Stack Overflow
Stack Overflow

Questions tagged [jwe]

JSON Web Encryption (JWE; RFC 7516) represents encrypted content using JSON-based data structures.

JSON Web Encryption (JWE) [RFC7516] represents encrypted content using JSON- based data structures [RFC7159]. The JWE cryptographic mechanisms encrypt and provide integrity protection for an arbitrary sequence of octets.

Two closely related serializations for JWEs are defined. The JWE Compact Serialization is a compact, URL-safe representation intended for space constrained environments such as HTTP Authorization headers and URI query parameters. The JWE JSON Serialization represents JWEs as JSON objects and enables the same content to be encrypted to multiple parties. Both share the same cryptographic underpinnings.

Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) [JWA] specification and IANA registries defined by that specification. Related digital signature and MAC capabilities are described in the separate JSON Web Signature (JWS) [JWS] specification.

Names defined by this specification are short because a core goal is for the resulting representations to be compact.

156 questions
4
votes
1 answer

JOSEException: Couldn't create AES/GCM/NoPadding cipher: Illegal key size

I am trying to decrypt JWE data from my private key using Nimbus JOSE + JWT. But I am gettin error : JOSEException: Couldn't create AES/GCM/NoPadding cipher: Illegal key size Can someone please help me to resole this issue. I am using Java 1.8 My…
Roshanck
  • 2,220
  • 8
  • 41
  • 56
4
votes
2 answers

How to decrypt JWE(Json Web Encryption) data using private key in java

I have a private key similar to below e.g. -----BEGIN PRIVATE…
Roshanck
  • 2,220
  • 8
  • 41
  • 56
4
votes
1 answer

How to Generate and validate JWE in node js?

I tried the below code to create an RSA-OAEP and A128GCM JWE generator and validator. It works with node.js, i.e. encrypts claims and generates the JWE and decrypts the same gives me the claims. But it is not working with the other clients, like…
vimal prakash
  • 1,503
  • 1
  • 22
  • 38
4
votes
1 answer

Google OAuth2 API JWS conformance

Google currently exposes, at https://www.googleapis.com/oauth2/v2/certs, the following certificate values { "keys": [ { "kty": "RSA", "alg": "RS256", "use": "sig", "kid": "90adc60c0f9f503265a5ebc2c404c88e59882083", "n":…
Martin v. Löwis
  • 124,830
  • 17
  • 198
  • 235
3
votes
0 answers

JSON Web Encryption (JWE) Client Side Use Cases

I understand the use case of Asymmetric Encryption using a private and public key. A client side Web Application can encrypt a JWE using a servers public key and the server uses its private key to decrypt the encrypted message. Is it possible for a…
Legz4Dayz
  • 97
  • 3
  • 7
3
votes
0 answers

'IDX10618: Key unwrap failed using decryption Keys for JWE

Our team is implementing a microservice architecture, and in this implementation we have a service providing JWE's (encrypted JWT) upon authentication. Our other services are responsible for verifying the validity of the JWE and ensuring the user…
mlangwell
  • 335
  • 1
  • 3
  • 12
3
votes
2 answers

ECDH + JWE encryption using nimbus-jose and Java 6

I have a problem and I would like to know if you can help me. I need to create an encrypted JWE with elliptic curve. i am using jre 1.6.0, nimbus-jose-jwt-8.20-jdk6.jar ,bcprov-jdk15to18-166.jar. I have created a keystore and a key pair with the EC…
ramon
  • 41
  • 5
3
votes
1 answer

How to encrypt dictionary data?

I am using jwcrypto to encrypt data using public key. I have gone through the documentation and the JWE class only takes plaintext as payload. But I have a dictionary to encrypt as a payload. I can convert the dictionary to json and encrypt the…
varad
  • 7,309
  • 20
  • 60
  • 112
3
votes
0 answers

Java (Android): Diffie-Hellman key exchange process according to JWA (RFC 7518)

I need to use ECDH key exchange process in order to encrypt/decrypt messages between the client and the server. I use jose4j library for cryptographic functionality. I have the local key pair (private dC and public QC), I have the remote public key…
Michael Kessler
  • 14,245
  • 13
  • 50
  • 64
3
votes
0 answers

I need to decrypt the JWE response in java

I'm able to get the decrypted data(payload) but not able to verify that the data is not changed in the transmission. the Encrypted Key is decrypted using your RSA private key with the "alg" algorithm specified in the Header to produce the symmetric…
Abhishek Gupta
  • 51
  • 5
3
votes
1 answer

Is there a way to Asymmetrically encrypt access tokens created with Laravel Passport?

I am building an application which consists of 3 server. The first is my Authorization server, the second is my Database server(API) and finally my front-end server. I want to use asymmetrical encryption to encrypt the access token generated by my…
juan_code18
  • 233
  • 6
  • 15
3
votes
1 answer

Why does the client need to decrypt JWE?

If I'm using JWE to send an encrypted JSON message, which will be stored on the client-side, for use with authorization, why would the client need to decrypt this message? Client attaches the JWE token to all requests. Server identifies client using…
twils0
  • 2,431
  • 2
  • 12
  • 24
3
votes
2 answers

How to prevent replay attacks when using token based authentification in an HTTP connection

How can I prevent replay attacks and add another layer of encryption to my application when using token based authentication ex: JSON Web authentication?
salutent
  • 43
  • 1
  • 3
3
votes
2 answers

How to decrypt a JWT, in java, which is encrypted with JWE when the encrypted token is present in form of String?

I have a token in String format such…
Haseb Ansari
  • 587
  • 1
  • 7
  • 23
3
votes
3 answers

What is the algorithm string for 'AGCM256-KW' in java cryptography, to be used in Cipher.getInstance(String algo)?

referring this, I have to encrypt using algorithm AGCM256-­KW. I am using Java Cryptography and I didn't find any such algorithm. Closest I found was AES_256/GCM/NoPadding but it has no KW (Key wrapping). here is my test code public void…
iuq
  • 1,487
  • 1
  • 20
  • 42
1
2
3
10 11