Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [jws]

JSON Web Signatures specify how to encode binary data along with signatures and metadata in RFC 7515.

As indicated in section 3 of the RFC, "JWS represents digitally signed or MACed content using JSON data structures and base64url encoding."

It also specifies how the JWS may be used for JWT, JSON Web Tokens.

4 questions
8
votes
0 answers

Are there conventions for signing JSON as a tree, to allow proofs of signed subtrees?

Given some JSON with a chosen encoding, you can obviously cryptographically-sign the whole thing as a binary blob. However, it might be useful if the logical structure of the JSON-compatible object were leveraged to control what is signed, in such…
gojomo
  • 221
  • 1
  • 8
3
votes
2 answers

Are ECDSA keys and RSA keys interchangeable?

Is it possible to use an ES512 key pair for RS512 signatures? Is it possible to use an RS512 key pair for ES512 signatures? I've also posted an issue in the NodeJS jwa package. I created a key pair for EC512 with the following commands: openssl…
Ozo
  • 309
  • 2
  • 11
0
votes
0 answers

Long-term signatures

I’m looking for suggestions on how best to handle signatures on audit records that might need to be held for many years (at least 5, maybe up to 10). Not in terms of storage - they’ll probably be written to Amazon Glacier or something like that -…
user7761803
  • 293
  • 5
  • 10
0
votes
1 answer

Difference between AES-GCM encryption in dotnet and Node.js

I have a big problem about encryption with AES-GCM. Between using dotnet and Node.js, the encryption results are slightly different. Here is the code in Node.js from JOSE using Crypto Library : var cipher = crypto.createCipheriv("id-aes256-GCM",…
user56610
  • 1
  • 1
  • 2