Questions tagged [jwe]

JSON Web Encryption (JWE; RFC 7516) represents encrypted content using JSON-based data structures.

JSON Web Encryption (JWE) [RFC7516] represents encrypted content using JSON- based data structures [RFC7159]. The JWE cryptographic mechanisms encrypt and provide integrity protection for an arbitrary sequence of octets.

Two closely related serializations for JWEs are defined. The JWE Compact Serialization is a compact, URL-safe representation intended for space constrained environments such as HTTP Authorization headers and URI query parameters. The JWE JSON Serialization represents JWEs as JSON objects and enables the same content to be encrypted to multiple parties. Both share the same cryptographic underpinnings.

Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) [JWA] specification and IANA registries defined by that specification. Related digital signature and MAC capabilities are described in the separate JSON Web Signature (JWS) [JWS] specification.

Names defined by this specification are short because a core goal is for the resulting representations to be compact.

156 questions

votes

1 answer

php jwt framework decrypt token Multiple Recipients error

require __DIR__ . '/../../vendor/autoload.php'; use Jose\Component\Core\AlgorithmManager; use Jose\Component\Encryption\Algorithm\ContentEncryption\A256CBCHS512; use Jose\Component\Encryption\Algorithm\KeyEncryption\RSAOAEP256; use…

asked Mar 13 '23 at 12:44

gooddev

votes

1 answer

How to use RSA in Azure keyvalue Key to create JWE

RSA keypair is in Azure KeyVault Key. I can use keyClient to access the key and use CryptographyClient to…

c# jwt azure-keyvault jwe

asked Feb 24 '23 at 18:09

Abe

votes

1 answer

Encrypting java JWEObject with RSA in python

I asked a while ago how to do something similar: Decrypting and encrypting java JWEObject with algorithm RSA-OAEP-256 on python Now I have a different encryption key and that code is not working for me anymore. I need to be able to encrypt my data:…

python java encryption rsa jwe

asked Jan 30 '23 at 12:11

Ema Il

votes

1 answer

What am I doing wrong in the following code where I'm trying to achieve asymmetric signing and encryption using jose-python?

from jose import jws from jose import jwe with open('privkey.pem', mode='r') as privatefile: privkey = privatefile.read() with open('pubkey.pem', mode='r') as pubfile: pubkey = pubfile.read() …

cryptography encryption-asymmetric jwe jose python-jose

asked Dec 01 '22 at 13:37

Taz

votes

1 answer

JWE/JWT authentication with PHP

Last week we started to work with a new API of a provider. For authentication they request a JWE in the header of an https request. We have no experience with JWE, then we started to look information about it, to devolope it with PHP. After many…

php jwt aes-gcm jwe oaep

asked Nov 17 '22 at 14:42

lmontiel

votes

2 answers

Unable to decrypt JWE with NPM Jose package

I'm able to decrypt a JWE with an older version of jose but I'm struggling to use the latest version API. My token headers are the following: { "alg": "A128KW", "enc": "A128CBC-HS256", "typ": "JWT" } With jose 2.0.3 this code (copied from…

javascript node.js encryption jwe jose

asked Oct 05 '22 at 18:21

Arcord

1,724
1
11
16

votes

1 answer

Decrypt and verify locally Play Integrity API Token using NodeJS

Google gives an option to locally extract the play Integrity API Token. Even example with Java is provided here. But many servers are Node.js based. So, how can I decrypt the Play Integrity API token locally with Node.js?

node.js jwe jose google-play-integrity-api

asked Sep 22 '22 at 13:03

Nafis Abdullah Khan

2,062
3
22
39

votes

1 answer

Using JWT Token a Public Key

Is it possible to use the last (signature) part or any other part or combination of parts of a JWT token as a kind of public key. This would allow the client to sign a message such that only the JWT generator who has the private key would be able to…

encryption jwt private-key public-key jwe

asked Aug 09 '22 at 15:28

Anters Bear

1,816
1
15
41

votes

1 answer

Generating JWK with a private key while using jose4j to generate JWS

I am trying to generate a JWK using my private key while using jose4j library to generate a JWE with the earlier mentioned JWK. But the key generated doesn't seem to be correct, also, it doesn't have all the fields (only n, e and kty get generated ,…

java jwt jwk jwe jose4j

asked Jul 21 '22 at 16:01

Prakhar

votes

1 answer

How JWE works with Request Object in OIDC

I wanted to use encrypted local PASETO tokens for the Request Object in the OIDC, but it turns out that I need to store the key somewhere to decrypt this request object, and it must be available unencrypted/unhashed as it will need the Request…

encryption openid-connect jwe

asked Jul 12 '22 at 08:10

Szyszka947

votes

0 answers

I am getting issue while decrypting jwt token using node-jose library in Node.js project

In node-jose I am getting below issue while decrypting the jwt token, My encryption is working fine. Error: { 2022-06-07 06:58:58,428: "message": "**Algorithm not allowed: undefined**", 2022-06-07 06:58:58,428: "stack": "Error:…

node.js angular jwe node-jose

asked Jun 24 '22 at 17:11

Amit

votes

2 answers

Is it possible to use JWE (json web encryption) with Progress Openedge?

Is it possible to use json web encryption with Progress Openedge?

encryption openedge progress-4gl jwe

asked Jun 24 '22 at 04:22

JulesVerne

votes

1 answer

Azure ADB2C Google Sign up - 'AADB2C90090: The provided JWE is not a valid 5 segment token.'

I am trying to use Google as an identity provider in an ADB2C SignInSignUp userflow, consumed within a React Native app through a WebView. When I am testing this I am hitting an error that I cannot seem to find the cause of. Upon signing up with…

azure jwt azure-ad-b2c jwe

asked Jun 10 '22 at 14:44

Jordan Burge

votes

1 answer

How to encrypt a json string as JWE (Json Web Encryption) by using public key stored in HSM?

I want to encrypt a json data as JWE using a public key stored in HSM. I use .Net framework or .Net core libraries for Net.Pkcs11Interop.HighLevelAPI for communication with HSM. I searched lots of sample java or .net core sample code but they all…

encryption hsm jwe

asked May 17 '22 at 10:25

Bayram Koçak

votes

0 answers

Is it faster to read a signature or to decrypt a string when using tokens for authentication?

I'm new to everything related to authentication and have no knowledge about encryption algorithms. I was reading about JWT, but from what I gathered, it'd make more sense for my project to authenticate users using either one of these 2…

javascript authentication encryption jwt jwe

asked May 05 '22 at 02:57

flen

1,905
1
21
44

Prev 1 2 3

…

10 11 Next