Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWE Key ID not found in encrypted request message! #180

Closed
zzggs opened this issue Apr 27, 2022 · 0 comments
Closed

JWE Key ID not found in encrypted request message! #180

zzggs opened this issue Apr 27, 2022 · 0 comments

Comments

@zzggs
Copy link

zzggs commented Apr 27, 2022
edited
Loading

Hi all,

We want to convert Java code to C#, Java code sample:

`private JWSObject signMessage(String messagePayload, KeyStore ks, String keyAlias, String keyPw)
throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, JOSEException {
#1 Payload payload = new Payload(messagePayload);

#2 JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("0001").build();
#3 JWSObject jwsObject = new JWSObject(header, payload);

#4 PrivateKey privateKey = (PrivateKey) ks.getKey(keyAlias, keyPw.toCharArray());
JWSSigner signer = new RSASSASigner(privateKey);
#5 jwsObject.sign(signer);

return jwsObject;

}`

  1. Prepare your Message Payload, that is, the plain json request message
  2. Create JWS Header using RS256 signing algorithm and JWS keyID, in this case, 0001
  3. Create JWS Object by combining JWS Header and Message Payload
  4. Retrieve your Private Key as the signer
  5. Create Signed JWS Object by signing it with the Private Key

Next, you are going to Encrypt the Signed JWS Object:
`private JWEObject getEncryptedJWEObject(JWSObject jwsObject, RSAPublicKey key)
throws JOSEException {
#1 Payload jwepayload = new Payload(jwsObject.serialize());

#2 JWEHeader jweheader = new JWEHeader.Builder(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A128GCM).keyID("0002").build();
#3 JWEObject jweObject = new JWEObject(jweheader, jwepayload);

#4 JWEEncrypter encrypter = new RSAEncrypter(key);
#5 jweObject.encrypt(encrypter);

return jweObject;

}`
1.Prepare your JWE Payload, that is, the Signed JWS Object
2.Create JWE Header. The algorithm used to encrypt the message body is A128GCM while the algorithm used to encrypt the encryption key is RSA_OAEP_256. JWE keyID is 0002.
3.Create JWE Object by combining JWE Header and JWE Payload
4.Retrieve HSBC's Public Key as the encrypter
5.Create Encrypted JWE Object by encrypted it with HSBC's Public Key

C# Code:
var signedtoken= ""; var requestpayload = "..."; var header = "..."; var cert = "..."; using (var privatekey = cert.PrivateKey as RSACryptoServiceProvider) { if (privatekey != null) { signedtoken = JWT.Encode(requestpayload, privatekey, JwsAlgorithm.RS256, extraHeaders: header); } }
Next step to encrypt token
`using (RSA publickey = hsbccert.GetRSAPublicKey())
{
if (publickey != null)
{

    var hsbcheader = ...
    var encrypttoken = Jose.JWT.Encode(signedtoken, fpspk, JweAlgorithm.RSA_OAEP_256, JweEncryption.A128GCM, hsbcheader);
    //PaymentHelper.LogArchInfo("FPS JWE Token : ", "FPS", encrypttoken, DateTime.Now);
}

}`

The post response : JWE Key ID not found in encrypted request message!

It seems signature is not generated. When we use following code to read this signed token, no security key in this JWT token:
var handler = new JwtSecurityTokenHandler(); var tokenData = handler.ReadJwtToken(signedtoken);

How to resolve this issue?
@zzggs zzggs closed this as completed Apr 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zzggs