@Override
public JWECryptoParts encrypt(final JWEHeader header, final byte[] clearText)
throws JOSEException {
final JWEAlgorithm alg = header.getAlgorithm();
final EncryptionMethod enc = header.getEncryptionMethod();
final byte[] salt = new byte[saltLength];
getJCAContext().getSecureRandom().nextBytes(salt);
final byte[] formattedSalt = PBKDF2.formatSalt(alg, salt);
final PRFParams prfParams = PRFParams.resolve(alg, getJCAContext().getMACProvider());
final SecretKey psKey = PBKDF2.deriveKey(getPassword(), formattedSalt, iterationCount, prfParams);
final JWEHeader updatedHeader = new JWEHeader.Builder(header).
pbes2Salt(Base64URL.encode(salt)).
pbes2Count(iterationCount).
build();
final SecretKey cek = ContentCryptoProvider.generateCEK(enc, getJCAContext().getSecureRandom());
final Base64URL encryptedKey = Base64URL.encode(AESKW.wrapCEK(cek, psKey, getJCAContext().getKeyEncryptionProvider()));
return ContentCryptoProvider.encrypt(updatedHeader, clearText, cek, encryptedKey, getJCAContext());
}