嵌套 JWS 和 JWE 令牌是否有任何标准顺序?
Is there any standard order for nesting JWS and JWE tokens?
我需要在我的软件的多个实例之间传递 JSON 编码的签名(有时还额外加密)对象。这里显而易见的选择是 JWT。
然而,JWT 显然允许对令牌(JWS 和 JWE)进行签名和加密,或者将 JWS 嵌套到 JWE(嵌套 JWE)中。
虽然这两种方法对我来说似乎都是合理的,但有没有 "standard" 方法可以做到这一点?我还没有找到这方面的任何细节。
简答
当签名和加密都需要时,您应该先对消息进行签名,然后再对结果进行加密。也就是说,将 JWS 嵌套到 JWE 中是一种有效的方法。
长答案
JSON Web Token (JWT) 是一种开放标准,它定义了一种紧凑且独立的方式,用于在各方之间安全地传输信息作为 JSON 对象。 JWT 是以下类型令牌的通用名称:
JSON Web Signature (JWS):有效载荷是 编码和签名 所以 完整性 可以验证声明。
JSON Web Encryption (JWE):它们的有效载荷是 加密的 因此声明对其他人是 隐藏的 派对。
图像是从这个 page 中提取的。
JWT allows apparently to both sign and encrypt a token (JWS and JWE) or nest JWS into a JWE (nested JWE).
While both approaches seem reasonable for me, is there a "standard" way of doing this? I haven't found any specifics on this.
嵌套 JWT 的概念定义在 RFC 7519:
A JWT in which nested signing and/or encryption are employed. In
Nested JWTs, a JWT is used as the payload or plaintext value of an
enclosing JWS or JWE structure, respectively.
关于操作顺序,建议先对消息进行签名,然后对结果进行加密,如同一文档中所述:
11.2. Signing and Encryption Order
While syntactically the signing and encryption operations for Nested
JWTs may be applied in any order, if both signing and encryption are
necessary, normally producers should sign the message and then
encrypt the result (thus encrypting the signature). This prevents
attacks in which the signature is stripped, leaving just an encrypted
message, as well as providing privacy for the signer. Furthermore,
signatures over encrypted text are not considered valid in many
jurisdictions.
我需要在我的软件的多个实例之间传递 JSON 编码的签名(有时还额外加密)对象。这里显而易见的选择是 JWT。
然而,JWT 显然允许对令牌(JWS 和 JWE)进行签名和加密,或者将 JWS 嵌套到 JWE(嵌套 JWE)中。
虽然这两种方法对我来说似乎都是合理的,但有没有 "standard" 方法可以做到这一点?我还没有找到这方面的任何细节。
简答
当签名和加密都需要时,您应该先对消息进行签名,然后再对结果进行加密。也就是说,将 JWS 嵌套到 JWE 中是一种有效的方法。
长答案
JSON Web Token (JWT) 是一种开放标准,它定义了一种紧凑且独立的方式,用于在各方之间安全地传输信息作为 JSON 对象。 JWT 是以下类型令牌的通用名称:
JSON Web Signature (JWS):有效载荷是 编码和签名 所以 完整性 可以验证声明。
JSON Web Encryption (JWE):它们的有效载荷是 加密的 因此声明对其他人是 隐藏的 派对。
图像是从这个 page 中提取的。
JWT allows apparently to both sign and encrypt a token (JWS and JWE) or nest JWS into a JWE (nested JWE).
While both approaches seem reasonable for me, is there a "standard" way of doing this? I haven't found any specifics on this.
嵌套 JWT 的概念定义在 RFC 7519:
A JWT in which nested signing and/or encryption are employed. In Nested JWTs, a JWT is used as the payload or plaintext value of an enclosing JWS or JWE structure, respectively.
关于操作顺序,建议先对消息进行签名,然后对结果进行加密,如同一文档中所述:
11.2. Signing and Encryption Order
While syntactically the signing and encryption operations for Nested JWTs may be applied in any order, if both signing and encryption are necessary, normally producers should sign the message and then encrypt the result (thus encrypting the signature). This prevents attacks in which the signature is stripped, leaving just an encrypted message, as well as providing privacy for the signer. Furthermore, signatures over encrypted text are not considered valid in many jurisdictions.