Comments (7)
dvsekhvalnov
commented on May 18, 2024
1
If you have example (even in psedo-code) of what do you want to achieve it can be helpful :)
Regardless are you looking for something like this?
string signedObject = Jose.JWT.Encode(token, clientPrivateKey, JwsAlgorithm.RS256);
string encrypted = Jose.JWT.Encode(signedObject, serverPublicKey, JweAlgorithm.RSA1_5, JweEncryption.A128CBC_HS256);from jose-jwt.
dvsekhvalnov
commented on May 18, 2024
Hi @biancini ,
can you refine what do you mean by signed and encrypted together?
Usually you are using:
- signatures to protect against payload from being altered. Signatures provide way to proof integrity of your content (token).
- encryption when you want to hide content from unintended parties. encryption for sure providing you same integrity level that signatures do, so you really don't need separate signing step if you are using encrypted tokens.
Or may be i didn't get your question correctly?
from jose-jwt.
biancini
commented on May 18, 2024
I am usibg JWT library to implement an Open ID connect client.
On the official certification test suite, I read the test "Can use request_uri request parameter with signed and encrypted request" that says:
Pass a Request Object by Reference, using the request_uri parameter.Sign the Request Object using the 'RS256' algorithm, then Encrypt the Request Object using the 'RSA1_5' and 'A128CBC-HS256' algorithms.
Link here: https://rp.certification.openid.net:8080/test_list
And it makes sense because the client had to sign the message with its private key and encrypt it with the public key of the server.
The server then decrypts the message with it private key and then verifies the signature with the public key of the client.
How can I do that?
Thanks,
A.
from jose-jwt.
biancini
commented on May 18, 2024
Yes, this would completely satisfy my need!
from jose-jwt.
dvsekhvalnov
commented on May 18, 2024
Okay, glad it working :)
Feel free to close if you don't have other questions.
from jose-jwt.
biancini
commented on May 18, 2024
I will give it a try and if it is working I will close the issue.
Not sure of the encrypted parte should be the whole message string or only the payload.
Thanks for now!
from jose-jwt.
biancini
commented on May 18, 2024
It works smooth and easy.
Thanks
from jose-jwt.
Related Issues (20)
- Issue when encrypt using RSA_OAEP_256 and A256GCM HOT 5
- EcdhKeyManagement alg expects key to be of CngKey or Jwk types with kty='EC HOT 11
- A128CBC+HS256 support in parity with Java's Nimbus JOSE + JWT HOT 3
- Remove legacy dependency `System.Security.Cryptography.Algorithms` for `netstandard2.1` target HOT 1
- Kinda weird code in the library HOT 2
- Play Integrity Exception "org.jose4j.lang.IntegrityException: A256KW key unwrap/decrypt failed" HOT 8
- JWT.Encode works fine on local machine in .NET7.0 Windows 11 , on windows server 2012 throw exception: Unable to sign content., inner exception: The requested operation is not supported.| HOT 4
- Get Public key from File HOT 10
- Decode throws when a nested property of an encoded model is a System.Decimal with one or more decimal places (e.g., 24.00m) HOT 2
- Windows Cryptography Next Generation (CNG) is not supported on this platform. HOT 5
- JWT Token Header HOT 1
- Is lib still supported? HOT 11
- Jose.JoseException: Unable to sign content. HOT 2
- JWE Decrypt not working for RSA algorithm HOT 9
- Susceptible to sign/encrypt confusion attack HOT 3
- Further exploitation about sign/encrypt attack HOT 6
- BCryptDecrypt error! HOT 5
- nimbus-jose-jwt change from JSON Smart to GSon upgrade has breaking changes on serialization and desrialization for jsonObject HOT 3
- Version 5: decryption of compressed token throws exception but works in 4.1 HOT 2
- Need adding support for RSA_OAEP_512 support in encryption HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jose-jwt.