Hello. I have a question, which is not laravel specific. It is about encryption. I have the laravel default functions encrypt and decrypt, which works with the APP_KEY from laravel. Now i have a service, which send me data which is decrypted with JWE (A256CBC-HS512 / RSA1_5). Can I decrypt and encrypt with laravel functions (maybe there is a way with symfony to use these functions and change it a bit) or maybe with vanilla PHP? I ask because, I found some libraries, which seems not to be maintained anymore and I try to avoid using libraries, which are not often downloaded because of security risks. This is what i found:
@pixelairport Not knowing the implementation, it is difficult to comment on what is best for you but in general I'm not sure why you would need to encrypt JWT tokens in your project. Unless you are passing them again or storing them, but typically these tokens are merely validated then allow some functionality in your app. That said, Laravel's encrypt/decrypt should work fine if that is needed.
This is the package I most often reach for when dealing with JWTs. It is battle-tested, has been recently entirely re-written, and I know a few large companies using this at the moment.
Thx @fylzero i will look at the package. We are using a 3rd party tool to legitimize users by ID or via video. After they are legitimized, we got an information about this, but the data is encrypted with jwe. So I have to learn how this works to save some of the data in our database. I will try the package and hope it will work.