Questions tagged [jwe]

JSON Web Encryption (JWE; RFC 7516) represents encrypted content using JSON-based data structures.

JSON Web Encryption (JWE) [RFC7516] represents encrypted content using JSON- based data structures [RFC7159]. The JWE cryptographic mechanisms encrypt and provide integrity protection for an arbitrary sequence of octets.

Two closely related serializations for JWEs are defined. The JWE Compact Serialization is a compact, URL-safe representation intended for space constrained environments such as HTTP Authorization headers and URI query parameters. The JWE JSON Serialization represents JWEs as JSON objects and enables the same content to be encrypted to multiple parties. Both share the same cryptographic underpinnings.

Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) [JWA] specification and IANA registries defined by that specification. Related digital signature and MAC capabilities are described in the separate JSON Web Signature (JWS) [JWS] specification.

Names defined by this specification are short because a core goal is for the resulting representations to be compact.

156 questions

votes

1 answer

how to check Validate JWE Token On server

its config jwt Program.cs #region JWT IdentityModelEventSource.ShowPII = true; builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { var secretkey =…

asked May 04 '22 at 15:21

Arman

votes

1 answer

ASP.NET Core 5 - Decoding an AES-GCM-256 JWE

I'm trying unsuccessfully to decode an encrypted token. I tried the AesGcm class of c# but it's giving me an error regarding the TAG: The computed authentication tag did not match the input authentication tag. This is how I try to decode: string…

jwt asp.net-core-5.0 jwe

asked Apr 24 '22 at 10:12

Alon S

votes

2 answers

Storing keys - Should I store private keys in PEM or JWK JSON format?

Which is more conventional? For cross-platform; it is ok to store and use JWK in the JSON format? Do I need to encrypt them before storing it in a database?

jwt websecurity jwk jwe jose

asked Apr 13 '22 at 04:07

Lee

votes

0 answers

How to protect a payload assuming we don't have SSL?

Say I want Bob to be able to send Alice a message using her public key over a curl -X POST http://$DOMAIN/... type endpoint. There are step by step instructions for this use case using "nacl" and step-cli's step crypto nacl box, however I am…

security jwe jose nacl-cryptography

asked Jan 19 '22 at 08:04

hendry

9,725
18
81
139

votes

0 answers

How to decode a RSA encrypted JWE in Python

I have JWE generated in Java using RSA keys. I want to decode this in python. I tried PyJwt as in official documentation. But I am getting this error Traceback (most recent call last): File…

python jwt rsa jwe pyjwt

asked Dec 15 '21 at 10:32

Bhimasen

votes

0 answers

How to encrypt json data in to JWE Token with jose

I want to encrypt my JSON object into a JWE token. I am using the JOSE NuGet SDK with C# language. I am using A256KW JweAlgorithm for secret key and A256GCM for JweEncryption. Could anyone please help me find out what I am doing wrong? string key =…

c# json encryption jwe jose

asked Dec 06 '21 at 11:16

Kryp2 Gemini

votes

1 answer

Is some format mandatory for the plaintext/payload of JOSE JWE/JWS packets?

I want to transfer and share some data inside JOSE JWE/JWS packets between different endpoints running differing os/libraries. Therefore I want to adhere to the relevant Standards (RFCs) as closely as possible, for interoperability. Sadly I did not…

json jwe jose

asked Nov 25 '21 at 20:40

gaiuscosades

votes

1 answer

'Mandatory fields are missing' response from APIGEE API

I am using nimbus-jose-jwt library in Android to generate encrypted JWT (JWE), to send it in the body of an APIGEE API. I have used the following code to generate encrypted JWT: public class EncryptedJWTGenerator { String jweString; …

android encryption jwt jwe nimbus-jose-jwt

asked Jul 27 '21 at 07:57

Sparsh Dutta

2,450
4
27
54

votes

0 answers

Iam unable to create expected JWE Token using nimbus library file

I'm using java code to generate the JWE token using nimbus jar file but I'm unable to generate expected header JWE token, could you guys please help me here to generate the expected token. static String PUBLIC_KEY…

java jwe nimbus-jose-jwt

asked Jul 07 '21 at 11:23

Abhinav kiran

votes

1 answer

How to generate jose4j EllipticCurveJsonWebKey from JSON web key

I am able to create JWE as per https://bitbucket.org/b_c/jose4j/wiki/JWT%20Examples. Problem: Unable to create JWE (EC type as mentioned below) using json web key. Requirement: Create & Verify below type of JWE "typ": "JWT", "alg":…

jwe jose4j

asked Mar 18 '21 at 04:44

Tattwadarsi Biswal

votes

0 answers

JWT decrypt encrypted token

I am working on some oauth authentication and I have received a response in this format: { "access_token": "+Bx8TPv3p0ieWchU7pphuKpBIxOXjadioiZRkMjneS4=", "token_type": "Bearer", "id_token":…

node.js authentication oauth jwt jwe

asked Mar 08 '21 at 09:52

Daryl Wong

2,023
5
28
61

votes

0 answers

Private key in CngKey format using jose-jwt - EccKey.New(x, y, d, CngKeyUsages.KeyAgreement) not working in production but fine in local

I'm trying to read get the x, y and d parameter values from a pem file generated using https://mkjwk.org/ with P 256 curve, Encryption, ECDH-ES+A128KW with X509 set to true. The values for x, y , d are retrieved using below: using (var reader = new…

c# cryptography jwe ecdh jose

asked Feb 24 '21 at 13:17

Abhishek Roy

votes

1 answer

Securing my web api with JWE, doing it anynomously and other options

I have a application containing: .net core 3.1 Scaffolded Identitiy on Microsoft .net core ef core 3.x vue.js net core web api (important information: everything is in one solution on one server) And now I am considering securing my Web Apis. This…

webapi jwe

asked Oct 05 '20 at 09:18

GerryMM88

votes

1 answer

jwe cannot encrypt data correctly by jwcrypto

I has a requirement to generate encrypted data by jwe. The implementation of ruby can work correctly. But the python implementation cannot work correctly. The ruby implementation require 'jwe' key = OpenSSL::PKey::RSA.new File.read…

python jwe jwk jwcrypto

asked Mar 23 '20 at 08:26

neal

votes

1 answer

jose4j: how to set full serialization input?

Is there a way to set a JWE full serialization input with jose4j? For example, what goes in the TODO below? public String decryptJWE(PrivateKey privateKey, String payload, boolean compact) throws JoseException { JsonWebEncryption jwe = new…

jwe jose4j

asked Nov 21 '19 at 00:55

Kevin

Prev 1 2 3

…

10 11 Next