RFC 7520
Examples of Protecting Content Using JSON Object Signing and Encryption (JOSE)
5.2. Key Encryption Using RSA-OAEP with AES-GCM
This example illustrates encrypting content using the "RSA-OAEP" (RSAES-OAEP) key encryption algorithm and the "A256GCM" (AES-GCM) content encryption algorithm. Note that RSAES-OAEP uses random data to generate the ciphertext; it might not be possible to exactly replicate the results in this section. Note that only the RSA public key is necessary to perform the encryption. However, the example includes the RSA private key to allow readers to validate the output. Note that whitespace is added for readability as described in Section 1.1.
5.2.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the Plaintext from Figure 72. o RSA public key; this example uses the key from Figure 84. o "alg" parameter of "RSA-OAEP". o "enc" parameter of "A256GCM". { "kty": "RSA", "kid": "samwise.gamgee@hobbiton.example", "use": "enc", "n": "wbdxI55VaanZXPY29Lg5hdmv2XhvqAhoxUkanfzf2-5zVUxa6prHRr I4pP1AhoqJRlZfYtWWd5mmHRG2pAHIlh0ySJ9wi0BioZBl1XP2e-C-Fy XJGcTy0HdKQWlrfhTm42EW7Vv04r4gfao6uxjLGwfpGrZLarohiWCPnk Nrg71S2CuNZSQBIPGjXfkmIy2tl_VWgGnL22GplyXj5YlBLdxXp3XeSt sqo571utNfoUTU8E4qdzJ3U1DItoVkPGsMwlmmnJiwA7sXRItBCivR4M 5qnZtdw-7v4WuR4779ubDuJ5nalMv2S66-RPcnFAzWSKxtBDnFJJDGIU e7Tzizjg1nms0Xq_yPub_UOlWn0ec85FCft1hACpWG8schrOBeNqHBOD FskYpUc2LC5JA2TaPF2dA67dg1TTsC_FupfQ2kNGcE1LgprxKHcVWYQb 86B-HozjHZcqtauBzFNV5tbTuB-TpkcvJfNcFLlH3b8mb-H_ox35FjqB SAjLKyoeqfKTpVjvXhd09knwgJf6VKq6UC418_TOljMVfFTWXUxlnfhO OnzW6HSSzD1c9WrCuVzsUMv54szidQ9wf1cYWf3g5qFDxDQKis99gcDa iCAwM3yEBIzuNeeCa5dartHDb1xEB_HcHSeYbghbMjGfasvKn0aZRsnT yC0xhWBlsolZE", "e": "AQAB", "alg": "RSA-OAEP", "d": "n7fzJc3_WG59VEOBTkayzuSMM780OJQuZjN_KbH8lOZG25ZoA7T4Bx cc0xQn5oZE5uSCIwg91oCt0JvxPcpmqzaJZg1nirjcWZ-oBtVk7gCAWq -B3qhfF3izlbkosrzjHajIcY33HBhsy4_WerrXg4MDNE4HYojy68TcxT 2LYQRxUOCf5TtJXvM8olexlSGtVnQnDRutxEUCwiewfmmrfveEogLx9E A-KMgAjTiISXxqIXQhWUQX1G7v_mV_Hr2YuImYcNcHkRvp9E7ook0876 DhkO8v4UOZLwA1OlUX98mkoqwc58A_Y2lBYbVx1_s5lpPsEqbbH-nqIj h1fL0gdNfihLxnclWtW7pCztLnImZAyeCWAG7ZIfv-Rn9fLIv9jZ6r7r -MSH9sqbuziHN2grGjD_jfRluMHa0l84fFKl6bcqN1JWxPVhzNZo01yD F-1LiQnqUYSepPf6X3a2SOdkqBRiquE6EvLuSYIDpJq3jDIsgoL8Mo1L oomgiJxUwL_GWEOGu28gplyzm-9Q0U0nyhEf1uhSR8aJAQWAiFImWH5W _IQT9I7-yrindr_2fWQ_i1UgMsGzA7aOGzZfPljRy6z-tY_KuBG00-28 S_aWvjyUc-Alp8AUyKjBZ-7CWH32fGWK48j1t-zomrwjL_mnhsPbGs0c 9WsWgRzI-K8gE", "p": "7_2v3OQZzlPFcHyYfLABQ3XP85Es4hCdwCkbDeltaUXgVy9l9etKgh vM4hRkOvbb01kYVuLFmxIkCDtpi-zLCYAdXKrAK3PtSbtzld_XZ9nlsY a_QZWpXB_IrtFjVfdKUdMz94pHUhFGFj7nr6NNxfpiHSHWFE1zD_AC3m Y46J961Y2LRnreVwAGNw53p07Db8yD_92pDa97vqcZOdgtybH9q6uma-
RFNhO1AoiJhYZj69hjmMRXx-x56HO9cnXNbmzNSCFCKnQmn4GQLmRj9s fbZRqL94bbtE4_e0Zrpo8RNo8vxRLqQNwIy85fc6BRgBJomt8QdQvIgP gWCv5HoQ", "q": "zqOHk1P6WN_rHuM7ZF1cXH0x6RuOHq67WuHiSknqQeefGBA9PWs6Zy KQCO-O6mKXtcgE8_Q_hA2kMRcKOcvHil1hqMCNSXlflM7WPRPZu2qCDc qssd_uMbP-DqYthH_EzwL9KnYoH7JQFxxmcv5An8oXUtTwk4knKjkIYG RuUwfQTus0w1NfjFAyxOOiAQ37ussIcE6C6ZSsM3n41UlbJ7TCqewzVJ aPJN5cxjySPZPD3Vp01a9YgAD6a3IIaKJdIxJS1ImnfPevSJQBE79-EX e2kSwVgOzvt-gsmM29QQ8veHy4uAqca5dZzMs7hkkHtw1z0jHV90epQJ JlXXnH8Q", "dp": "19oDkBh1AXelMIxQFm2zZTqUhAzCIr4xNIGEPNoDt1jK83_FJA-xn x5kA7-1erdHdms_Ef67HsONNv5A60JaR7w8LHnDiBGnjdaUmmuO8XAxQ J_ia5mxjxNjS6E2yD44USo2JmHvzeeNczq25elqbTPLhUpGo1IZuG72F ZQ5gTjXoTXC2-xtCDEUZfaUNh4IeAipfLugbpe0JAFlFfrTDAMUFpC3i XjxqzbEanflwPvj6V9iDSgjj8SozSM0dLtxvu0LIeIQAeEgT_yXcrKGm pKdSO08kLBx8VUjkbv_3Pn20Gyu2YEuwpFlM_H1NikuxJNKFGmnAq9Lc nwwT0jvoQ", "dq": "S6p59KrlmzGzaQYQM3o0XfHCGvfqHLYjCO557HYQf72O9kLMCfd_1 VBEqeD-1jjwELKDjck8kOBl5UvohK1oDfSP1DleAy-cnmL29DqWmhgwM 1ip0CCNmkmsmDSlqkUXDi6sAaZuntyukyflI-qSQ3C_BafPyFaKrt1fg dyEwYa08pESKwwWisy7KnmoUvaJ3SaHmohFS78TJ25cfc10wZ9hQNOrI ChZlkiOdFCtxDqdmCqNacnhgE3bZQjGp3n83ODSz9zwJcSUvODlXBPc2 AycH6Ci5yjbxt4Ppox_5pjm6xnQkiPgj01GpsUssMmBN7iHVsrE7N2iz nBNCeOUIQ", "qi": "FZhClBMywVVjnuUud-05qd5CYU0dK79akAgy9oX6RX6I3IIIPckCc iRrokxglZn-omAY5CnCe4KdrnjFOT5YUZE7G_Pg44XgCXaarLQf4hl80 oPEf6-jJ5Iy6wPRx7G2e8qLxnh9cOdf-kRqgOS3F48Ucvw3ma5V6KGMw QqWFeV31XtZ8l5cVI-I3NzBS7qltpUVgz2Ju021eyc7IlqgzR98qKONl 27DuEES0aK0WE97jnsyO27Yp88Wa2RiBrEocM89QZI1seJiGDizHRUP4 UZxw9zsXww46wy0P6f9grnYp7t8LkyDDk8eoI4KX6SNMNVcyVS9IWjlq 8EzqZEKIA" } Figure 84: RSA 4096-Bit Key (NOTE: While the key includes the private parameters, only the public parameters "e" and "n" are necessary for the encryption operation.)5.2.2. Generated Factors
The following are generated before encrypting: o AES symmetric key as the Content Encryption Key (CEK); this example uses the key from Figure 85. o Initialization Vector; this example uses the Initialization Vector from Figure 86.
mYMfsggkTAm0TbvtlFh2hyoXnbEzJQjMxmgLN3d8xXA Figure 85: Content Encryption Key, base64url-encoded -nBoKLH0YkLZPSI9 Figure 86: Initialization Vector, base64url-encoded5.2.3. Encrypting the Key
Performing the key encryption operation over the CEK (Figure 85) with the RSA key (Figure 84) produces the following Encrypted Key: rT99rwrBTbTI7IJM8fU3Eli7226HEB7IchCxNuh7lCiud48LxeolRdtFF4nzQi beYOl5S_PJsAXZwSXtDePz9hk-BbtsTBqC2UsPOdwjC9NhNupNNu9uHIVftDyu cvI6hvALeZ6OGnhNV4v1zx2k7O1D89mAzfw-_kT3tkuorpDU-CpBENfIHX1Q58 -Aad3FzMuo3Fn9buEP2yXakLXYa15BUXQsupM4A1GD4_H4Bd7V3u9h8Gkg8Bpx KdUV9ScfJQTcYm6eJEBz3aSwIaK4T3-dwWpuBOhROQXBosJzS1asnuHtVMt2pK IIfux5BC6huIvmY7kzV7W7aIUrpYm_3H4zYvyMeq5pGqFmW2k8zpO878TRlZx7 pZfPYDSXZyS0CfKKkMozT_qiCwZTSz4duYnt8hS4Z9sGthXn9uDqd6wycMagnQ fOTs_lycTWmY-aqWVDKhjYNRf03NiwRtb5BE-tOdFwCASQj3uuAgPGrO2AWBe3 8UjQb0lvXn1SpyvYZ3WFc7WOJYaTa7A8DRn6MC6T-xDmMuxC0G7S2rscw5lQQU 06MvZTlFOt0UvfuKBa03cxA_nIBIhLMjY2kOTxQMmpDPTr6Cbo8aKaOnx6ASE5 Jx9paBpnNmOOKH35j_QlrQhDWUN6A2Gg8iFayJ69xDEdHAVCGRzN3woEI2ozDR s Figure 87: Encrypted Key, base64url-encoded5.2.4. Encrypting the Content
The following is generated before encrypting the Plaintext: o JWE Protected Header; this example uses the header from Figure 88, encoded using base64url [RFC4648] to produce Figure 89. { "alg": "RSA-OAEP", "kid": "samwise.gamgee@hobbiton.example", "enc": "A256GCM" } Figure 88: JWE Protected Header JSON eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6InNhbXdpc2UuZ2FtZ2VlQGhvYmJpdG 9uLmV4YW1wbGUiLCJlbmMiOiJBMjU2R0NNIn0 Figure 89: JWE Protected Header, base64url-encoded
Performing the content encryption operation over the Plaintext (Figure 72) with the following: o CEK (Figure 85); o Initialization Vector (Figure 86); and o JWE Protected Header (Figure 89) as authenticated data produces the following: o Ciphertext from Figure 90. o Authentication Tag from Figure 91. o4k2cnGN8rSSw3IDo1YuySkqeS_t2m1GXklSgqBdpACm6UJuJowOHC5ytjqYgR L-I-soPlwqMUf4UgRWWeaOGNw6vGW-xyM01lTYxrXfVzIIaRdhYtEMRBvBWbEw P7ua1DRfvaOjgZv6Ifa3brcAM64d8p5lhhNcizPersuhw5f-pGYzseva-TUaL8 iWnctc-sSwy7SQmRkfhDjwbz0fz6kFovEgj64X1I5s7E6GLp5fnbYGLa1QUiML 7Cc2GxgvI7zqWo0YIEc7aCflLG1-8BboVWFdZKLK9vNoycrYHumwzKluLWEbSV maPpOslY2n525DxDfWaVFUfKQxMF56vn4B9QMpWAbnypNimbM8zVOw Figure 90: Ciphertext, base64url-encoded UCGiqJxhBI3IFVdPalHHvA Figure 91: Authentication Tag, base64url-encoded5.2.5. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 89) o Encrypted Key (Figure 87) o Initialization Vector (Figure 86) o Ciphertext (Figure 90) o Authentication Tag (Figure 91)
The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6InNhbXdpc2UuZ2FtZ2VlQGhvYmJpdG 9uLmV4YW1wbGUiLCJlbmMiOiJBMjU2R0NNIn0 . rT99rwrBTbTI7IJM8fU3Eli7226HEB7IchCxNuh7lCiud48LxeolRdtFF4nzQi beYOl5S_PJsAXZwSXtDePz9hk-BbtsTBqC2UsPOdwjC9NhNupNNu9uHIVftDyu cvI6hvALeZ6OGnhNV4v1zx2k7O1D89mAzfw-_kT3tkuorpDU-CpBENfIHX1Q58 -Aad3FzMuo3Fn9buEP2yXakLXYa15BUXQsupM4A1GD4_H4Bd7V3u9h8Gkg8Bpx KdUV9ScfJQTcYm6eJEBz3aSwIaK4T3-dwWpuBOhROQXBosJzS1asnuHtVMt2pK IIfux5BC6huIvmY7kzV7W7aIUrpYm_3H4zYvyMeq5pGqFmW2k8zpO878TRlZx7 pZfPYDSXZyS0CfKKkMozT_qiCwZTSz4duYnt8hS4Z9sGthXn9uDqd6wycMagnQ fOTs_lycTWmY-aqWVDKhjYNRf03NiwRtb5BE-tOdFwCASQj3uuAgPGrO2AWBe3 8UjQb0lvXn1SpyvYZ3WFc7WOJYaTa7A8DRn6MC6T-xDmMuxC0G7S2rscw5lQQU 06MvZTlFOt0UvfuKBa03cxA_nIBIhLMjY2kOTxQMmpDPTr6Cbo8aKaOnx6ASE5 Jx9paBpnNmOOKH35j_QlrQhDWUN6A2Gg8iFayJ69xDEdHAVCGRzN3woEI2ozDR s . -nBoKLH0YkLZPSI9 . o4k2cnGN8rSSw3IDo1YuySkqeS_t2m1GXklSgqBdpACm6UJuJowOHC5ytjqYgR L-I-soPlwqMUf4UgRWWeaOGNw6vGW-xyM01lTYxrXfVzIIaRdhYtEMRBvBWbEw P7ua1DRfvaOjgZv6Ifa3brcAM64d8p5lhhNcizPersuhw5f-pGYzseva-TUaL8 iWnctc-sSwy7SQmRkfhDjwbz0fz6kFovEgj64X1I5s7E6GLp5fnbYGLa1QUiML 7Cc2GxgvI7zqWo0YIEc7aCflLG1-8BboVWFdZKLK9vNoycrYHumwzKluLWEbSV maPpOslY2n525DxDfWaVFUfKQxMF56vn4B9QMpWAbnypNimbM8zVOw . UCGiqJxhBI3IFVdPalHHvA Figure 92: JWE Compact Serialization
The resulting JWE object using the general JWE JSON Serialization: { "recipients": [ { "encrypted_key": "rT99rwrBTbTI7IJM8fU3Eli7226HEB7IchCxNu h7lCiud48LxeolRdtFF4nzQibeYOl5S_PJsAXZwSXtDePz9hk-Bb tsTBqC2UsPOdwjC9NhNupNNu9uHIVftDyucvI6hvALeZ6OGnhNV4 v1zx2k7O1D89mAzfw-_kT3tkuorpDU-CpBENfIHX1Q58-Aad3FzM uo3Fn9buEP2yXakLXYa15BUXQsupM4A1GD4_H4Bd7V3u9h8Gkg8B pxKdUV9ScfJQTcYm6eJEBz3aSwIaK4T3-dwWpuBOhROQXBosJzS1 asnuHtVMt2pKIIfux5BC6huIvmY7kzV7W7aIUrpYm_3H4zYvyMeq 5pGqFmW2k8zpO878TRlZx7pZfPYDSXZyS0CfKKkMozT_qiCwZTSz 4duYnt8hS4Z9sGthXn9uDqd6wycMagnQfOTs_lycTWmY-aqWVDKh jYNRf03NiwRtb5BE-tOdFwCASQj3uuAgPGrO2AWBe38UjQb0lvXn 1SpyvYZ3WFc7WOJYaTa7A8DRn6MC6T-xDmMuxC0G7S2rscw5lQQU 06MvZTlFOt0UvfuKBa03cxA_nIBIhLMjY2kOTxQMmpDPTr6Cbo8a KaOnx6ASE5Jx9paBpnNmOOKH35j_QlrQhDWUN6A2Gg8iFayJ69xD EdHAVCGRzN3woEI2ozDRs" } ], "protected": "eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6InNhbXdpc2UuZ2 FtZ2VlQGhvYmJpdG9uLmV4YW1wbGUiLCJlbmMiOiJBMjU2R0NNIn0", "iv": "-nBoKLH0YkLZPSI9", "ciphertext": "o4k2cnGN8rSSw3IDo1YuySkqeS_t2m1GXklSgqBdpACm6 UJuJowOHC5ytjqYgRL-I-soPlwqMUf4UgRWWeaOGNw6vGW-xyM01lTYx rXfVzIIaRdhYtEMRBvBWbEwP7ua1DRfvaOjgZv6Ifa3brcAM64d8p5lh hNcizPersuhw5f-pGYzseva-TUaL8iWnctc-sSwy7SQmRkfhDjwbz0fz 6kFovEgj64X1I5s7E6GLp5fnbYGLa1QUiML7Cc2GxgvI7zqWo0YIEc7a CflLG1-8BboVWFdZKLK9vNoycrYHumwzKluLWEbSVmaPpOslY2n525Dx DfWaVFUfKQxMF56vn4B9QMpWAbnypNimbM8zVOw", "tag": "UCGiqJxhBI3IFVdPalHHvA" } Figure 93: General JWE JSON Serialization
The resulting JWE object using the flattened JWE JSON Serialization: { "protected": "eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6InNhbXdpc2UuZ2 FtZ2VlQGhvYmJpdG9uLmV4YW1wbGUiLCJlbmMiOiJBMjU2R0NNIn0", "encrypted_key": "rT99rwrBTbTI7IJM8fU3Eli7226HEB7IchCxNuh7lC iud48LxeolRdtFF4nzQibeYOl5S_PJsAXZwSXtDePz9hk-BbtsTBqC2U sPOdwjC9NhNupNNu9uHIVftDyucvI6hvALeZ6OGnhNV4v1zx2k7O1D89 mAzfw-_kT3tkuorpDU-CpBENfIHX1Q58-Aad3FzMuo3Fn9buEP2yXakL XYa15BUXQsupM4A1GD4_H4Bd7V3u9h8Gkg8BpxKdUV9ScfJQTcYm6eJE Bz3aSwIaK4T3-dwWpuBOhROQXBosJzS1asnuHtVMt2pKIIfux5BC6huI vmY7kzV7W7aIUrpYm_3H4zYvyMeq5pGqFmW2k8zpO878TRlZx7pZfPYD SXZyS0CfKKkMozT_qiCwZTSz4duYnt8hS4Z9sGthXn9uDqd6wycMagnQ fOTs_lycTWmY-aqWVDKhjYNRf03NiwRtb5BE-tOdFwCASQj3uuAgPGrO 2AWBe38UjQb0lvXn1SpyvYZ3WFc7WOJYaTa7A8DRn6MC6T-xDmMuxC0G 7S2rscw5lQQU06MvZTlFOt0UvfuKBa03cxA_nIBIhLMjY2kOTxQMmpDP Tr6Cbo8aKaOnx6ASE5Jx9paBpnNmOOKH35j_QlrQhDWUN6A2Gg8iFayJ 69xDEdHAVCGRzN3woEI2ozDRs", "iv": "-nBoKLH0YkLZPSI9", "ciphertext": "o4k2cnGN8rSSw3IDo1YuySkqeS_t2m1GXklSgqBdpACm6 UJuJowOHC5ytjqYgRL-I-soPlwqMUf4UgRWWeaOGNw6vGW-xyM01lTYx rXfVzIIaRdhYtEMRBvBWbEwP7ua1DRfvaOjgZv6Ifa3brcAM64d8p5lh hNcizPersuhw5f-pGYzseva-TUaL8iWnctc-sSwy7SQmRkfhDjwbz0fz 6kFovEgj64X1I5s7E6GLp5fnbYGLa1QUiML7Cc2GxgvI7zqWo0YIEc7a CflLG1-8BboVWFdZKLK9vNoycrYHumwzKluLWEbSVmaPpOslY2n525Dx DfWaVFUfKQxMF56vn4B9QMpWAbnypNimbM8zVOw", "tag": "UCGiqJxhBI3IFVdPalHHvA" } Figure 94: Flattened JWE JSON Serialization5.3. Key Wrap Using PBES2-AES-KeyWrap with AES-CBC-HMAC-SHA2
The example illustrates encrypting content using the "PBES2-HS512+A256KW" (PBES2 Password-based Encryption using HMAC- SHA-512 and AES-256-KeyWrap) key encryption algorithm with the "A128CBC-HS256" (AES-128-CBC-HMAC-SHA-256) content encryption algorithm. A common use of password-based encryption is the import/export of keys. Therefore, this example uses a JWK Set for the Plaintext content instead of the Plaintext from Figure 72.
Note that if password-based encryption is used for multiple recipients, it is expected that each recipient use different values for the PBES2 parameters "p2s" and "p2c". Note that whitespace is added for readability as described in Section 1.1.5.3.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the Plaintext from Figure 95 (NOTE: All whitespace was added for readability). o Password; this example uses the password from Figure 96 -- with the sequence "\xe2\x80\x93" replaced with (U+2013 EN DASH). o "alg" parameter of "PBES2-HS512+A256KW". o "enc" parameter of "A128CBC-HS256". { "keys": [ { "kty": "oct", "kid": "77c7e2b8-6e13-45cf-8672-617b5b45243a", "use": "enc", "alg": "A128GCM", "k": "XctOhJAkA-pD9Lh7ZgW_2A" }, { "kty": "oct", "kid": "81b20965-8332-43d9-a468-82160ad91ac8", "use": "enc", "alg": "A128KW", "k": "GZy6sIZ6wl9NJOKB-jnmVQ" }, { "kty": "oct", "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d", "use": "enc", "alg": "A256GCMKW", "k": "qC57l_uxcm7Nm3K-ct4GFjx8tM1U8CZ0NLBvdQstiS8" } ] } Figure 95: Plaintext Content
entrap_o\xe2\x80\x93peter_long\xe2\x80\x93credit_tun Figure 96: Password5.3.2. Generated Factors
The following are generated before encrypting: o AES symmetric key as the Content Encryption Key (CEK); this example uses the key from Figure 97. o Initialization Vector; this example uses the Initialization Vector from Figure 98. uwsjJXaBK407Qaf0_zpcpmr1Cs0CC50hIUEyGNEt3m0 Figure 97: Content Encryption Key, base64url-encoded VBiCzVHNoLiR3F4V82uoTQ Figure 98: Initialization Vector, base64url-encoded5.3.3. Encrypting the Key
The following are generated before encrypting the CEK: o Salt input; this example uses the salt input from Figure 99. o Iteration count; this example uses the iteration count 8192. 8Q1SzinasR3xchYz6ZZcHA Figure 99: Salt Input, base64url-encoded Performing the key encryption operation over the CEK (Figure 97) with the following: o Password (Figure 96); o Salt input (Figure 99), encoded as an octet string; and o Iteration count (8192) produces the following Encrypted Key: d3qNhUWfqheyPp4H8sjOWsDYajoej4c5Je6rlUtFPWdgtURtmeDV1g Figure 100: Encrypted Key, base64url-encoded
5.3.4. Encrypting the Content
The following is generated before encrypting the content: o JWE Protected Header; this example uses the header from Figure 101, encoded using base64url [RFC4648] to produce Figure 102. { "alg": "PBES2-HS512+A256KW", "p2s": "8Q1SzinasR3xchYz6ZZcHA", "p2c": 8192, "cty": "jwk-set+json", "enc": "A128CBC-HS256" } Figure 101: JWE Protected Header JSON eyJhbGciOiJQQkVTMi1IUzUxMitBMjU2S1ciLCJwMnMiOiI4UTFTemluYXNSM3 hjaFl6NlpaY0hBIiwicDJjIjo4MTkyLCJjdHkiOiJqd2stc2V0K2pzb24iLCJl bmMiOiJBMTI4Q0JDLUhTMjU2In0 Figure 102: JWE Protected Header, base64url-encoded Performing the content encryption operation over the Plaintext (Figure 95) with the following: o CEK (Figure 97); o Initialization Vector (Figure 98); and o JWE Protected Header (Figure 102) as authenticated data produces the following: o Ciphertext from Figure 103. o Authentication Tag from Figure 104.
23i-Tb1AV4n0WKVSSgcQrdg6GRqsUKxjruHXYsTHAJLZ2nsnGIX86vMXqIi6IR sfywCRFzLxEcZBRnTvG3nhzPk0GDD7FMyXhUHpDjEYCNA_XOmzg8yZR9oyjo6l TF6si4q9FZ2EhzgFQCLO_6h5EVg3vR75_hkBsnuoqoM3dwejXBtIodN84PeqMb 6asmas_dpSsz7H10fC5ni9xIz424givB1YLldF6exVmL93R3fOoOJbmk2GBQZL _SEGllv2cQsBgeprARsaQ7Bq99tT80coH8ItBjgV08AtzXFFsx9qKvC982KLKd PQMTlVJKkqtV4Ru5LEVpBZXBnZrtViSOgyg6AiuwaS-rCrcD_ePOGSuxvgtrok AKYPqmXUeRdjFJwafkYEkiuDCV9vWGAi1DH2xTafhJwcmywIyzi4BqRpmdn_N- zl5tuJYyuvKhjKv6ihbsV_k1hJGPGAxJ6wUpmwC4PTQ2izEm0TuSE8oMKdTw8V 3kobXZ77ulMwDs4p Figure 103: Ciphertext, base64url-encoded 0HlwodAhOCILG5SQ2LQ9dg Figure 104: Authentication Tag, base64url-encoded5.3.5. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 102) o Encrypted Key (Figure 100) o Initialization Vector (Figure 98) o Ciphertext (Figure 103) o Authentication Tag (Figure 104)
The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJQQkVTMi1IUzUxMitBMjU2S1ciLCJwMnMiOiI4UTFTemluYXNSM3 hjaFl6NlpaY0hBIiwicDJjIjo4MTkyLCJjdHkiOiJqd2stc2V0K2pzb24iLCJl bmMiOiJBMTI4Q0JDLUhTMjU2In0 . d3qNhUWfqheyPp4H8sjOWsDYajoej4c5Je6rlUtFPWdgtURtmeDV1g . VBiCzVHNoLiR3F4V82uoTQ . 23i-Tb1AV4n0WKVSSgcQrdg6GRqsUKxjruHXYsTHAJLZ2nsnGIX86vMXqIi6IR sfywCRFzLxEcZBRnTvG3nhzPk0GDD7FMyXhUHpDjEYCNA_XOmzg8yZR9oyjo6l TF6si4q9FZ2EhzgFQCLO_6h5EVg3vR75_hkBsnuoqoM3dwejXBtIodN84PeqMb 6asmas_dpSsz7H10fC5ni9xIz424givB1YLldF6exVmL93R3fOoOJbmk2GBQZL _SEGllv2cQsBgeprARsaQ7Bq99tT80coH8ItBjgV08AtzXFFsx9qKvC982KLKd PQMTlVJKkqtV4Ru5LEVpBZXBnZrtViSOgyg6AiuwaS-rCrcD_ePOGSuxvgtrok AKYPqmXUeRdjFJwafkYEkiuDCV9vWGAi1DH2xTafhJwcmywIyzi4BqRpmdn_N- zl5tuJYyuvKhjKv6ihbsV_k1hJGPGAxJ6wUpmwC4PTQ2izEm0TuSE8oMKdTw8V 3kobXZ77ulMwDs4p . 0HlwodAhOCILG5SQ2LQ9dg Figure 105: JWE Compact Serialization
The resulting JWE object using the general JWE JSON Serialization: { "recipients": [ { "encrypted_key": "d3qNhUWfqheyPp4H8sjOWsDYajoej4c5Je6rlU tFPWdgtURtmeDV1g" } ], "protected": "eyJhbGciOiJQQkVTMi1IUzUxMitBMjU2S1ciLCJwMnMiOi I4UTFTemluYXNSM3hjaFl6NlpaY0hBIiwicDJjIjo4MTkyLCJjdHkiOi Jqd2stc2V0K2pzb24iLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0", "iv": "VBiCzVHNoLiR3F4V82uoTQ", "ciphertext": "23i-Tb1AV4n0WKVSSgcQrdg6GRqsUKxjruHXYsTHAJLZ2 nsnGIX86vMXqIi6IRsfywCRFzLxEcZBRnTvG3nhzPk0GDD7FMyXhUHpD jEYCNA_XOmzg8yZR9oyjo6lTF6si4q9FZ2EhzgFQCLO_6h5EVg3vR75_ hkBsnuoqoM3dwejXBtIodN84PeqMb6asmas_dpSsz7H10fC5ni9xIz42 4givB1YLldF6exVmL93R3fOoOJbmk2GBQZL_SEGllv2cQsBgeprARsaQ 7Bq99tT80coH8ItBjgV08AtzXFFsx9qKvC982KLKdPQMTlVJKkqtV4Ru 5LEVpBZXBnZrtViSOgyg6AiuwaS-rCrcD_ePOGSuxvgtrokAKYPqmXUe RdjFJwafkYEkiuDCV9vWGAi1DH2xTafhJwcmywIyzi4BqRpmdn_N-zl5 tuJYyuvKhjKv6ihbsV_k1hJGPGAxJ6wUpmwC4PTQ2izEm0TuSE8oMKdT w8V3kobXZ77ulMwDs4p", "tag": "0HlwodAhOCILG5SQ2LQ9dg" } Figure 106: General JWE JSON Serialization
The resulting JWE object using the flattened JWE JSON Serialization: { "protected": "eyJhbGciOiJQQkVTMi1IUzUxMitBMjU2S1ciLCJwMnMiOi I4UTFTemluYXNSM3hjaFl6NlpaY0hBIiwicDJjIjo4MTkyLCJjdHkiOi Jqd2stc2V0K2pzb24iLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0", "encrypted_key": "d3qNhUWfqheyPp4H8sjOWsDYajoej4c5Je6rlUtFPW dgtURtmeDV1g", "iv": "VBiCzVHNoLiR3F4V82uoTQ", "ciphertext": "23i-Tb1AV4n0WKVSSgcQrdg6GRqsUKxjruHXYsTHAJLZ2 nsnGIX86vMXqIi6IRsfywCRFzLxEcZBRnTvG3nhzPk0GDD7FMyXhUHpD jEYCNA_XOmzg8yZR9oyjo6lTF6si4q9FZ2EhzgFQCLO_6h5EVg3vR75_ hkBsnuoqoM3dwejXBtIodN84PeqMb6asmas_dpSsz7H10fC5ni9xIz42 4givB1YLldF6exVmL93R3fOoOJbmk2GBQZL_SEGllv2cQsBgeprARsaQ 7Bq99tT80coH8ItBjgV08AtzXFFsx9qKvC982KLKdPQMTlVJKkqtV4Ru 5LEVpBZXBnZrtViSOgyg6AiuwaS-rCrcD_ePOGSuxvgtrokAKYPqmXUe RdjFJwafkYEkiuDCV9vWGAi1DH2xTafhJwcmywIyzi4BqRpmdn_N-zl5 tuJYyuvKhjKv6ihbsV_k1hJGPGAxJ6wUpmwC4PTQ2izEm0TuSE8oMKdT w8V3kobXZ77ulMwDs4p", "tag": "0HlwodAhOCILG5SQ2LQ9dg" } Figure 107: Flattened JWE JSON Serialization5.4. Key Agreement with Key Wrapping Using ECDH-ES and AES-KeyWrap with AES-GCM
This example illustrates encrypting content using the "ECDH- ES+A128KW" (Elliptic Curve Diffie-Hellman Ephemeral-Static with AES- 128-KeyWrap) key encryption algorithm and the "A128GCM" (AES-GCM) content encryption algorithm. Note that only the EC public key is necessary to perform the key agreement. However, the example includes the EC private key to allow readers to validate the output. Note that whitespace is added for readability as described in Section 1.1.5.4.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the content from Figure 72. o EC public key; this example uses the public key from Figure 108.
o "alg" parameter of "ECDH-ES+A128KW". o "enc" parameter of "A128GCM". { "kty": "EC", "kid": "peregrin.took@tuckborough.example", "use": "enc", "crv": "P-384", "x": "YU4rRUzdmVqmRtWOs2OpDE_T5fsNIodcG8G5FWPrTPMyxpzsSOGaQL pe2FpxBmu2", "y": "A8-yxCHxkfBz3hKZfI1jUYMjUhsEveZ9THuwFjH2sCNdtksRJU7D5- SkgaFL1ETP", "d": "iTx2pk7wW-GqJkHcEkFQb2EFyYcO7RugmaW3mRrQVAOUiPommT0Idn YK2xDlZh-j" } Figure 108: Elliptic Curve P-384 Key, in JWK Format (NOTE: While the key includes the private parameters, only the public parameters "crv", "x", and "y" are necessary for the encryption operation.)5.4.2. Generated Factors
The following are generated before encrypting: o AES symmetric key as the Content Encryption Key (CEK); this example uses the key from Figure 109. o Initialization Vector; this example uses the Initialization Vector from Figure 110. Nou2ueKlP70ZXDbq9UrRwg Figure 109: Content Encryption Key, base64url-encoded mH-G2zVqgztUtnW_ Figure 110: Initialization Vector, base64url-encoded5.4.3. Encrypting the Key
To encrypt the Content Encryption Key, the following is generated: o Ephemeral EC private key on the same curve as the EC public key; this example uses the private key from Figure 111.
{ "kty": "EC", "crv": "P-384", "x": "uBo4kHPw6kbjx5l0xowrd_oYzBmaz-GKFZu4xAFFkbYiWgutEK6iuE DsQ6wNdNg3", "y": "sp3p5SGhZVC2faXumI-e9JU2Mo8KpoYrFDr5yPNVtW4PgEwZOyQTA- JdaY8tb7E0", "d": "D5H4Y_5PSKZvhfVFbcCYJOtcGZygRgfZkpsBr59Icmmhe9sW6nkZ8W fwhinUfWJg" } Figure 111: Ephemeral Elliptic Curve P-384 Key, in JWK Format Performing the key encryption operation over the CEK (Figure 109) with the following: o The static Elliptic Curve public key (Figure 108); and o The ephemeral Elliptic Curve private key (Figure 111) produces the following JWE Encrypted Key: 0DJjBXri_kBcC46IkU5_Jk9BqaQeHdv2 Figure 112: Encrypted Key, base64url-encoded5.4.4. Encrypting the Content
The following is generated before encrypting the content: o JWE Protected Header; this example uses the header from Figure 113, encoded to base64url [RFC4648] as Figure 114. { "alg": "ECDH-ES+A128KW", "kid": "peregrin.took@tuckborough.example", "epk": { "kty": "EC", "crv": "P-384", "x": "uBo4kHPw6kbjx5l0xowrd_oYzBmaz-GKFZu4xAFFkbYiWgutEK6i uEDsQ6wNdNg3", "y": "sp3p5SGhZVC2faXumI-e9JU2Mo8KpoYrFDr5yPNVtW4PgEwZOyQT A-JdaY8tb7E0" }, "enc": "A128GCM" } Figure 113: JWE Protected Header JSON
eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImtpZCI6InBlcmVncmluLnRvb2tAdH Vja2Jvcm91Z2guZXhhbXBsZSIsImVwayI6eyJrdHkiOiJFQyIsImNydiI6IlAt Mzg0IiwieCI6InVCbzRrSFB3Nmtiang1bDB4b3dyZF9vWXpCbWF6LUdLRlp1NH hBRkZrYllpV2d1dEVLNml1RURzUTZ3TmROZzMiLCJ5Ijoic3AzcDVTR2haVkMy ZmFYdW1JLWU5SlUyTW84S3BvWXJGRHI1eVBOVnRXNFBnRXdaT3lRVEEtSmRhWT h0YjdFMCJ9LCJlbmMiOiJBMTI4R0NNIn0 Figure 114: JWE Protected Header, base64url-encoded Performing the content encryption operation on the Plaintext (Figure 72) using the following: o CEK (Figure 109); o Initialization Vector (Figure 110); and o JWE Protected Header (Figure 114) as authenticated data produces the following: o Ciphertext from Figure 115. o Authentication Tag from Figure 116. tkZuOO9h95OgHJmkkrfLBisku8rGf6nzVxhRM3sVOhXgz5NJ76oID7lpnAi_cP WJRCjSpAaUZ5dOR3Spy7QuEkmKx8-3RCMhSYMzsXaEwDdXta9Mn5B7cCBoJKB0 IgEnj_qfo1hIi-uEkUpOZ8aLTZGHfpl05jMwbKkTe2yK3mjF6SBAsgicQDVCkc Y9BLluzx1RmC3ORXaM0JaHPB93YcdSDGgpgBWMVrNU1ErkjcMqMoT_wtCex3w0 3XdLkjXIuEr2hWgeP-nkUZTPU9EoGSPj6fAS-bSz87RCPrxZdj_iVyC6QWcqAu 07WNhjzJEPc4jVntRJ6K53NgPQ5p99l3Z408OUqj4ioYezbS6vTPlQ Figure 115: Ciphertext, base64url-encoded WuGzxmcreYjpHGJoa17EBg Figure 116: Authentication Tag, base64url-encoded
5.4.5. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 114) o Encrypted Key (Figure 112) o Initialization Vector (Figure 110) o Ciphertext (Figure 115) o Authentication Tag (Figure 116) The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImtpZCI6InBlcmVncmluLnRvb2tAdH Vja2Jvcm91Z2guZXhhbXBsZSIsImVwayI6eyJrdHkiOiJFQyIsImNydiI6IlAt Mzg0IiwieCI6InVCbzRrSFB3Nmtiang1bDB4b3dyZF9vWXpCbWF6LUdLRlp1NH hBRkZrYllpV2d1dEVLNml1RURzUTZ3TmROZzMiLCJ5Ijoic3AzcDVTR2haVkMy ZmFYdW1JLWU5SlUyTW84S3BvWXJGRHI1eVBOVnRXNFBnRXdaT3lRVEEtSmRhWT h0YjdFMCJ9LCJlbmMiOiJBMTI4R0NNIn0 . 0DJjBXri_kBcC46IkU5_Jk9BqaQeHdv2 . mH-G2zVqgztUtnW_ . tkZuOO9h95OgHJmkkrfLBisku8rGf6nzVxhRM3sVOhXgz5NJ76oID7lpnAi_cP WJRCjSpAaUZ5dOR3Spy7QuEkmKx8-3RCMhSYMzsXaEwDdXta9Mn5B7cCBoJKB0 IgEnj_qfo1hIi-uEkUpOZ8aLTZGHfpl05jMwbKkTe2yK3mjF6SBAsgicQDVCkc Y9BLluzx1RmC3ORXaM0JaHPB93YcdSDGgpgBWMVrNU1ErkjcMqMoT_wtCex3w0 3XdLkjXIuEr2hWgeP-nkUZTPU9EoGSPj6fAS-bSz87RCPrxZdj_iVyC6QWcqAu 07WNhjzJEPc4jVntRJ6K53NgPQ5p99l3Z408OUqj4ioYezbS6vTPlQ . WuGzxmcreYjpHGJoa17EBg Figure 117: JWE Compact Serialization
The resulting JWE object using the general JWE JSON Serialization: { "recipients": [ { "encrypted_key": "0DJjBXri_kBcC46IkU5_Jk9BqaQeHdv2" } ], "protected": "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImtpZCI6InBlcm VncmluLnRvb2tAdHVja2Jvcm91Z2guZXhhbXBsZSIsImVwayI6eyJrdH kiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6InVCbzRrSFB3Nmtiang1bD B4b3dyZF9vWXpCbWF6LUdLRlp1NHhBRkZrYllpV2d1dEVLNml1RURzUT Z3TmROZzMiLCJ5Ijoic3AzcDVTR2haVkMyZmFYdW1JLWU5SlUyTW84S3 BvWXJGRHI1eVBOVnRXNFBnRXdaT3lRVEEtSmRhWTh0YjdFMCJ9LCJlbm MiOiJBMTI4R0NNIn0", "iv": "mH-G2zVqgztUtnW_", "ciphertext": "tkZuOO9h95OgHJmkkrfLBisku8rGf6nzVxhRM3sVOhXgz 5NJ76oID7lpnAi_cPWJRCjSpAaUZ5dOR3Spy7QuEkmKx8-3RCMhSYMzs XaEwDdXta9Mn5B7cCBoJKB0IgEnj_qfo1hIi-uEkUpOZ8aLTZGHfpl05 jMwbKkTe2yK3mjF6SBAsgicQDVCkcY9BLluzx1RmC3ORXaM0JaHPB93Y cdSDGgpgBWMVrNU1ErkjcMqMoT_wtCex3w03XdLkjXIuEr2hWgeP-nkU ZTPU9EoGSPj6fAS-bSz87RCPrxZdj_iVyC6QWcqAu07WNhjzJEPc4jVn tRJ6K53NgPQ5p99l3Z408OUqj4ioYezbS6vTPlQ", "tag": "WuGzxmcreYjpHGJoa17EBg" } Figure 118: General JWE JSON Serialization
The resulting JWE object using the flattened JWE JSON Serialization: { "protected": "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImtpZCI6InBlcm VncmluLnRvb2tAdHVja2Jvcm91Z2guZXhhbXBsZSIsImVwayI6eyJrdH kiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6InVCbzRrSFB3Nmtiang1bD B4b3dyZF9vWXpCbWF6LUdLRlp1NHhBRkZrYllpV2d1dEVLNml1RURzUT Z3TmROZzMiLCJ5Ijoic3AzcDVTR2haVkMyZmFYdW1JLWU5SlUyTW84S3 BvWXJGRHI1eVBOVnRXNFBnRXdaT3lRVEEtSmRhWTh0YjdFMCJ9LCJlbm MiOiJBMTI4R0NNIn0", "encrypted_key": "0DJjBXri_kBcC46IkU5_Jk9BqaQeHdv2", "iv": "mH-G2zVqgztUtnW_", "ciphertext": "tkZuOO9h95OgHJmkkrfLBisku8rGf6nzVxhRM3sVOhXgz 5NJ76oID7lpnAi_cPWJRCjSpAaUZ5dOR3Spy7QuEkmKx8-3RCMhSYMzs XaEwDdXta9Mn5B7cCBoJKB0IgEnj_qfo1hIi-uEkUpOZ8aLTZGHfpl05 jMwbKkTe2yK3mjF6SBAsgicQDVCkcY9BLluzx1RmC3ORXaM0JaHPB93Y cdSDGgpgBWMVrNU1ErkjcMqMoT_wtCex3w03XdLkjXIuEr2hWgeP-nkU ZTPU9EoGSPj6fAS-bSz87RCPrxZdj_iVyC6QWcqAu07WNhjzJEPc4jVn tRJ6K53NgPQ5p99l3Z408OUqj4ioYezbS6vTPlQ", "tag": "WuGzxmcreYjpHGJoa17EBg" } Figure 119: Flattened JWE JSON Serialization5.5. Key Agreement Using ECDH-ES with AES-CBC-HMAC-SHA2
This example illustrates encrypting content using the "ECDH-ES" (Elliptic Curve Diffie-Hellman Ephemeral-Static) key agreement algorithm and the "A128CBC-HS256" (AES-128-CBC-HMAC-SHA-256) content encryption algorithm. Note that only the EC public key is necessary to perform the key agreement. However, the example includes the EC private key to allow readers to validate the output. Note that whitespace is added for readability as described in Section 1.1.
5.5.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the content from Figure 72. o EC public key; this example uses the public key from Figure 120. o "alg" parameter of "ECDH-ES". o "enc" parameter of "A128CBC-HS256". { "kty": "EC", "kid": "meriadoc.brandybuck@buckland.example", "use": "enc", "crv": "P-256", "x": "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0", "y": "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw", "d": "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8" } Figure 120: Elliptic Curve P-256 Key (NOTE: While the key includes the private parameters, only the public parameters "crv", "x", and "y" are necessary for the encryption operation.)5.5.2. Generated Factors
The following is generated before encrypting: o Initialization Vector; this example uses the Initialization Vector from Figure 121. yc9N8v5sYyv3iGQT926IUg Figure 121: Initialization Vector, base64url-encoded NOTE: The Content Encryption Key (CEK) is not randomly generated; instead, it is determined using ECDH-ES key agreement.
5.5.3. Key Agreement
The following is generated to agree on a CEK: o Ephemeral private key; this example uses the private key from Figure 122. { "kty": "EC", "crv": "P-256", "x": "mPUKT_bAWGHIhg0TpjjqVsP1rXWQu_vwVOHHtNkdYoA", "y": "8BQAsImGeAS46fyWw5MhYfGTT0IjBpFw2SS34Dv4Irs", "d": "AtH35vJsQ9SGjYfOsjUxYXQKrPH3FjZHmEtSKoSN8cM" } Figure 122: Ephemeral Private Key, in JWK Format Performing the ECDH operation using the static EC public key (Figure 120) over the ephemeral private key (Figure 122) produces the following CEK: hzHdlfQIAEehb8Hrd_mFRhKsKLEzPfshfXs9l6areCc Figure 123: Agreed-to Content Encryption Key, base64url-encoded5.5.4. Encrypting the Content
The following is generated before encrypting the content: o JWE Protected Header; this example uses the header from Figure 124, encoded to base64url [RFC4648] as Figure 125. { "alg": "ECDH-ES", "kid": "meriadoc.brandybuck@buckland.example", "epk": { "kty": "EC", "crv": "P-256", "x": "mPUKT_bAWGHIhg0TpjjqVsP1rXWQu_vwVOHHtNkdYoA", "y": "8BQAsImGeAS46fyWw5MhYfGTT0IjBpFw2SS34Dv4Irs" }, "enc": "A128CBC-HS256" } Figure 124: JWE Protected Header JSON
eyJhbGciOiJFQ0RILUVTIiwia2lkIjoibWVyaWFkb2MuYnJhbmR5YnVja0BidW NrbGFuZC5leGFtcGxlIiwiZXBrIjp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYi LCJ4IjoibVBVS1RfYkFXR0hJaGcwVHBqanFWc1AxclhXUXVfdndWT0hIdE5rZF lvQSIsInkiOiI4QlFBc0ltR2VBUzQ2ZnlXdzVNaFlmR1RUMElqQnBGdzJTUzM0 RHY0SXJzIn0sImVuYyI6IkExMjhDQkMtSFMyNTYifQ Figure 125: JWE Protected Header, base64url-encoded Performing the content encryption operation on the Plaintext (Figure 72) using the following: o CEK (Figure 123); o Initialization Vector (Figure 121); and o JWE Protected Header (Figure 125) as authenticated data produces the following: o Ciphertext from Figure 126. o Authentication Tag from Figure 127. BoDlwPnTypYq-ivjmQvAYJLb5Q6l-F3LIgQomlz87yW4OPKbWE1zSTEFjDfhU9 IPIOSA9Bml4m7iDFwA-1ZXvHteLDtw4R1XRGMEsDIqAYtskTTmzmzNa-_q4F_e vAPUmwlO-ZG45Mnq4uhM1fm_D9rBtWolqZSF3xGNNkpOMQKF1Cl8i8wjzRli7- IXgyirlKQsbhhqRzkv8IcY6aHl24j03C-AR2le1r7URUhArM79BY8soZU0lzwI -sD5PZ3l4NDCCei9XkoIAfsXJWmySPoeRb2Ni5UZL4mYpvKDiwmyzGd65KqVw7 MsFfI_K767G9C9Azp73gKZD0DyUn1mn0WW5LmyX_yJ-3AROq8p1WZBfG-ZyJ61 95_JGG2m9Csg Figure 126: Ciphertext, base64url-encoded WCCkNa-x4BeB9hIDIfFuhg Figure 127: Authentication Tag, base64url-encoded5.5.5. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 114) o Initialization Vector (Figure 110) o Ciphertext (Figure 115) o Authentication Tag (Figure 116)
Only the general JWE JSON Serialization is presented because the flattened JWE JSON Serialization is identical. The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJFQ0RILUVTIiwia2lkIjoibWVyaWFkb2MuYnJhbmR5YnVja0BidW NrbGFuZC5leGFtcGxlIiwiZXBrIjp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYi LCJ4IjoibVBVS1RfYkFXR0hJaGcwVHBqanFWc1AxclhXUXVfdndWT0hIdE5rZF lvQSIsInkiOiI4QlFBc0ltR2VBUzQ2ZnlXdzVNaFlmR1RUMElqQnBGdzJTUzM0 RHY0SXJzIn0sImVuYyI6IkExMjhDQkMtSFMyNTYifQ . . yc9N8v5sYyv3iGQT926IUg . BoDlwPnTypYq-ivjmQvAYJLb5Q6l-F3LIgQomlz87yW4OPKbWE1zSTEFjDfhU9 IPIOSA9Bml4m7iDFwA-1ZXvHteLDtw4R1XRGMEsDIqAYtskTTmzmzNa-_q4F_e vAPUmwlO-ZG45Mnq4uhM1fm_D9rBtWolqZSF3xGNNkpOMQKF1Cl8i8wjzRli7- IXgyirlKQsbhhqRzkv8IcY6aHl24j03C-AR2le1r7URUhArM79BY8soZU0lzwI -sD5PZ3l4NDCCei9XkoIAfsXJWmySPoeRb2Ni5UZL4mYpvKDiwmyzGd65KqVw7 MsFfI_K767G9C9Azp73gKZD0DyUn1mn0WW5LmyX_yJ-3AROq8p1WZBfG-ZyJ61 95_JGG2m9Csg . WCCkNa-x4BeB9hIDIfFuhg Figure 128: JWE Compact Serialization The resulting JWE object using the general JWE JSON Serialization: { "protected": "eyJhbGciOiJFQ0RILUVTIiwia2lkIjoibWVyaWFkb2MuYn JhbmR5YnVja0BidWNrbGFuZC5leGFtcGxlIiwiZXBrIjp7Imt0eSI6Ik VDIiwiY3J2IjoiUC0yNTYiLCJ4IjoibVBVS1RfYkFXR0hJaGcwVHBqan FWc1AxclhXUXVfdndWT0hIdE5rZFlvQSIsInkiOiI4QlFBc0ltR2VBUz Q2ZnlXdzVNaFlmR1RUMElqQnBGdzJTUzM0RHY0SXJzIn0sImVuYyI6Ik ExMjhDQkMtSFMyNTYifQ", "iv": "yc9N8v5sYyv3iGQT926IUg", "ciphertext": "BoDlwPnTypYq-ivjmQvAYJLb5Q6l-F3LIgQomlz87yW4O PKbWE1zSTEFjDfhU9IPIOSA9Bml4m7iDFwA-1ZXvHteLDtw4R1XRGMEs DIqAYtskTTmzmzNa-_q4F_evAPUmwlO-ZG45Mnq4uhM1fm_D9rBtWolq ZSF3xGNNkpOMQKF1Cl8i8wjzRli7-IXgyirlKQsbhhqRzkv8IcY6aHl2 4j03C-AR2le1r7URUhArM79BY8soZU0lzwI-sD5PZ3l4NDCCei9XkoIA fsXJWmySPoeRb2Ni5UZL4mYpvKDiwmyzGd65KqVw7MsFfI_K767G9C9A zp73gKZD0DyUn1mn0WW5LmyX_yJ-3AROq8p1WZBfG-ZyJ6195_JGG2m9 Csg", "tag": "WCCkNa-x4BeB9hIDIfFuhg" } Figure 129: General JWE JSON Serialization
5.6. Direct Encryption Using AES-GCM
This example illustrates encrypting content using a previously exchanged key directly and the "A128GCM" (AES-GCM) content encryption algorithm. Note that whitespace is added for readability as described in Section 1.1.5.6.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the content from Figure 72. o AES symmetric key as the Content Encryption Key (CEK); this example uses the key from Figure 130. o "alg" parameter of "dir". o "enc" parameter of "A128GCM". { "kty": "oct", "kid": "77c7e2b8-6e13-45cf-8672-617b5b45243a", "use": "enc", "alg": "A128GCM", "k": "XctOhJAkA-pD9Lh7ZgW_2A" } Figure 130: AES 128-Bit Key, in JWK Format5.6.2. Generated Factors
The following is generated before encrypting: o Initialization Vector; this example uses the Initialization Vector from Figure 131. refa467QzzKx6QAB Figure 131: Initialization Vector, base64url-encoded
5.6.3. Encrypting the Content
The following is generated before encrypting the content: o JWE Protected Header; this example uses the header from Figure 132, encoded as base64url [RFC4648] to produce Figure 133. { "alg": "dir", "kid": "77c7e2b8-6e13-45cf-8672-617b5b45243a", "enc": "A128GCM" } Figure 132: JWE Protected Header JSON eyJhbGciOiJkaXIiLCJraWQiOiI3N2M3ZTJiOC02ZTEzLTQ1Y2YtODY3Mi02MT diNWI0NTI0M2EiLCJlbmMiOiJBMTI4R0NNIn0 Figure 133: JWE Protected Header, base64url-encoded Performing the encryption operation on the Plaintext (Figure 72) using the following: o CEK (Figure 130); o Initialization Vector (Figure 131); and o JWE Protected Header (Figure 133) as authenticated data produces the following: o Ciphertext from Figure 134. o Authentication Tag from Figure 135. JW_i_f52hww_ELQPGaYyeAB6HYGcR559l9TYnSovc23XJoBcW29rHP8yZOZG7Y hLpT1bjFuvZPjQS-m0IFtVcXkZXdH_lr_FrdYt9HRUYkshtrMmIUAyGmUnd9zM DB2n0cRDIHAzFVeJUDxkUwVAE7_YGRPdcqMyiBoCO-FBdE-Nceb4h3-FtBP-c_ BIwCPTjb9o0SbdcdREEMJMyZBH8ySWMVi1gPD9yxi-aQpGbSv_F9N4IZAxscj5 g-NJsUPbjk29-s7LJAGb15wEBtXphVCgyy53CoIKLHHeJHXex45Uz9aKZSRSIn ZI-wjsY0yu3cT4_aQ3i1o-tiE-F8Ios61EKgyIQ4CWao8PFMj8TTnp Figure 134: Ciphertext, base64url-encoded vbb32Xvllea2OtmHAdccRQ Figure 135: Authentication Tag, base64url-encoded
5.6.4. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 133) o Initialization Vector (Figure 131) o Ciphertext (Figure 134) o Authentication Tag (Figure 135) Only the general JWE JSON Serialization is presented because the flattened JWE JSON Serialization is identical. The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJkaXIiLCJraWQiOiI3N2M3ZTJiOC02ZTEzLTQ1Y2YtODY3Mi02MT diNWI0NTI0M2EiLCJlbmMiOiJBMTI4R0NNIn0 . . refa467QzzKx6QAB . JW_i_f52hww_ELQPGaYyeAB6HYGcR559l9TYnSovc23XJoBcW29rHP8yZOZG7Y hLpT1bjFuvZPjQS-m0IFtVcXkZXdH_lr_FrdYt9HRUYkshtrMmIUAyGmUnd9zM DB2n0cRDIHAzFVeJUDxkUwVAE7_YGRPdcqMyiBoCO-FBdE-Nceb4h3-FtBP-c_ BIwCPTjb9o0SbdcdREEMJMyZBH8ySWMVi1gPD9yxi-aQpGbSv_F9N4IZAxscj5 g-NJsUPbjk29-s7LJAGb15wEBtXphVCgyy53CoIKLHHeJHXex45Uz9aKZSRSIn ZI-wjsY0yu3cT4_aQ3i1o-tiE-F8Ios61EKgyIQ4CWao8PFMj8TTnp . vbb32Xvllea2OtmHAdccRQ Figure 136: JWE Compact Serialization
The resulting JWE object using the general JWE JSON Serialization: { "protected": "eyJhbGciOiJkaXIiLCJraWQiOiI3N2M3ZTJiOC02ZTEzLT Q1Y2YtODY3Mi02MTdiNWI0NTI0M2EiLCJlbmMiOiJBMTI4R0NNIn0", "iv": "refa467QzzKx6QAB", "ciphertext": "JW_i_f52hww_ELQPGaYyeAB6HYGcR559l9TYnSovc23XJ oBcW29rHP8yZOZG7YhLpT1bjFuvZPjQS-m0IFtVcXkZXdH_lr_FrdYt9 HRUYkshtrMmIUAyGmUnd9zMDB2n0cRDIHAzFVeJUDxkUwVAE7_YGRPdc qMyiBoCO-FBdE-Nceb4h3-FtBP-c_BIwCPTjb9o0SbdcdREEMJMyZBH8 ySWMVi1gPD9yxi-aQpGbSv_F9N4IZAxscj5g-NJsUPbjk29-s7LJAGb1 5wEBtXphVCgyy53CoIKLHHeJHXex45Uz9aKZSRSInZI-wjsY0yu3cT4_ aQ3i1o-tiE-F8Ios61EKgyIQ4CWao8PFMj8TTnp", "tag": "vbb32Xvllea2OtmHAdccRQ" } Figure 137: General JWE JSON Serialization5.7. Key Wrap Using AES-GCM KeyWrap with AES-CBC-HMAC-SHA2
This example illustrates encrypting content using the "A256GCMKW" (AES-256-GCM-KeyWrap) key encryption algorithm with the "A128CBC- HS256" (AES-128-CBC-HMAC-SHA-256) content encryption algorithm. Note that whitespace is added for readability as described in Section 1.1.5.7.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the content from Figure 72. o AES symmetric key; this example uses the key from Figure 138. o "alg" parameter of "A256GCMKW". o "enc" parameter of "A128CBC-HS256".
{ "kty": "oct", "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d", "use": "enc", "alg": "A256GCMKW", "k": "qC57l_uxcm7Nm3K-ct4GFjx8tM1U8CZ0NLBvdQstiS8" } Figure 138: AES 256-Bit Key5.7.2. Generated Factors
The following are generated before encrypting: o AES symmetric key as the Content Encryption Key (CEK); this example uses the key from Figure 139. o Initialization Vector for content encryption; this example uses the Initialization Vector from Figure 140. UWxARpat23nL9ReIj4WG3D1ee9I4r-Mv5QLuFXdy_rE Figure 139: Content Encryption Key, base64url-encoded gz6NjyEFNm_vm8Gj6FwoFQ Figure 140: Initialization Vector, base64url-encoded5.7.3. Encrypting the Key
The following is generated before encrypting the CEK: o Initialization Vector for key wrapping; this example uses the Initialization Vector from Figure 141. KkYT0GX_2jHlfqN_ Figure 141: Initialization Vector for Key Wrapping, base64url-encoded
Performing the key encryption operation over the CEK (Figure 139) with the following: o AES symmetric key (Figure 138); o Initialization Vector (Figure 141); and o The empty string as authenticated data produces the following: o Encrypted Key from Figure 142. o Authentication Tag from Figure 143. lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok Figure 142: Encrypted Key, base64url-encoded kfPduVQ3T3H6vnewt--ksw Figure 143: Authentication Tag from Key Wrapping, base64url-encoded5.7.4. Encrypting the Content
The following is generated before encrypting the content: o JWE Protected Header; this example uses the header from Figure 144, encoded to base64url [RFC4648] as Figure 145. { "alg": "A256GCMKW", "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d", "tag": "kfPduVQ3T3H6vnewt--ksw", "iv": "KkYT0GX_2jHlfqN_", "enc": "A128CBC-HS256" } Figure 144: JWE Protected Header JSON
eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYj IwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3 IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1Ni J9 Figure 145: JWE Protected Header, base64url-encoded Performing the content encryption operation over the Plaintext (Figure 72) with the following: o CEK (Figure 139); o Initialization Vector (Figure 140); and o JWE Protected Header (Figure 145) as authenticated data produces the following: o Ciphertext from Figure 146. o Authentication Tag from Figure 147. Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaE eVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCz LjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFq hpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hde b6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0Jtj xAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR 1B-gxpNk3xWU Figure 146: Ciphertext, base64url-encoded DKW7jrb4WaRSNfbXVPlT5g Figure 147: Authentication Tag, base64url-encoded
5.7.5. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 145) o Encrypted Key (Figure 142) o Initialization Vector (Figure 140) o Ciphertext (Figure 146) o Authentication Tag (Figure 147) The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYj IwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3 IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIiwiZW5jIjoiQTEyOENCQy1IUzI1Ni J9 . lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNok . gz6NjyEFNm_vm8Gj6FwoFQ . Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8EqoDZHyFKFBupS8iaE eVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyWtZKX0gxKdy6HgLvqoGNbZCz LjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQHLcqAHxy51449xkjZ7ewzZaGV3eFq hpco8o4DijXaG5_7kp3h2cajRfDgymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hde b6yhdTynCRmu-kqtO5Dec4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0Jtj xAj4UPI61oONK7zzFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR 1B-gxpNk3xWU . DKW7jrb4WaRSNfbXVPlT5g Figure 148: JWE Compact Serialization
The resulting JWE object using the general JWE JSON Serialization: { "recipients": [ { "encrypted_key": "lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElL vYNok" } ], "protected": "eyJhbGciOiJBMjU2R0NNS1ciLCJraWQiOiIxOGVjMDhlMS 1iZmE5LTRkOTUtYjIwNS0yYjRkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdV ZRM1QzSDZ2bmV3dC0ta3N3IiwiaXYiOiJLa1lUMEdYXzJqSGxmcU5fIi wiZW5jIjoiQTEyOENCQy1IUzI1NiJ9", "iv": "gz6NjyEFNm_vm8Gj6FwoFQ", "ciphertext": "Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8E qoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyW tZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQ HLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfD gymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec 4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7z zFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3 xWU", "tag": "DKW7jrb4WaRSNfbXVPlT5g" } Figure 149: General JWE JSON Serialization
The resulting JWE object using the flattened JWE JSON Serialization: { "protected": "eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6IktrWVQwR1hfMm pIbGZxTl8iLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYj RkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3Ii wiZW5jIjoiQTEyOENCQy1IUzI1NiJ9", "encrypted_key": "lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNo k", "iv": "gz6NjyEFNm_vm8Gj6FwoFQ", "ciphertext": "Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8E qoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyW tZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQ HLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfD gymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec 4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7z zFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3 xWU", "tag": "NvBveHr_vonkvflfnUrmBQ" } Figure 150: Flattened JWE JSON Serialization5.8. Key Wrap Using AES-KeyWrap with AES-GCM
The following example illustrates content encryption using the "A128KW" (AES-128-KeyWrap) key encryption algorithm and the "A128GCM" (AES-128-GCM) content encryption algorithm. Note that whitespace is added for readability as described in Section 1.1.5.8.1. Input Factors
The following are supplied before beginning the encryption process: o Plaintext content; this example uses the content from Figure 72. o AES symmetric key; this example uses the key from Figure 151. o "alg" parameter of "A128KW". o "enc" parameter of "A128GCM".
{ "kty": "oct", "kid": "81b20965-8332-43d9-a468-82160ad91ac8", "use": "enc", "alg": "A128KW", "k": "GZy6sIZ6wl9NJOKB-jnmVQ" } Figure 151: AES 128-Bit Key5.8.2. Generated Factors
The following are generated before encrypting: o AES symmetric key as the Content Encryption Key; this example uses the key from Figure 152. o Initialization Vector; this example uses the Initialization Vector from Figure 153. aY5_Ghmk9KxWPBLu_glx1w Figure 152: Content Encryption Key, base64url-encoded Qx0pmsDa8KnJc9Jo Figure 153: Initialization Vector, base64url-encoded5.8.3. Encrypting the Key
Performing the key encryption operation over the CEK (Figure 152) with the AES symmetric key (Figure 151) produces the following Encrypted Key: CBI6oDw8MydIx1IBntf_lQcw2MmJKIQx Figure 154: Encrypted Key, base64url-encoded5.8.4. Encrypting the Content
The following is generated before encrypting the content: o JWE Protected Header; this example uses the header from Figure 155, encoded to base64url [RFC4648] as Figure 156.
{ "alg": "A128KW", "kid": "81b20965-8332-43d9-a468-82160ad91ac8", "enc": "A128GCM" } Figure 155: JWE Protected Header JSON eyJhbGciOiJBMTI4S1ciLCJraWQiOiI4MWIyMDk2NS04MzMyLTQzZDktYTQ2OC 04MjE2MGFkOTFhYzgiLCJlbmMiOiJBMTI4R0NNIn0 Figure 156: JWE Protected Header, base64url-encoded Performing the content encryption over the Plaintext (Figure 72) with the following: o CEK (Figure 152); o Initialization Vector (Figure 153); and o JWE Protected Header (Figure 156) as authenticated data produces the following: o Ciphertext from Figure 157. o Authentication Tag from Figure 158. AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1bTdhtFJgJxeVmJkLD6 1A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGkd3EkU0vjHi9gTlb90qSYFfe F0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiYSoYJVSpf7ej6zaYcMv3WwdxDFl8RE wOhNImk2Xld2JXq6BR53TSFkyT7PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-p uQsmthc9Zg0ojmJfqqFvETUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRa a8Z7MOZ7UGxGIMvEmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0FkQZF Figure 157: Ciphertext, base64url-encoded ER7MWJZ1FBI_NKvn7Zb1Lw Figure 158: Authentication Tag, base64url-encoded
5.8.5. Output Results
The following compose the resulting JWE object: o JWE Protected Header (Figure 156) o Encrypted Key (Figure 154) o Initialization Vector (Figure 153) o Ciphertext (Figure 157) o Authentication Tag (Figure 158) The resulting JWE object using the JWE Compact Serialization: eyJhbGciOiJBMTI4S1ciLCJraWQiOiI4MWIyMDk2NS04MzMyLTQzZDktYTQ2OC 04MjE2MGFkOTFhYzgiLCJlbmMiOiJBMTI4R0NNIn0 . CBI6oDw8MydIx1IBntf_lQcw2MmJKIQx . Qx0pmsDa8KnJc9Jo . AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1bTdhtFJgJxeVmJkLD6 1A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGkd3EkU0vjHi9gTlb90qSYFfe F0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiYSoYJVSpf7ej6zaYcMv3WwdxDFl8RE wOhNImk2Xld2JXq6BR53TSFkyT7PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-p uQsmthc9Zg0ojmJfqqFvETUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRa a8Z7MOZ7UGxGIMvEmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0FkQZF . ER7MWJZ1FBI_NKvn7Zb1Lw Figure 159: JWE Compact Serialization
The resulting JWE object using the general JWE JSON Serialization: { "recipients": [ { "encrypted_key": "CBI6oDw8MydIx1IBntf_lQcw2MmJKIQx" } ], "protected": "eyJhbGciOiJBMTI4S1ciLCJraWQiOiI4MWIyMDk2NS04Mz MyLTQzZDktYTQ2OC04MjE2MGFkOTFhYzgiLCJlbmMiOiJBMTI4R0NNIn 0", "iv": "Qx0pmsDa8KnJc9Jo", "ciphertext": "AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1b TdhtFJgJxeVmJkLD61A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGk d3EkU0vjHi9gTlb90qSYFfeF0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiY SoYJVSpf7ej6zaYcMv3WwdxDFl8REwOhNImk2Xld2JXq6BR53TSFkyT7 PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-puQsmthc9Zg0ojmJfqqFvE TUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRaa8Z7MOZ7UGxGIMv EmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0FkQZF", "tag": "ER7MWJZ1FBI_NKvn7Zb1Lw" } Figure 160: General JWE JSON Serialization The resulting JWE object using the flattened JWE JSON Serialization: { "protected": "eyJhbGciOiJBMTI4S1ciLCJraWQiOiI4MWIyMDk2NS04Mz MyLTQzZDktYTQ2OC04MjE2MGFkOTFhYzgiLCJlbmMiOiJBMTI4R0NNIn 0", "encrypted_key": "CBI6oDw8MydIx1IBntf_lQcw2MmJKIQx", "iv": "Qx0pmsDa8KnJc9Jo", "ciphertext": "AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1b TdhtFJgJxeVmJkLD61A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGk d3EkU0vjHi9gTlb90qSYFfeF0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiY SoYJVSpf7ej6zaYcMv3WwdxDFl8REwOhNImk2Xld2JXq6BR53TSFkyT7 PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-puQsmthc9Zg0ojmJfqqFvE TUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRaa8Z7MOZ7UGxGIMv EmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0FkQZF", "tag": "ER7MWJZ1FBI_NKvn7Zb1Lw" } Figure 161: Flattened JWE JSON Serialization
(next page on part 4)
