diff --git a/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java b/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java
index 558446a44..509c299a0 100644
--- a/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java
+++ b/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java
@@ -16,22 +16,30 @@
  ******************************************************************************/
 package org.mitre.jwt.encryption.service.impl;
 
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.fail;
 
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
+import java.text.ParseException;
 import java.util.Map;
 
 import org.junit.Before;
 import org.junit.Test;
 
 import com.google.common.collect.ImmutableMap;
+import com.nimbusds.jose.EncryptionMethod;
 import com.nimbusds.jose.JOSEException;
 import com.nimbusds.jose.JWEAlgorithm;
+import com.nimbusds.jose.JWEHeader;
 import com.nimbusds.jose.jwk.JWK;
 import com.nimbusds.jose.jwk.OctetSequenceKey;
+import com.nimbusds.jose.jwk.RSAKey;
 import com.nimbusds.jose.jwk.Use;
 import com.nimbusds.jose.util.Base64URL;
+import com.nimbusds.jwt.EncryptedJWT;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
 
 /**
  * @author wkim
@@ -39,11 +47,37 @@ import com.nimbusds.jose.util.Base64URL;
  */
 public class TestDefaultJwtEncryptionAndDecryptionService {
 
-	private String kid = "abc123";
+	private String issuer = "www.example.net";
+	private String subject = "example_user";
 	
-	private JWK jwk = new OctetSequenceKey(new Base64URL("GawgguFyGrWKav7AX4VKUg"), Use.ENCRYPTION, JWEAlgorithm.A128KW, kid);
+	private JWTClaimsSet claimsSet = new JWTClaimsSet();
 	
-	private Map<String, JWK> keys = new ImmutableMap.Builder<String, JWK>().put(kid, jwk).build();
+	// Example keys taken from Mike Jones's draft-ietf-jose-json-web-encryption-14 appendix examples
+	private String RSAkid = "rsa321";
+	private JWK RSAjwk = new RSAKey(new Base64URL("oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW" +
+			"cJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3S" +
+			"psk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2a" +
+			"sbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMS" +
+			"tPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2dj" +
+			"YgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw"), // n
+			new Base64URL("AQAB"), // e
+			new Base64URL("kLdtIj6GbDks_ApCSTYQtelcNttlKiOyPzMrXHeI-yk1F7-kpDxY4-WY5N" +
+			"WV5KntaEeXS1j82E375xxhWMHXyvjYecPT9fpwR_M9gV8n9Hrh2anTpTD9" +
+			"3Dt62ypW3yDsJzBnTnrYu1iwWRgBKrEYY46qAZIrA2xAwnm2X7uGR1hghk" +
+			"qDp0Vqj3kbSCz1XyfCs6_LehBwtxHIyh8Ripy40p24moOAbgxVw3rxT_vl" +
+			"t3UVe4WO3JkJOzlpUf-KTVI2Ptgm-dARxTEtE-id-4OJr0h-K-VFs3VSnd" +
+			"VTIznSxfyrj8ILL6MG_Uv8YAu7VILSB3lOW085-4qE3DzgrTjgyQ"), // d
+			Use.ENCRYPTION, JWEAlgorithm.RSA_OAEP, RSAkid);
+	
+	// AES key wrap not yet tested
+//	private String AESkid = "aes123";
+//	private JWK AESjwk = new OctetSequenceKey(new Base64URL("GawgguFyGrWKav7AX4VKUg"), Use.ENCRYPTION, JWEAlgorithm.A128KW, AESkid);
+//	
+//	private Map<String, JWK> keys = new ImmutableMap.Builder<String, JWK>().
+//			put(RSAkid, RSAjwk).put(AESkid, AESjwk).build();
+	
+	private Map<String, JWK> keys = new ImmutableMap.Builder<String, JWK>().
+			put(RSAkid, RSAjwk).build();
 	
 	private DefaultJwtEncryptionAndDecryptionService service;
 	
@@ -51,11 +85,29 @@ public class TestDefaultJwtEncryptionAndDecryptionService {
 	public void prepare() throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
 		
 		service = new DefaultJwtEncryptionAndDecryptionService(keys);
+		
+		claimsSet.setIssuer(issuer);
+		claimsSet.setSubject(subject);
 	}
 	
 	@Test
-	public void test() {
-		fail("Not yet implemented");
+	public void encryptThenDecrypt_RSA() throws ParseException {
+		
+		service.setDefaultDecryptionKeyId(RSAkid);
+		service.setDefaultEncryptionKeyId(RSAkid);
+		
+		JWEHeader header = new JWEHeader(JWEAlgorithm.RSA_OAEP, EncryptionMethod.A256GCM);
+		
+		EncryptedJWT jwt = new EncryptedJWT(header, claimsSet);
+		
+		service.encryptJwt(jwt);
+		// TODO test intermediate crypto parts?
+		service.decryptJwt(jwt);
+		
+		ReadOnlyJWTClaimsSet resultClaims = jwt.getJWTClaimsSet();
+		
+		assertEquals(claimsSet.getIssuer(), resultClaims.getIssuer());
+		assertEquals(claimsSet.getSubject(), resultClaims.getSubject());
 	}
 
 }