Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

signed and encrypted use case #19

Open
slisznia opened this issue May 17, 2016 · 3 comments
Open

signed and encrypted use case #19

slisznia opened this issue May 17, 2016 · 3 comments

Comments

@slisznia
Copy link

I'm trying to sign my claims, then encrypt, then serialize. What's the proper sequence of calls to get nested JWT like that? Below test fails with error:

File "../dist-packages/jose.py", line 140, in encrypt
claims[_TEMP_VER_KEY] = _TEMP_VER
TypeError: 'JWS' object does not support item assignment

Don't pay attention that I reuse the same key for signing and decryption, this is just a test...

import jose
from time import time
from Crypto.PublicKey import RSA

# key for demonstration purposes
key = RSA.generate(2048)

claims = {
    'iss': 'http://www.example.com',
    'exp': int(time()) + 3600,
    'sub': 42,
}

# asym. keys
pub_jwk = {'k': key.publickey().exportKey('PEM')}
priv_jwk = {'k': key.exportKey('PEM')}

# sign the message
jws_out = jose.sign(claims, priv_jwk, alg='RS256')

# encrypt the message
jwe_out = jose.encrypt(jws_out, pub_jwk)

# send to server...
jwt = jose.serialize_compact(jwe_out)
print jwt

# server unwraps it
jwe_in = jose.deserialize_compact(jwt)

# decrypt
jws = jose.decrypt(jwe_in, priv_jwk)

# check signature
jose.verify(jws, pub_jwk, 'RS256')
@Newky
Copy link
Contributor

Newky commented May 18, 2016

Hi @slisznia

Thanks for reporting this issue.

JOSE does not support nested JWT at this point.

However, encrypting the ticket will however sign the token.

It generates an authentication tag which is verified on decrypt.

Is this enough for your requirements or do you have a particular use case for nested JWT?

@slisznia
Copy link
Author

Yes, we were trying to reproduce this Java example using your package:
http://connect2id.com/products/nimbus-jose-jwt/examples/signed-and-encrypted-jwt

How can encrypting also sign the token if signature requires separate pub-priv key pair? Basically, sender signs the payload with own private key, then encrypts with receiver's pub key. The receiver does the opposite, decrypts using own priv. key then verifies payload authenticity with sender's public key. To get all that, I was under the impression that JWS and JWE need to be used in combination (nested).

Perhaps what you meant is that the encryption includes a checksum, like SHA? Is this part of the JWE spec?

@nmurtagh
Copy link
Contributor

Hi @slisznia,

You are correct, if the public key for encryption is truly public, then anyone can encrypt a token and the consumer cannot be sure who it is from without signing. This has not been a problem for us before because we keep the public key for encryption a secret (we don't exchange tokens with third parties).

We'll bear this in mind and see if it is possible to add this feature to our roadmap.

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Newky @slisznia @nmurtagh