Examples of Protecting Content using JavaScript Object Signing and Encryption (JOSE)
draft-ietf-jose-cookbook-06
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 7520.
|
|
|---|---|---|---|
| Author | Matthew A. Miller | ||
| Last updated | 2014-11-28 (Latest revision 2014-11-13) | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Formats | |||
| Reviews |
SECDIR Last Call review
by Yaron Sheffer
Has issues
|
||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | Submitted to IESG for Publication | |
| Document shepherd | Jim Schaad | ||
| Shepherd write-up | Show Last changed 2014-11-14 | ||
| IESG | IESG state | Became RFC 7520 (Informational) | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | Kathleen Moriarty | ||
| Send notices to | draft-ietf-jose-cookbook.all@tools.ietf.org, ietf@augustcellars.com, jose-chairs@tools.ietf.org, jose@ietf.org | ||
| IANA | IANA review state | IANA OK - No Actions Needed |
draft-ietf-jose-cookbook-06
5.13.5. Encrypting the Key to the Third Recipient
The following are generated before encrypting the CEK for the third
recipient:
o Initialization vector/nonce for key wrapping; this example uses
the initialization vector/nonce from Figure 211
AvpeoPZ9Ncn9mkBn
Figure 211: Recipient #2 Initialization Vector, base64url-encoded
Performing the "A256GCMKW" key encryption operation over the CEK
(Figure 202) with the following:
o AES symmetric key (Figure 138; and
o Initialization vector/nonce ((Figure 211
produces the following:
o Encrypted key from Figure 212.
o Key wrap authentication tag from Figure 213
a7CclAejo_7JSuPB8zeagxXRam8dwCfmkt9-WyTpS1E
Figure 212: Recipient #3 Encrypted Key, base64url-encoded
59Nqh1LlYtVIhfD3pgRGvw
Figure 213: Recipient #3 Authentication Tag, base64url-encoded
The following are generated after encrypting the CEK for the third
recipient:
o Recipient JWE Unprotected Header; this example uses the header
from Figure 214.
{
"alg": "A256GCMKW",
"kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
"tag": "59Nqh1LlYtVIhfD3pgRGvw",
"iv": "AvpeoPZ9Ncn9mkBn"
}
Figure 214: Recipient #3 JWE Per-recipient Unprotected Header JSON
Miller Expires May 17, 2015 [Page 101]
Internet-Draft JOSE Cookbook November 2014
The following is the assembled third recipient JSON:
{
"encrypted_key": "a7CclAejo_7JSuPB8zeagxXRam8dwCfmkt9-WyTpS1
E",
"header": {
"alg": "A256GCMKW",
"kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
"tag": "59Nqh1LlYtVIhfD3pgRGvw",
"iv": "AvpeoPZ9Ncn9mkBn"
}
}
Figure 215: Recipient #3 JSON
5.13.6. Encrypting the Content
The following are generated before encrypting the content:
o JWE Protected Header; this example uses the header from
Figure 216, encoded to [RFC4648] base64url as Figure 217.
{
"enc": "A128CBC-HS256"
}
Figure 216: JWE Protected Header JSON
eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0
Figure 217: JWE Protected Header, base64url-encoded
Performing the content encryption operation over the Plaintext
(Figure 72) with the following:
o CEK (Figure 202),
o Initialization vector/nonce (Figure 203), and
o JWE Protected Header (Figure 217) as the authenticated data
produces the following:
o Ciphertext from Figure 218
o Authentication tag from Figure 219
Miller Expires May 17, 2015 [Page 102]
Internet-Draft JOSE Cookbook November 2014
ajm2Q-OpPXCr7-MHXicknb1lsxLdXxK_yLds0KuhJzfWK04SjdxQeSw2L9mu3a
_k1C55kCQ_3xlkcVKC5yr__Is48VOoK0k63_QRM9tBURMFqLByJ8vOYQX0oJW4
VUHJLmGhF-tVQWB7Kz8mr8zeE7txF0MSaP6ga7-siYxStR7_G07Thd1jh-zGT0
wxM5g-VRORtq0K6AXpLlwEqRp7pkt2zRM0ZAXqSpe1O6FJ7FHLDyEFnD-zDIZu
kLpCbzhzMDLLw2-8I14FQrgi-iEuzHgIJFIJn2wh9Tj0cg_kOZy9BqMRZbmYXM
Y9YQjorZ_P_JYG3ARAIF3OjDNqpdYe-K_5Q5crGJSDNyij_ygEiItR5jssQVH2
ofDQdLChtazE
Figure 218: Ciphertext, base64url-encoded
BESYyFN7T09KY7i8zKs5_g
Figure 219: Authentication Tag, base64url-encoded
The following is generated after encrypting the plaintext:
o JWE Shared Unprotected Header parameters; this example uses the
header from Figure 220.
{
"cty": "text/plain"
}
Figure 220: JWE Shared Unprotected Header JSON
5.13.7. Output Results
The following compose the resulting JWE object:
o Recipient #1 JSON (Figure 206)
o Recipient #2 JSON (Figure 210)
o Recipient #3 JSON (Figure 215)
o Initialization vector/nonce (Figure 203)
o Ciphertext (Figure 218)
o Authentication tag (Figure 219)
The Compact Serialization is not presented because it does not
support this use case; the JSON Flattened Serialization is not
presented because there is more than one recipient.
The resulting JWE object using the JSON General Serialization:
{
Miller Expires May 17, 2015 [Page 103]
Internet-Draft JOSE Cookbook November 2014
"recipients": [
{
"encrypted_key": "dYOD28kab0Vvf4ODgxVAJXgHcSZICSOp8M51zj
wj4w6Y5G4XJQsNNIBiqyvUUAOcpL7S7-cFe7Pio7gV_Q06WmCSa-
vhW6me4bWrBf7cHwEQJdXihidAYWVajJIaKMXMvFRMV6iDlRr076
DFthg2_AV0_tSiV6xSEIFqt1xnYPpmP91tc5WJDOGb-wqjw0-b-S
1laS11QVbuP78dQ7Fa0zAVzzjHX-xvyM2wxj_otxr9clN1LnZMbe
YSrRicJK5xodvWgkpIdkMHo4LvdhRRvzoKzlic89jFWPlnBq_V4n
5trGuExtp_-dbHcGlihqc_wGgho9fLMK8JOArYLcMDNQ",
"header": {
"alg": "RSA1_5",
"kid": "frodo.baggins@hobbiton.example"
}
},
{
"encrypted_key": "ExInT0io9BqBMYF6-maw5tZlgoZXThD1zWKsHi
xJuw_elY4gSSId_w",
"header": {
"alg": "ECDH-ES+A256KW",
"kid": "peregrin.took@tuckborough.example",
"epk": {
"kty": "EC",
"crv": "P-384",
"x": "Uzdvk3pi5wKCRc1izp5_r0OjeqT-I68i8g2b8mva8diRhs
E2xAn2DtMRb25Ma2CX",
"y": "VDrRyFJh-Kwd1EjAgmj5Eo-CTHAZ53MC7PjjpLioy3ylEj
I1pOMbw91fzZ84pbfm"
}
}
},
{
"encrypted_key": "a7CclAejo_7JSuPB8zeagxXRam8dwCfmkt9-Wy
TpS1E",
"header": {
"alg": "A256GCMKW",
"kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
"tag": "59Nqh1LlYtVIhfD3pgRGvw",
"iv": "AvpeoPZ9Ncn9mkBn"
}
}
],
"unprotected": {
"cty": "text/plain"
},
"protected": "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0",
"iv": "VgEIHY20EnzUtZFl2RpB1g",
"ciphertext": "ajm2Q-OpPXCr7-MHXicknb1lsxLdXxK_yLds0KuhJzfWK
04SjdxQeSw2L9mu3a_k1C55kCQ_3xlkcVKC5yr__Is48VOoK0k63_QRM
Miller Expires May 17, 2015 [Page 104]
Internet-Draft JOSE Cookbook November 2014
9tBURMFqLByJ8vOYQX0oJW4VUHJLmGhF-tVQWB7Kz8mr8zeE7txF0MSa
P6ga7-siYxStR7_G07Thd1jh-zGT0wxM5g-VRORtq0K6AXpLlwEqRp7p
kt2zRM0ZAXqSpe1O6FJ7FHLDyEFnD-zDIZukLpCbzhzMDLLw2-8I14FQ
rgi-iEuzHgIJFIJn2wh9Tj0cg_kOZy9BqMRZbmYXMY9YQjorZ_P_JYG3
ARAIF3OjDNqpdYe-K_5Q5crGJSDNyij_ygEiItR5jssQVH2ofDQdLCht
azE",
"tag": "BESYyFN7T09KY7i8zKs5_g"
}
Figure 221: JSON General Serialization
6. Nesting Signatures and Encryption
This example illustrates nesting a JSON Web Signature (JWS) structure
within a JSON Web Encryption (JWE) structure. The signature uses the
"PS256" (RSASSA-PSS) algorithm; the encryption uses the "RSA-OAEP"
(RSAES-OAEP) key encryption algorithm and the "A128GCM" (AES-GCM)
content encryption algorithm.
Note that RSASSA-PSS uses random data to generate the signature, and
RSAES-OAEP uses random data to generate the ciphertext; it might not
be possible to exactly replicate the results in this section.
Note that whitespace is added for readability as described in
Section 1.1.
6.1. Signing Input Factors
The following are supplied before beginning the signing operation:
o Payload content; this example uses the JSON Web Token (JWT)
[I-D.ietf-oauth-json-web-token] content from Figure 222, encoded
as [RFC4648] base64url to produce Figure 223.
o RSA private key; this example uses the key from Figure 224
{
"iss": "hobbiton.example",
"exp": 1300819380,
"http://example.com/is_root": true
}
Figure 222: Payload content, in JSON format
eyJpc3MiOiJob2JiaXRvbi5leGFtcGxlIiwiZXhwIjoxMzAwODE5MzgwLCJodH
RwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0
Figure 223: Payload content, base64url-encoded
Miller Expires May 17, 2015 [Page 105]
Internet-Draft JOSE Cookbook November 2014
{
"kty": "RSA",
"kid": "hobbiton.example",
"use": "sig",
"n": "kNrPIBDXMU6fcyv5i-QHQAQ-K8gsC3HJb7FYhYaw8hXbNJa-t8q0lD
KwLZgQXYV-ffWxXJv5GGrlZE4GU52lfMEegTDzYTrRQ3tepgKFjMGg6I
y6fkl1ZNsx2gEonsnlShfzA9GJwRTmtKPbk1s-hwx1IU5AT-AIelNqBg
cF2vE5W25_SGGBoaROVdUYxqETDggM1z5cKV4ZjDZ8-lh4oVB07bkac6
LQdHpJUUySH_Er20DXx30Kyi97PciXKTS-QKXnmm8ivyRCmux22ZoPUi
nd2BKC5OiG4MwALhaL2Z2k8CsRdfy-7dg7z41Rp6D0ZeEvtaUp4bX4aK
raL4rTfw",
"e": "AQAB",
"d": "ZLe_TIxpE9-W_n2VBa-HWvuYPtjvxwVXClJFOpJsdea8g9RMx34qEO
EtnoYc2un3CZ3LtJi-mju5RAT8YSc76YJds3ZVw0UiO8mMBeG6-iOnvg
obobNx7K57-xjTJZU72EjOr9kB7z6ZKwDDq7HFyCDhUEcYcHFVc7iL_6
TibVhAhOFONWlqlJgEgwVYd0rybNGKifdnpEbwyHoMwY6HM1qvnEFgP7
iZ0YzHUT535x6jj4VKcdA7ZduFkhUauysySEW7mxZM6fj1vdjJIy9LD1
fIz30Xv4ckoqhKF5GONU6tNmMmNgAD6gIViyEle1PrIxl1tBhCI14bRW
-zrpHgAQ",
"p": "yKWYoNIAqwMRQlgIBOdT1NIcbDNUUs2Rh-pBaxD_mIkweMt4Mg-0-B
2iSYvMrs8horhonV7vxCQagcBAATGW-hAafUehWjxWSH-3KccRM8toL4
e0q7M-idRDOBXSoe7Z2-CV2x_ZCY3RP8qp642R13WgXqGDIM4MbUkZSj
cY9-c",
"q": "uND4o15V30KDzf8vFJw589p1vlQVQ3NEilrinRUPHkkxaAzDzccGgr
WMWpGxGFFnNL3w5CqPLeU76-5IVYQq0HwYVl0hVXQHr7sgaGu-483Ad3
ENcL23FrOnF45m7_2ooAstJDe49MeLTTQKrSIBl_SKvqpYvfSPTczPcZ
kh9Kk",
"dp": "jmTnEoq2qqa8ouaymjhJSCnsveUXnMQC2gAneQJRQkFqQu-zV2PKP
KNbPvKVyiF5b2-L3tM3OW2d2iNDyRUWXlT7V5l0KwPTABSTOnTqAmYCh
Gi8kXXdlhcrtSvXldBakC6saxwI_TzGGY2MVXzc2ZnCvCXHV4qjSxOrf
P3pHFU",
"dq": "R9FUvU88OVzEkTkXl3-5-WusE4DjHmndeZIlu3rifBdfLpq_P-iWP
BbGaq9wzQ1c-J7SzCdJqkEJDv5yd2C7rnZ6kpzwBh_nmL8zscAk1qsun
nt9CJGAYz7-sGWy1JGShFazfP52ThB4rlCJ0YuEaQMrIzpY77_oLAhpm
DA0hLk",
"qi": "S8tC7ZknW6hPITkjcwttQOPLVmRfwirRlFAViuDb8NW9CrV_7F2Oq
UZCqmzHTYAumwGFHI1WVRep7anleWaJjxC_1b3fq_al4qH3Pe-EKiHg6
IMazuRtZLUROcThrExDbF5dYbsciDnfRUWLErZ4N1Be0bnxYuPqxwKd9
QZwMo0"
}
Figure 224: RSA 2048-bit Private Key, in JWK format
6.2. Signing Operation
The following are generated to complete the signing operation:
Miller Expires May 17, 2015 [Page 106]
Internet-Draft JOSE Cookbook November 2014
o JWS Protected Header; this example uses header from Figure 225,
encoded using [RFC4648] base64url to produce Figure 226.
{
"alg": "PS256",
"typ": "JWT"
}
Figure 225: JWS Protected Header JSON
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9
Figure 226: JWS Protected Header, base64url-encoded
Performing the signature operation over the combined JWS Protected
Header (Figure 226) and Payload content (Figure 222) produces the
following signature:
dPpMqwRZxFYi1UfcDAaf8M99o7kwUWtiXZ-ByvVuJih4MhJ_aZqciprz0OWaIA
kIvn1qskChirjKvY9ESZNUCP4JjvfyPS-nqjJxYoA5ztWOyFk2cZNIPXjcJXSQ
wXPO9tEe-v4VSqgD0aKHqPxYog4N6Cz1lKph1U1sYDSI67_bLL7elg_vkjfMp5
_W5l5LuUYGMeh6hxQIaIUXf9EwV2JmvTMuZ-vBOWy0Sniy1EFo72CRTvmtrIf5
AROo5MNliY3KtUxeP-SOmD-LEYwW9SlkohYzMVAZDDOrVbv7KVRHpeYNaK75KE
QqdCEEkS_rskZS-Qtt_nlegTWh1mEYaA
Figure 227: JWS Signature, base64url-encoded
6.3. Signing Output
The following compose the resulting JWS object:
o JWS Protected Header (Figure 226))
o Payload content (Figure 223)
o Signature (Figure 227)
The resulting JWS object using the Compact Serialization (which is
the plaintext input to the proceeding encryption operation):
Miller Expires May 17, 2015 [Page 107]
Internet-Draft JOSE Cookbook November 2014
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9
.
eyJpc3MiOiJob2JiaXRvbi5leGFtcGxlIiwiZXhwIjoxMzAwODE5MzgwLCJodH
RwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0
.
dPpMqwRZxFYi1UfcDAaf8M99o7kwUWtiXZ-ByvVuJih4MhJ_aZqciprz0OWaIA
kIvn1qskChirjKvY9ESZNUCP4JjvfyPS-nqjJxYoA5ztWOyFk2cZNIPXjcJXSQ
wXPO9tEe-v4VSqgD0aKHqPxYog4N6Cz1lKph1U1sYDSI67_bLL7elg_vkjfMp5
_W5l5LuUYGMeh6hxQIaIUXf9EwV2JmvTMuZ-vBOWy0Sniy1EFo72CRTvmtrIf5
AROo5MNliY3KtUxeP-SOmD-LEYwW9SlkohYzMVAZDDOrVbv7KVRHpeYNaK75KE
QqdCEEkS_rskZS-Qtt_nlegTWh1mEYaA
Figure 228: Compact Serialization
6.4. Encryption Input Factors
The following are supplied before beginning the encryption process:
o Plaintext content; this example uses the content from Figure 228.
o RSA public key; this example use the key from Figure 84.
6.5. Encryption Generated Factors
The following are generated before encrypting:
o AES symmetric key as the Content Encryption CEK (CEK); this
example uses the key from Figure 229.
o Initialization vector/nonce; this example uses the initialization
vector/nonce from Figure 230.
0RHSNYwN-6-2QBGsYTZLSQ
Figure 229: Content Encryption Key, base64url-encoded
GbX1i9kXz0sxXPmA
Figure 230: Initialization vector, base64url-encoded
6.6. Encrypting the Key
Performing the key encryption operation over the CEK (Figure 229)
with the RSA key (Figure 84) produces the following encrypted key:
Miller Expires May 17, 2015 [Page 108]
Internet-Draft JOSE Cookbook November 2014
a0JHRoITfpX4qRewImjlStn8m3CPxBV1ueYlVhjurCyrBg3I7YhCRYjphDOOS4
E7rXbr2Fn6NyQq-A-gqT0FXqNjVOGrG-bi13mwy7RoYhjTkBEC6P7sMYMXXx4g
zMedpiJHQVeyI-zkZV7A9matpgevAJWrXzOUysYGTtwoSN6gtUVtlLaivjvb21
O0ul4YxSHV-ByK1kyeetRp_fuYJxHoKLQL9P424sKx2WGYb4zsBIPF4ssl_e5I
R7nany-25_UmC2urosNkoFz9cQ82MypZP8gqbQJyPN-Fpp4Z-5o6yV64x6yzDU
F_5JCIdl-Qv6H5dMVIY7q1eKpXcV1lWO_2FefEBqXxXvIjLeZivjNkzogCq3-I
apSjVFnMjBxjpYLT8muaawo1yy1XXMuinIpNcOY3n4KKrXLrCcteX85m4IIHMZ
a38s1Hpr56fPPseMA-Jltmt-a9iEDtOzhtxz8AXy9tsCAZV2XBWNG8c3kJusAa
mBKOYwfk7JhLRDgOnJjlJLhn7TI4UxDp9dCmUXEN6z0v23W15qJIEXNJtqnblp
ymooeWAHCT4e_Owbim1g0AEpTHUdA2iiLNs9WTX_H_TXuPC8yDDhi1smxS_X_x
pkIHkiIHWDOLx03BpqDTivpKkBYwqP2UZkcxqX2Fo_GnVrNwlK7Lgxw6FSQvDO
0
Figure 231: Encrypted Key, base64url-encoded
6.7. Encrypting the Content
The following are generated before encrypting the plaintext:
o JWE Protected Header; this example uses the the header from
Figure 232, encoded using [RFC4648] base64url to produce
Figure 233.
{
"alg": "RSA-OAEP",
"cty": "JWT",
"enc": "A128GCM"
}
Figure 232: JWE Protected Header JSON
eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYyI6IkExMjhHQ00ifQ
Figure 233: JWE Protected Header, base64url-encoded
Performing the content encryption operation over the Plaintext
(Figure 228) with the following:
o CEK (Figure 229);
o Initialization vector/nonce (Figure 230); and
o JWE Protected Header (Figure 233) as authenticated data.
produces the following:
o Ciphertext from Figure 234.
Miller Expires May 17, 2015 [Page 109]
Internet-Draft JOSE Cookbook November 2014
o Authentication tag from Figure 235.
SZI4IvKHmwpazl_pJQXX3mHv1ANnOU4Wf9-utWYUcKrBNgCe2OFMf66cSJ8k2Q
kxaQD3_R60MGE9ofomwtky3GFxMeGRjtpMt9OAvVLsAXB0_UTCBGyBg3C2bWLX
qZlfJAAoJRUPRk-BimYZY81zVBuIhc7HsQePCpu33SzMsFHjn4lP_idrJz_glZ
TNgKDt8zdnUPauKTKDNOH1DD4fuzvDYfDIAfqGPyL5sVRwbiXpXdGokEszM-9C
hMPqW1QNhzuX_Zul3bvrJwr7nuGZs4cUScY3n8yE3AHCLurgls-A9mz1X38xEa
ulV18l4Fg9tLejdkAuQZjPbqeHQBJe4IwGD5Ee0dQ-Mtz4NnhkIWx-YKBb_Xo2
zI3Q_1sYjKUuis7yWW-HTr_vqvFt0bj7WJf2vzB0TZ3dvsoGaTvPH2dyWwumUr
lx4gmPUzBdwTO6ubfYSDUEEz5py0d_OtWeUSYcCYBKD-aM7tXg26qJo21gYjLf
hn9zy-W19sOCZGuzgFjPhawXHpvnj_t-0_ES96kogjJLxS1IMU9Y5XmnwZMyNc
9EIwnogsCg-hVuvzyP0sIruktmI94_SL1xgMl7o03phcTMxtlMizR88NKU1WkB
siXMCjy1Noue7MD-ShDp5dmM
Figure 234: Ciphertext, base64url-encoded
KnIKEhN8U-3C9s4gtSpjSw
Figure 235: Authentication tag, base64url-encoded
6.8. Encryption Output
The following compose the resulting JWE object:
o JWE Protected Header (Figure 233)
o Encrypted key (Figure 231)
o Initialization vector/nonce (Figure 230)
o Ciphertext (Figure 234)
o Authentication Tag (Figure 235)
The resulting JWE object using the Compact serialization:
Miller Expires May 17, 2015 [Page 110]
Internet-Draft JOSE Cookbook November 2014
eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYyI6IkExMjhHQ00ifQ
.
a0JHRoITfpX4qRewImjlStn8m3CPxBV1ueYlVhjurCyrBg3I7YhCRYjphDOOS4
E7rXbr2Fn6NyQq-A-gqT0FXqNjVOGrG-bi13mwy7RoYhjTkBEC6P7sMYMXXx4g
zMedpiJHQVeyI-zkZV7A9matpgevAJWrXzOUysYGTtwoSN6gtUVtlLaivjvb21
O0ul4YxSHV-ByK1kyeetRp_fuYJxHoKLQL9P424sKx2WGYb4zsBIPF4ssl_e5I
R7nany-25_UmC2urosNkoFz9cQ82MypZP8gqbQJyPN-Fpp4Z-5o6yV64x6yzDU
F_5JCIdl-Qv6H5dMVIY7q1eKpXcV1lWO_2FefEBqXxXvIjLeZivjNkzogCq3-I
apSjVFnMjBxjpYLT8muaawo1yy1XXMuinIpNcOY3n4KKrXLrCcteX85m4IIHMZ
a38s1Hpr56fPPseMA-Jltmt-a9iEDtOzhtxz8AXy9tsCAZV2XBWNG8c3kJusAa
mBKOYwfk7JhLRDgOnJjlJLhn7TI4UxDp9dCmUXEN6z0v23W15qJIEXNJtqnblp
ymooeWAHCT4e_Owbim1g0AEpTHUdA2iiLNs9WTX_H_TXuPC8yDDhi1smxS_X_x
pkIHkiIHWDOLx03BpqDTivpKkBYwqP2UZkcxqX2Fo_GnVrNwlK7Lgxw6FSQvDO
0
.
GbX1i9kXz0sxXPmA
.
SZI4IvKHmwpazl_pJQXX3mHv1ANnOU4Wf9-utWYUcKrBNgCe2OFMf66cSJ8k2Q
kxaQD3_R60MGE9ofomwtky3GFxMeGRjtpMt9OAvVLsAXB0_UTCBGyBg3C2bWLX
qZlfJAAoJRUPRk-BimYZY81zVBuIhc7HsQePCpu33SzMsFHjn4lP_idrJz_glZ
TNgKDt8zdnUPauKTKDNOH1DD4fuzvDYfDIAfqGPyL5sVRwbiXpXdGokEszM-9C
hMPqW1QNhzuX_Zul3bvrJwr7nuGZs4cUScY3n8yE3AHCLurgls-A9mz1X38xEa
ulV18l4Fg9tLejdkAuQZjPbqeHQBJe4IwGD5Ee0dQ-Mtz4NnhkIWx-YKBb_Xo2
zI3Q_1sYjKUuis7yWW-HTr_vqvFt0bj7WJf2vzB0TZ3dvsoGaTvPH2dyWwumUr
lx4gmPUzBdwTO6ubfYSDUEEz5py0d_OtWeUSYcCYBKD-aM7tXg26qJo21gYjLf
hn9zy-W19sOCZGuzgFjPhawXHpvnj_t-0_ES96kogjJLxS1IMU9Y5XmnwZMyNc
9EIwnogsCg-hVuvzyP0sIruktmI94_SL1xgMl7o03phcTMxtlMizR88NKU1WkB
siXMCjy1Noue7MD-ShDp5dmM
.
KnIKEhN8U-3C9s4gtSpjSw
Figure 236: Compact Serialization
The resulting JWE object using the JSON General Serialization:
Miller Expires May 17, 2015 [Page 111]
Internet-Draft JOSE Cookbook November 2014
{
"recipients": [
{
"encrypted_key": "a0JHRoITfpX4qRewImjlStn8m3CPxBV1ueYlVh
jurCyrBg3I7YhCRYjphDOOS4E7rXbr2Fn6NyQq-A-gqT0FXqNjVO
GrG-bi13mwy7RoYhjTkBEC6P7sMYMXXx4gzMedpiJHQVeyI-zkZV
7A9matpgevAJWrXzOUysYGTtwoSN6gtUVtlLaivjvb21O0ul4YxS
HV-ByK1kyeetRp_fuYJxHoKLQL9P424sKx2WGYb4zsBIPF4ssl_e
5IR7nany-25_UmC2urosNkoFz9cQ82MypZP8gqbQJyPN-Fpp4Z-5
o6yV64x6yzDUF_5JCIdl-Qv6H5dMVIY7q1eKpXcV1lWO_2FefEBq
XxXvIjLeZivjNkzogCq3-IapSjVFnMjBxjpYLT8muaawo1yy1XXM
uinIpNcOY3n4KKrXLrCcteX85m4IIHMZa38s1Hpr56fPPseMA-Jl
tmt-a9iEDtOzhtxz8AXy9tsCAZV2XBWNG8c3kJusAamBKOYwfk7J
hLRDgOnJjlJLhn7TI4UxDp9dCmUXEN6z0v23W15qJIEXNJtqnblp
ymooeWAHCT4e_Owbim1g0AEpTHUdA2iiLNs9WTX_H_TXuPC8yDDh
i1smxS_X_xpkIHkiIHWDOLx03BpqDTivpKkBYwqP2UZkcxqX2Fo_
GnVrNwlK7Lgxw6FSQvDO0"
}
],
"protected": "eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYy
I6IkExMjhHQ00ifQ",
"iv": "GbX1i9kXz0sxXPmA",
"ciphertext": "SZI4IvKHmwpazl_pJQXX3mHv1ANnOU4Wf9-utWYUcKrBN
gCe2OFMf66cSJ8k2QkxaQD3_R60MGE9ofomwtky3GFxMeGRjtpMt9OAv
VLsAXB0_UTCBGyBg3C2bWLXqZlfJAAoJRUPRk-BimYZY81zVBuIhc7Hs
QePCpu33SzMsFHjn4lP_idrJz_glZTNgKDt8zdnUPauKTKDNOH1DD4fu
zvDYfDIAfqGPyL5sVRwbiXpXdGokEszM-9ChMPqW1QNhzuX_Zul3bvrJ
wr7nuGZs4cUScY3n8yE3AHCLurgls-A9mz1X38xEaulV18l4Fg9tLejd
kAuQZjPbqeHQBJe4IwGD5Ee0dQ-Mtz4NnhkIWx-YKBb_Xo2zI3Q_1sYj
KUuis7yWW-HTr_vqvFt0bj7WJf2vzB0TZ3dvsoGaTvPH2dyWwumUrlx4
gmPUzBdwTO6ubfYSDUEEz5py0d_OtWeUSYcCYBKD-aM7tXg26qJo21gY
jLfhn9zy-W19sOCZGuzgFjPhawXHpvnj_t-0_ES96kogjJLxS1IMU9Y5
XmnwZMyNc9EIwnogsCg-hVuvzyP0sIruktmI94_SL1xgMl7o03phcTMx
tlMizR88NKU1WkBsiXMCjy1Noue7MD-ShDp5dmM",
"tag": "KnIKEhN8U-3C9s4gtSpjSw"
}
Figure 237: JSON General Serialization
The resulting JWE object using the JSON Flattened Serialization:
Miller Expires May 17, 2015 [Page 112]
Internet-Draft JOSE Cookbook November 2014
{
"encrypted_key": "a0JHRoITfpX4qRewImjlStn8m3CPxBV1ueYlVhjurC
yrBg3I7YhCRYjphDOOS4E7rXbr2Fn6NyQq-A-gqT0FXqNjVOGrG-bi13
mwy7RoYhjTkBEC6P7sMYMXXx4gzMedpiJHQVeyI-zkZV7A9matpgevAJ
WrXzOUysYGTtwoSN6gtUVtlLaivjvb21O0ul4YxSHV-ByK1kyeetRp_f
uYJxHoKLQL9P424sKx2WGYb4zsBIPF4ssl_e5IR7nany-25_UmC2uros
NkoFz9cQ82MypZP8gqbQJyPN-Fpp4Z-5o6yV64x6yzDUF_5JCIdl-Qv6
H5dMVIY7q1eKpXcV1lWO_2FefEBqXxXvIjLeZivjNkzogCq3-IapSjVF
nMjBxjpYLT8muaawo1yy1XXMuinIpNcOY3n4KKrXLrCcteX85m4IIHMZ
a38s1Hpr56fPPseMA-Jltmt-a9iEDtOzhtxz8AXy9tsCAZV2XBWNG8c3
kJusAamBKOYwfk7JhLRDgOnJjlJLhn7TI4UxDp9dCmUXEN6z0v23W15q
JIEXNJtqnblpymooeWAHCT4e_Owbim1g0AEpTHUdA2iiLNs9WTX_H_TX
uPC8yDDhi1smxS_X_xpkIHkiIHWDOLx03BpqDTivpKkBYwqP2UZkcxqX
2Fo_GnVrNwlK7Lgxw6FSQvDO0",
"protected": "eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYy
I6IkExMjhHQ00ifQ",
"iv": "GbX1i9kXz0sxXPmA",
"ciphertext": "SZI4IvKHmwpazl_pJQXX3mHv1ANnOU4Wf9-utWYUcKrBN
gCe2OFMf66cSJ8k2QkxaQD3_R60MGE9ofomwtky3GFxMeGRjtpMt9OAv
VLsAXB0_UTCBGyBg3C2bWLXqZlfJAAoJRUPRk-BimYZY81zVBuIhc7Hs
QePCpu33SzMsFHjn4lP_idrJz_glZTNgKDt8zdnUPauKTKDNOH1DD4fu
zvDYfDIAfqGPyL5sVRwbiXpXdGokEszM-9ChMPqW1QNhzuX_Zul3bvrJ
wr7nuGZs4cUScY3n8yE3AHCLurgls-A9mz1X38xEaulV18l4Fg9tLejd
kAuQZjPbqeHQBJe4IwGD5Ee0dQ-Mtz4NnhkIWx-YKBb_Xo2zI3Q_1sYj
KUuis7yWW-HTr_vqvFt0bj7WJf2vzB0TZ3dvsoGaTvPH2dyWwumUrlx4
gmPUzBdwTO6ubfYSDUEEz5py0d_OtWeUSYcCYBKD-aM7tXg26qJo21gY
jLfhn9zy-W19sOCZGuzgFjPhawXHpvnj_t-0_ES96kogjJLxS1IMU9Y5
XmnwZMyNc9EIwnogsCg-hVuvzyP0sIruktmI94_SL1xgMl7o03phcTMx
tlMizR88NKU1WkBsiXMCjy1Noue7MD-ShDp5dmM",
"tag": "KnIKEhN8U-3C9s4gtSpjSw"
}
Figure 238: JSON Flattened Serialization
7. Security Considerations
This document is designed to provide examples for developers to use
in checking their implementations. As such it does not follow some
of the security considerations and recommendations in the core
documents. For instance:
o it does not always generate a new CEK value for every encrypted
example;
o it does not always generate a new IV value for every encrypted
example; and
Miller Expires May 17, 2015 [Page 113]
Internet-Draft JOSE Cookbook November 2014
o it does not always generate a new ephemeral key for every
ephemeral key example.
For each example, data that is expected to be generated for each
signing or encryption operation is isolated to sections titled
"Generated Factors".
8. IANA Considerations
This document has no actions for IANA.
9. Informative References
[I-D.ietf-jose-json-web-algorithms]
Jones, M., "JSON Web Algorithms (JWA)", draft-ietf-jose-
json-web-algorithms-35 (work in progress), October 2014.
[I-D.ietf-jose-json-web-encryption]
Jones, M. and J. Hildebrand, "JSON Web Encryption (JWE)",
draft-ietf-jose-json-web-encryption-35 (work in progress),
October 2014.
[I-D.ietf-jose-json-web-key]
Jones, M., "JSON Web Key (JWK)", draft-ietf-jose-json-web-
key-35 (work in progress), October 2014.
[I-D.ietf-jose-json-web-signature]
Jones, M., Bradley, J., and N. Sakimura, "JSON Web
Signature (JWS)", draft-ietf-jose-json-web-signature-35
(work in progress), October 2014.
[I-D.ietf-oauth-json-web-token]
Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token
(JWT)", draft-ietf-oauth-json-web-token-29 (work in
progress), October 2014.
[LOTR-FELLOWSHIP]
Tolkien, J. and C. Tolkien, "The Fellowship of the Ring",
ISBN 9780061917702, March 2009.
[RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification
version 1.3", RFC 1951, May 1996.
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, October 2006.
[RFC7095] Kewisch, P., "jCard: The JSON Format for vCard", RFC 7095,
January 2014.
Miller Expires May 17, 2015 [Page 114]
Internet-Draft JOSE Cookbook November 2014
Appendix A. Acknowledgements
Most of the examples herein use quotes and character names found in
the novel "The Fellowship of the Ring" [LOTR-FELLOWSHIP], written by
J. R. R. Tolkien.
Thanks to Richard Barnes, Brian Campbell, Mike Jones, and Jim Schaad
for input and review of text. Thanks to Brian Campbell for verifying
Compact Serialization examples.
Author's Address
Matthew Miller
Cisco Systems, Inc.
Email: mamille2@cisco.com
Miller Expires May 17, 2015 [Page 115]