jwt Tutorial => How to tell if you have a JWS or JWE?

Example

From Section 9 of JSON Web Encryption specification (RFC 7516):

The JOSE Header for a JWS can be distinguished from the JOSE Header for a JWE by examining the "alg" (algorithm) Header Parameter value. If the value represents a digital signature or MAC algorithm, or is the value "none", it is for a JWS; if it represents a Key Encryption, Key Wrapping, Direct Key Agreement, Key Agreement with Key Wrapping, or Direct Encryption algorithm, it is for a JWE. (Extracting the "alg" value to examine is straightforward when using the JWS Compact Serialization or the JWE Compact Serialization and may be more difficult when using the JWS JSON Serialization or the JWE JSON Serialization.)

And

The JOSE Header for a JWS can also be distinguished from the JOSE Header for a JWE by determining whether an "enc" (encryption algorithm) member exists. If the "enc" member exists, it is a JWE; otherwise, it is a JWS.

JWS (signed)##

{
  "alg": "HS256"
}

JWE (encrypted)

{
  "alg":"RSA1_5",
  "enc":"A256GCM",
  "iv":"__79_Pv6-fg",
  "x5t":"7noOPq-hJ1_hCnvWh6IeYI2w9Q0"
}

PDF - Download jwt for free

Previous Next

jwt

Fastest Entity Framework Extensions

Example

JWS (signed)##

JWE (encrypted)

Got any jwt Question?

jwt

jwt Getting started with jwt How to tell if you have a JWS or JWE?

Fastest Entity Framework Extensions

Example

JWS (signed)##

JWE (encrypted)

Got any jwt Question?