Questions tagged [jwe]

JSON Web Encryption (JWE; RFC 7516) represents encrypted content using JSON-based data structures.

JSON Web Encryption (JWE) [RFC7516] represents encrypted content using JSON- based data structures [RFC7159]. The JWE cryptographic mechanisms encrypt and provide integrity protection for an arbitrary sequence of octets.

Two closely related serializations for JWEs are defined. The JWE Compact Serialization is a compact, URL-safe representation intended for space constrained environments such as HTTP Authorization headers and URI query parameters. The JWE JSON Serialization represents JWEs as JSON objects and enables the same content to be encrypted to multiple parties. Both share the same cryptographic underpinnings.

Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) [JWA] specification and IANA registries defined by that specification. Related digital signature and MAC capabilities are described in the separate JSON Web Signature (JWS) [JWS] specification.

Names defined by this specification are short because a core goal is for the resulting representations to be compact.

156 questions

vote

2 answers

How to decrypt JWE source (encrypted with RSA1_5 A256CBC-HS512) in C#?

I am implementing a client for communicate with some server by the cryptological way. The client sends get request with public RSA key to the server. Documentation "how to communicate with server" has the sample with java code. The following code…

asked Mar 16 '18 at 19:37

Valentyn Zakharenko

2,710
1
21
47

vote

0 answers

How can we implement JWE with just nodejs Crypto library?

This is what I am doing to generate JWT tokens for now. How can I generate JWE tokens with just crypto library without using any other npde packages? var Header = {"alg": "HS256","typ": "JWT"}, Payload = {"content": "valuable data"}, …

javascript node.js jwt cryptojs jwe

asked Dec 20 '17 at 12:15

siwalikm

1,792
2
16
20

vote

0 answers

How to use node-jose

I tried JWE encryption and decryption by following this Using node-jose, how do I decrypt the data I just encrypted? var ursa = require("ursa"); const { JWK } = require('node-jose'); const keygen = require('generate-rsa-keypair'); const jose =…

node.js encryption jwe jose

asked Dec 08 '17 at 17:25

vimal prakash

1,503
1
22
38

vote

1 answer

Nested JWS + JWE vs JWE with Authenticated Encryption

Problem I want to sign and encrypt (effectively, obfuscate) some information ('token') on my server (a trusted environment) and send the cyphertext to a client machine (not quite trusted environment) to be read and verified by my client-side…

encryption jwt encryption-asymmetric jwe message-authentication-code

asked Oct 26 '17 at 15:29

Alexey

9,197
5
64
76

vote

1 answer

Interop between node-jose (js) and jwcrypto (python) using EC keys?

I'm struggling to produce a JWE in jwcrypto equivalent to that in node-jose with the same key. The goal is to produce a key in node-jose and export the pubkey to jwcrypto to encrypt a payload, which will then be consumed by node-jose and…

javascript python jwt jwe

asked Oct 18 '17 at 16:02

obrienmd

2,575
3
17
8

vote

1 answer

Java library to parse JWT token in JWE JSON Serialization format

What opensource Java library can be used to parse/decrypt JWT token in JWE JSON serialization format as below I was looking at nimbus-jose (https://connect2id.com/products/nimbus-jose-jwt/) but I cannot find any releavnt example. I want to use some…

jwt jwe jose

asked Sep 21 '17 at 01:32

Andriy Kharchuk

1,165
1
13
25

vote

1 answer

JWE (JSON Web Encryption) in NODE.JS

I am trying to implement JWE for my Rest API. I came across following NODE library that implements JWE. However the library lack the documentation around how JSON Web Key(JWK) should be used(JSON object) that help in Key Management Mode. The JWE…

node.js jwt jwe jwk jose

asked Dec 05 '16 at 13:03

D Deshmane

1,125
4
15
27

vote

0 answers

Can Json Web Token (JWE) be used to encrypt whole JSON?

We are going to have stateless web services which accept JSON as parameter. Wev'e read JWE's RFC but one thing I can't understand is how can a token (which is a fixed part of each request) be stateless without being hijacked? Or we should encrypt…

web-services security encryption json-web-token jwe

asked Aug 30 '16 at 08:10

Mohsen

4,000
8
42
73

vote

2 answers

How to implement a concat KDF for use with JOSE/JWE/JWT

I'm attempting to write code to decrypt a JWE token in PHP, as the existing libraries don't support the algorithm I need (A128CBC+HS256, it's a deprecated algorithm). My issue is I can't understand how to generate the content encryption key which…

php encryption jwt jwe

asked Oct 28 '14 at 14:00

Brandon

16,382
12
55
88

votes

1 answer

Python standard to decrypt a JWE object given the Base64 encoded key (HS256)

I have a problem decrypting a generated JWK generated by an IBM product. In particular have a look at my example: JWE:…

python-3.x encryption jwt aes jwe

asked Aug 23 '23 at 15:23

docdev

votes

2 answers

How to decrypt a JWE using JOSE4J using public key

Feel kind of out of my depth here. I have a message that I'm trying to encrypt on a react front end using a public key and the jose library. Then that message will be sent to the java back end and needs to be decrypted by the same public key so that…

java encryption jwt jwe jose4j

asked Aug 21 '23 at 16:00

stor314

votes

0 answers

Which algorithm shoud I use in the response if I use JWE with Direct key agreement in the request?

In the context of a rest API request / response there is JWE with the request and another one in the response. For the request, I'm using Direct Key Agreement (ECDH). Which algo should I use to respond back another JWE ? dir or ECDH-ES. Is there any…

jwe ecdh

asked Jul 17 '23 at 07:53

Sébastien

votes

1 answer

PlayIntegrity response decryption got javax.crypto.AEADBadTagException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT

I am trying to decode the response from Google Play Integrity in Android client. I followed the steps from here. Decoding from server works however decoding locally results in this exception: stackTrace = {StackTraceElement[18]@28628} 0 =…

android jwe jose4j google-play-integrity-api

asked Jul 15 '23 at 19:55

rysv

2,416
7
30
48

votes

0 answers

How to JWE encode my jwt response token in new Spring authorization Server

I have a requirement of updating our previous authorization server based on spring 2.6 to spring security 6 and spring 3+, and have decided to go with the new spring authorization server. Have customized the configurations according to our need…

jwt jwe spring-authorization-server spring-security-6

asked Jun 09 '23 at 06:18

Abhishek Mishra

votes

0 answers

Encrypt request body using {"alg":"RSA-OAEP-256","enc":"A256GCM"} in flutter

I was making requests to an api when at the moment they updated the platform and changed the way of sending the body of the requests since they are encrypted. Example of what is sent…

flutter encryption aes-gcm jwe

asked Mar 30 '23 at 20:04

Ernesto Enrique Sanchez

Prev 1 2 3

…

10 11 Next