Can't decrypt data when compressed

[sweipert96]

Hi,
a colleague of mine and I are working on a flutter project. The application is supposed to retrieve JWE encrypted Data and decrypt it to display the data. We successfully got the encrypted data and now want to use this library to decrypt it.
To do this, we followed this example:

main() async {
  var encoded = "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0."
      "UGhIOguC7IuEvf_NPVaXsGMoLOmwvc1GyqlIKOK1nN94nHPoltGRhWhw7Zx0-kFm"
      "1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7Pc"
      "HALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIF"
      "NPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8"
      "rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv"
      "-B3oWh2TbqmScqXMR4gp_A."
      "AxY8DCtDaGlsbGljb3RoZQ."
      "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY."
      "9hH0vgRfYgPnAHOd8stkvw";

  // create a JsonWebEncryption from the encoded string
  var jwe = JsonWebEncryption.fromCompactSerialization(encoded);

  // create a JsonWebKey for decrypting the signature
  var jwk = new JsonWebKey.fromJson(
    {
      "kty": "RSA",
      "n": "sXchDaQebHnPiGvyDOAT4saGEUetSyo9MKLOoWFsueri23bOdgWp4Dy1Wl"
          "UzewbgBHod5pcM9H95GQRV3JDXboIRROSBigeC5yjU1hGzHHyXss8UDpre"
          "cbAYxknTcQkhslANGRUZmdTOQ5qTRsLAt6BTYuyvVRdhS8exSZEy_c4gs_"
          "7svlJJQ4H9_NxsiIoLwAEk7-Q3UXERGYw_75IDrGA84-lA_-Ct4eTlXHBI"
          "Y2EaV7t7LjJaynVJCpkv4LKjTTAumiGUIuQhrNhZLuF_RJLqHpM2kgWFLU"
          "7-VTdL1VbC2tejvcI2BlMkEpk1BzBZI0KQB0GaDWFLN-aEAw3vRw",
      "e": "AQAB",
      "d": "VFCWOqXr8nvZNyaaJLXdnNPXZKRaWCjkU5Q2egQQpTBMwhprMzWzpR8Sxq"
          "1OPThh_J6MUD8Z35wky9b8eEO0pwNS8xlh1lOFRRBoNqDIKVOku0aZb-ry"
          "nq8cxjDTLZQ6Fz7jSjR1Klop-YKaUHc9GsEofQqYruPhzSA-QgajZGPbE_"
          "0ZaVDJHfyd7UUBUKunFMScbflYAAOYJqVIVwaYR5zWEEceUjNnTNo_CVSj"
          "-VvXLO5VZfCUAVLgW4dpf1SrtZjSt34YLsRarSb127reG_DUwg9Ch-Kyvj"
          "T1SkHgUWRVGcyly7uvVGRSDwsXypdrNinPA4jlhoNdizK2zF2CWQ",
      "p": "9gY2w6I6S6L0juEKsbeDAwpd9WMfgqFoeA9vEyEUuk4kLwBKcoe1x4HG68"
          "ik918hdDSE9vDQSccA3xXHOAFOPJ8R9EeIAbTi1VwBYnbTp87X-xcPWlEP"
          "krdoUKW60tgs1aNd_Nnc9LEVVPMS390zbFxt8TN_biaBgelNgbC95sM",
      "q": "uKlCKvKv_ZJMVcdIs5vVSU_6cPtYI1ljWytExV_skstvRSNi9r66jdd9-y"
          "BhVfuG4shsp2j7rGnIio901RBeHo6TPKWVVykPu1iYhQXw1jIABfw-MVsN"
          "-3bQ76WLdt2SDxsHs7q7zPyUyHXmps7ycZ5c72wGkUwNOjYelmkiNS0",
      "dp": "w0kZbV63cVRvVX6yk3C8cMxo2qCM4Y8nsq1lmMSYhG4EcL6FWbX5h9yuv"
          "ngs4iLEFk6eALoUS4vIWEwcL4txw9LsWH_zKI-hwoReoP77cOdSL4AVcra"
          "Hawlkpyd2TWjE5evgbhWtOxnZee3cXJBkAi64Ik6jZxbvk-RR3pEhnCs",
      "dq": "o_8V14SezckO6CNLKs_btPdFiO9_kC1DsuUTd2LAfIIVeMZ7jn1Gus_Ff"
          "7B7IVx3p5KuBGOVF8L-qifLb6nQnLysgHDh132NDioZkhH7mI7hPG-PYE_"
          "odApKdnqECHWw0J-F0JWnUd6D2B_1TvF9mXA2Qx-iGYn8OVV1Bsmp6qU",
      "qi": "eNho5yRBEBxhGBtQRww9QirZsB66TrfFReG_CcteI1aCneT0ELGhYlRlC"
          "tUkTRclIfuEPmNsNDPbLoLqqCVznFbvdB7x-Tl-m0l_eFTj2KiqwGqE9PZ"
          "B9nNTwMVvH3VRRSLWACvPnSiwP8N5Usy-WRXS-V7TbpxIhvepTfE0NNo"
    },
  );
  var keyStore = new JsonWebKeyStore()..addKey(jwk);

  // decrypt the payload
  var payload = await jwe.getPayload(keyStore);
  print("decrypted content: ${payload.stringContent}");
}

We tried this with our key and this encrypted data:

eyJ6aXAiOiJERUYiLCJraWQiOiIxWVdtMmV1YzJ6NDF4MlJHZ0xJaTcxNXRCYVpnZnpxUHdWWlRIVTl2X2tzIiwiY3R5IjoiYXBwbGljYXRpb24vanNvbiIsImVuYyI6IkEyNTZHQ00iLCJhbGciOiJSU0EtT0FFUC0yNTYifQ.WpORIc8dFa_Gc0v7Xlawfvutnsdx1c1mrsujw5vnX1A_6AXHTtYpprW3VtBxgmf5RwMSceYmuANbQgafYNE34HlmgugjqnmsifusYpP4PgvSBa3gLjZIvYfgRGQPYjWQ33-Jzbf_ghZM5i9tWx2n2HiQs4DWMv8-yvGFklsJkW8O6-gl6YN1gIjLFw0F_FphaLRvFMcOOVClLAIbZNYwSVttsIlCeS_sczPWEv0LzvpiV0sZM4S5jaMaq9geZKVcUzRCzfQ1exhJFCe2EGwdWRbLALRUiYJarTkN_hB7d6VELm5N6HY5FTtws0I3zXOoWS84MJclcQlCpBp4eb2NTZ4oeOAjI3vlLr5wFovcADJn023jT-A4GDSUwOh50fxWckpSATSUmIsQvrrBpvIIwjY1DBiEIlplr0PyAwtRZKQRnJOog1h1CLE4nw-3T36B2kPJrvDRdHSmQYvD8KE_SEN8ZVxVRTiQYRC_KDJXVcon2wMtaI8PXBmH_LCyDUbCjYNa5fuS5qGjTFiOPqe69Wbi5gfeIQh4HRzUsRWXAEl-1p19kB8QHHAP_1ogUNgHXAWhu1row9JOSJ4UdCTl_Sa1l1SHFJ6ImAKgSs82arzHzCyCfQ3dwv1cR-pV4WMJKAcM2sndk6r-uSS1C2HC1zGzEpTgwjKhZGjQgX--kWk.oCC6IdT0fBNOIvyv.wrHND4DWuvuGsE-Gcow9EgAqTIc70jbJPtLo25kYExBABzQu2msLbLIkFCSseXFDi2meRFqSryuN9f5LC0Bu4jnt8vtb2DX1-IykoZrN3rGs3gsUYNXq3PInTBGz-0MOZXz42nWvCh9_Fh3v46pWyTnP3BsffC8dbwUK1PCGJsI5tCdCXzTceHRI9Lh9TKk6_tYjKKkw7Xxkohk_LJ-fHV3JfOmgWD1wituQo_-7gb3ohSgPZ2ziyg1_7EO-4vMhxbLEVpxPUhXiVQD7TGWMWenkmACKwL8ZFlUOsCC1YqK7ri5_yLrGfb7kmsgY2dL_OAFL_Cs8Z6BoYXRutY-wrbNkmfewbypDJz2OLsG1VAHOjjs_E5wXC2xmmnShU-OlomdSozqrpSI-ljPqmR8ZXzX_s2l2wXgxPSEk9YM6g7EPOG-HWFYhfPw7Ib-MLmWcRyo8FVdjxWjI2Y4hz0xxTY53uxXq1EsnNiOhkxy1iT4ut9OIb2rJwwxDto1Cqq1XOR4npwPYSGDofue90IeYKNL0BYoyJUGh51H4NBbTWBqyFE8l7gjyV4c39ZktOC4G_GqKsdk_Dy3Khei6BMq0ArtCwr3WFzdtgMinbSSERWqWB1o-ZQhHnxA988qYdsYbi6ClRgE7o_bif6yPLgqmciM6ZmU.u22RaFEEie3ny2zo60eQaA

We expected that the result would be this String:

{"contentStructure":{"data":{"hash":{"type":"sha512","content":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"},"submissionSchema":{"schemaUri":"REDACTED","mimeType":"application/xml"}},"attachments":[{"hash":{"type":"sha512","content":"f3b3ab3e6351e25b5c1882bea8d37efaddc0ea72bf153bb067688f775a26810d32b54f014bf1cebc7fe93042d85b18b5b453e322d154bc55d5cc2754b0dfb4b2"},"purpose":"attachment","filename":"dummy.pdf","mimeType":"application/pdf","attachmentId":"1bfc337c-99c8-4ccd-b492-d867aa17c4bb"}]},"publicServiceType":{"name":"","description":"","identifier":"urn:de:fim:leika:leistung:99108002006000"},"additionalReferenceInfo":{"senderReference":"5STeH1shdkHV2Gvtn0BXwA"}}

But we got this error:

Syncing files to device Linux...
[ERROR:flutter/runtime/dart_vm_initializer.cc(41)] Unhandled Exception: FormatException: Unexpected extension byte (at offset 0)
#0      _Utf8Decoder.convertSingle (dart:convert-patch/convert_patch.dart:1747:7)
#1      Utf8Decoder.convert (dart:convert/utf.dart:351:42)
#2      Utf8Codec.decode (dart:convert/utf.dart:63:20)
#3      JosePayload.stringContent (package:jose/src/jose.dart:312:44)
#4      FitConnectApiConnection.decryptJwe (package:fit_connect_dev_client/fit_connect_api.dart:157:29)
<asynchronous suspension>
#5      FitConnectApiConnection.getSubmissionDetails (package:fit_connect_dev_client/fit_connect_api.dart:110:32)
<asynchronous suspension>
#6      FitConnectApiConnection.getSubmissions (package:fit_connect_dev_client/fit_connect_api.dart:82:41)
<asynchronous suspension>
#7      InboxPage.build.<anonymous closure> (package:fit_connect_dev_client/main.dart:120:58)
<asynchronous suspension>

Application finished.

We tried to decrypt the data with the same key in Java and it got us the right result, so we don't think the key or payload is invalid.

But we looked at the encrypted data anyway. We decoded the encrypted data and successfully got the header:

{
  "zip": "DEF",
  "kid": "1YWm2euc2z41x2RGgLIi715tBaZgfzqPwVZTHU9v_ks",
  "cty": "application/json",
  "enc": "A256GCM",
  "alg": "RSA-OAEP-256"
}

And that showed us, that the data was compressed. With your example, no compression algorithm was applied and it worked. So now our theory is, that the compression leads to this error.

Do you know how we should handle the compressed data with this library? Or is it not possible to encrypt compressed data with it?

Thanks for your response and help!

Best regards,
S.