Questions tagged [jwe]

JSON Web Encryption (JWE; RFC 7516) represents encrypted content using JSON-based data structures.

JSON Web Encryption (JWE) [RFC7516] represents encrypted content using JSON- based data structures [RFC7159]. The JWE cryptographic mechanisms encrypt and provide integrity protection for an arbitrary sequence of octets.

Two closely related serializations for JWEs are defined. The JWE Compact Serialization is a compact, URL-safe representation intended for space constrained environments such as HTTP Authorization headers and URI query parameters. The JWE JSON Serialization represents JWEs as JSON objects and enables the same content to be encrypted to multiple parties. Both share the same cryptographic underpinnings.

Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) [JWA] specification and IANA registries defined by that specification. Related digital signature and MAC capabilities are described in the separate JSON Web Signature (JWS) [JWS] specification.

Names defined by this specification are short because a core goal is for the resulting representations to be compact.

156 questions

votes

1 answer

JWE Decryption does not work for me with jose jwt

I am using Jose-Jwt license on C# and I have the following code: private string DecodeJWT(string token) { string privateKeyPath = ConfigurationManager.AppSettings["PrivateKey"]; var privateRSA =…

c# encryption jwe

asked Nov 19 '19 at 06:26

Leo Lu

votes

0 answers

Ruby JWE with A256GCMKW Algorithm and Encryption with A256GCM

I have encrypt the Plain text in JWE using alg:"A256GCMKW", enc:"A256GCM" and channelSecurityContext:"SHARED_SECRET". I am using Jose Gem for this. I have generated a payload which I can decrypt but other party unable to decrypt. They are using…

ruby jwe jose

asked Sep 23 '19 at 21:30

Usman Arshad

votes

0 answers

How to implement RSA Encryption with OAEP-256 padding in iOS 8 onwards?

I'm trying to implement Json Web Encryption aka JWE by JOSE standards. I have tried encryption with CommonCrypto lib available in iOS but it doesn't support OAEP-256 padding. I can't use iOS Security framework since it's classes like…

ios objective-c encryption jwe jose

asked Jul 11 '19 at 10:16

iphondroid

votes

1 answer

Use JOSE JWE for encryption of big files

I need to encrypt some bigger files < 1GB in a secure and efficient way. Is it a good idea to use JOSE JWE libraries for that purpose? Is there any other option you can recommend? Thanks, Simon

encryption jwt encryption-symmetric jwe jose

asked Apr 24 '19 at 13:10

Simon

votes

1 answer

How to generate Content Encryption Key for JWE implementation

I am trying to learn and implement JWE in java for a problem statement. I am trying to understand how does the Content Encryption Key is generated using a certain algorithm(let's say RSA-PKCS1_1.5). I have knowledge on how to generate a pair of the…

encryption jwe jceks

asked Mar 26 '19 at 05:34

developer_beginning

votes

0 answers

Encryption and Decryption with node-jose in Node.JS

I am trying to JSON with JWE using node-jose in Node.js. Following are the steps i am doing. I have Java key store through which I have exported Certificate for Encryption and Private for Decryption. For Encryption var publicKEY =…

javascript node.js encryption jwe jose

asked Mar 15 '19 at 08:12

user1162546

votes

1 answer

How to create JWK with node-jose from AES key represented as hex binary

I'm reading a node-jose documentation which explains how to import a JWK key. What I cant understand is how could I import and existing AES key from hexBinary format to create a JWK.Key instance? For example, this is my AES key represented as…

node.js security jwt jwe

asked Jan 17 '19 at 10:57

dplesa

1,355
6
23
56

votes

0 answers

Unable to create JWE with node-jose and A256GCM algorithm

I'm trying to use node-jose to create a JWE. I don't know why I am unable to create a JWE token with A256GCM algorithm. I have a code that works, but as soon as I uncomment the algorithm specification line alg: 'A256GCM', it stops working. How could…

node.js security jwt jwe

asked Jan 13 '19 at 23:05

dplesa

1,355
6
23
56

votes

1 answer

Pros and cons of JWE Key Management Modes

I've been searching a lot but nothing hit the spot, they are questions about JWE key management. Scenario: Server wants to send sensitive data to client, and it chooses to encrypt the data with a symmetric algorithm by a symmetric key, i.e, Content…

security encryption encryption-asymmetric key-management jwe

asked Aug 11 '18 at 03:32

adada

votes

0 answers

JWE Decryption methodology

I have JWE encrypted request and response from a mobile application and co-incidently i do have access to private keys stored in mobile app itself. Since i have no devlopement background of nodejs. Can someone tell me detailed steps to decrypt the…

jwe

asked Jun 21 '18 at 08:48

tejas Joshi

votes

1 answer

JWE and PHPseclib without composer

I need to use jwe in my code. I found a couple of jwe libraries (here and here) that also requires phpseclib to be installed. However, we are not allowed to install composer in our area of work. How do i reference the jwe and phpseclib libraries…

php jwt phpseclib autoloader jwe

asked Apr 24 '18 at 04:37

Spiral1ng

votes

1 answer

JWT encryption is normal?

I'm starting with the JWT, and I did a decryption test of my token on base64 and I actually decrypt it, except for the Signature part that I don't decipher it, my question is: is the JWT token normal to decrypt it? and if it's normal how I can…

web oauth jwe

asked Mar 08 '18 at 21:32

Luis Gonzalez

votes

1 answer

How can I append data to an encrypted JWT token (JWE)?

I have the following scenario: an Angular 4 web app that consumes a Node.js REST API, which uses a company wide REST authentication service. This REST authentication services returns a JWE token which I can decrypt using node-jose library, then my…

node.js angular jwt jwe

asked Oct 30 '17 at 12:27

juliano.net

7,982
13
70
164

votes

0 answers

How to protect my self against replay + MiTM

Let's picture the following scenario: Bob talks Alice using HTTP/HTTPS Bob want Alice to send him some data ex: /rest/getAllItems. + some token auth Eve intercept the packet and send it to Alice without even knowing what it contains Alice verify…

rest security token jwt jwe

asked Apr 11 '17 at 08:33

salutent

votes

0 answers

What can be the flaws/cons of using custom encryption into a JWS? (EDIT: is a JWS a valid MAC?)

so I am working on a software that will have to eventually communicate with one or more servers. I am experimenting on implementing Json Web Tokens for specific parts of this communication (basically not for authentification, they will be access…

security jwt hmac jwe

asked Jan 20 '17 at 15:41

Kaddath

5,933
1
9
23

Prev 1 2 3

…

11 Next