hi, I successfully encrypted a token using JWE. But upon decryption I get the following error:

Cannot decrypt key: error:0909006C:PEM routines:get_name:no start line
error:04099079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error
error:04065072:rsa routines:rsa_ossl_private_decrypt:padding check failed

Steps to reproduce

1. Encrypt a plaintext using the following headers.
   $headers = ['alg' => 'RSA-OAEP', 'enc' => 'A128CBC-HS256'];
   and using the receiver's public key.

2. Decrypt the output of step 1 using the receiver's private key using the JWE::decrypt function with expected algo set to 'RSA-OAEP'

Environment

• Version 0.6.2
• PHP: 7.2

Add support for Elliptic Curve Diffie-Hellman Ephemeral Static algorithm, including with AES Key Wrap:

• ECDH-ES
• ECDH-ES+A128KW
• ECDH-ES+A192KW
• ECDH-ES+A256KW