<div dir="ltr"><dl><dt>Is "dir" an allowed alg for Symmetric Encryption? The text below from Core 10.2 kind of suggests it isn't. And doesn't provide a means of getting an appropriately sized key for dir with A192CBC-HS384 or A256CBC-HS512. I don't think this limitation was intended so wanted to raise the question.<br>
</dt><dt><br></dt><dt>Symmetric Encryption</dt><dd>
The symmetric encryption key is derived from the
<tt>client_secret</tt> value by
using a left truncated SHA-256 hash of
the octets of the UTF-8 representation of
the <tt>client_secret</tt>.
The SHA-256 value MUST be left truncated to the appropriate bit length
for the AES key wrapping algorithm used,
for instance, to 128 bits for <tt>A128KW</tt>.
If a key wrapping key with greater than 256 bits is needed, a different method
of deriving the key from the <tt>client_secret</tt>
would have to be defined by an extension.
Symmetric encryption MUST NOT be used by public (non-confidential) Clients
because of their inability to keep secrets.
</dd></dl></div>