I couldn't find an information about in in Google. We are generating PGP key pairs using Bouncy Castle library and implementing our own "web of trust". I wonder if it is possible to use these keys for JWT also, or I need to use a PKI X509 certificates?
Thanks
The signature and encryption algorithms officially supported are listed here.
No signature or encryption algorithm using PGP is listed.
But nothing prevent you from implementing a new signature/encryption algorithm used by your server and clients.
AFAIK, there is no implementation at the moment that uses GPG.
From my point of view, you have to create a new key type (e.g. JWK with kty=PGP) and new alg (e.g. alg=PGP).
Related
I have a simple websocket server and I currently XOR the bytes to provide simple encryption to prevent data tampering, sniffing, no AES, no other cipher algorithms - the key can be reverse engineered anyway. When I google "how to secure websockets" I get only one answer: SSL/TLS. Using SSL requires from me to generate certificates in order to use it and protocol handles encryption for me so I don't have to call my encrypt/decrypt functions myself. I don't understand the difference between those two approaches. Certificates ensure that the server we connect to is the right one am I right - they are like identification cards. But I'm confused. Do I really need SSL for my simple server? My client is written in C++, websocket server is on Node.js. I'm planning to make a webclient for it later.
SSL/TLS is correct and well vetted. The chances of creating a solution with equivalent security is close to 0. But perhaps you have many years of full time experience developing cryptographic solutions, but then this question would not be asked.
In answer to: "Do I really need SSL for my simple server?" Yes if you need security.
See the "Schneier's Law" comment,
What opensource Java library can be used to parse/decrypt JWT token in JWE JSON serialization format as below
I was looking at nimbus-jose (https://connect2id.com/products/nimbus-jose-jwt/) but I cannot find any releavnt example. I want to use some open source library which will require little coding and will support different encryption algorithms out-of-the-box.
Unfortunately the JSON Serialization modes are often missing from implementations.
This is mainly due to the fact that this mode is rarely used as not URL safe.
It is possible to convert JWE from that mode to the compact mode, but only if there is no aad and header members which is not the case here.
I see only few possibilities to solve your problem:
Ask developers to implement that feature (can be long).
Develop your own implementation (not so easy).
Find an implementation in another language that supports that format (e.g. in PHP).
In Auth0 there are 2 algorithms for jwt token signature: RS256 and HS256.
RS256 is an asymmetric algorithm which means that there are two keys: one public and one private (secret). Auth0 has the secret key, which is used to generate the signature, and the consumer of the JWT has the public key, which is used to validate the signature.
HS256 is a symmetric algorithm which means that there is only one secret key, shared between the two parties. The same key is used both to generate the signature and to validate it. Special care should be taken in order for the key to remain confidential.
In their docs they describe the advantages of RS256. Could someone explain me the advantages to use HS256 algorithm, I don't see them now but I'm pretty sure that there are some.
You have asked for benefits of HS256 over RS256 eg.
perceived convenience
easy to understand and get started with if new
to Oauth2 / OIDC (related to perceived convenience)
performance (?)
Lets take a quick look at each of these:
Perceived convenience / understand what to do - It is true that copying a clientId, and clientSecret into configuration on the application is both easy to understand, and quick accomplish. However, today's libraries make RS256 simple too to setup - the library / framework will often offer the functionality to retrieve the public key and do the verification with similar configuration to HS256 but without the need to supply a secret. See some Auth0 examples using your technology choice to get an understanding on this if unfamiliar.
Performance - Yes, here HS256 potentially has a niche. Caching public certs etc aside (for caching example using node.js see here and here), having a symmetric key and using that locally at the application without the need for any network request at all etc, may prove more efficient. That said most good JWKS libraries / sdks will handle caching options out of the box.
But really the question you should be asking is whether these benefits (performance optimization?) outweigh the disadvantages - certainly from a Security perspective.
See this answer and feel free to leave comments there (Auth0 Community website) if still not convinced. Auth0 has switched to using RS256 by default for new Clients, and its Resource APIs also default to RS256.
A major benefit of RS256, which trumps most arguments for choosing HS256, is simply that there is no need to store (co-locate) secrets with the Client application - the private key is only known by the Authorization Server (Auth0 etc), and the secret cannot be leaked. That alone pretty much tells you why RS256 is overwhelmingly the better choice for most situations.
Confidential vs Public Clients - you should only even consider HS256 if your Client is considered a Confidential Client. Since confidential clients are capable of holding secrets, you can choose to have ID tokens issued to them that have been signed in one of two ways - for non-confidential clients, you should never be using HS256 as by definition the client is not capable of keeping the secret confidential.
There are other considerations that make HS256 a poorer choice too, for example the need to manually update all applications using a given Client configuration if there is a signing key rollover.
What is the difference between pkcs#11 and pkcs#12?
How do they work? How export pkcs#11 from e-token?
How it use in java 1.4?
PKCS#12 is a container for certificates with associated private keys.
PKCS#11 is a protocol to work with hardware (usually). So you can't "export" PKCS#11.
The rest of your question is way to broad to answer - try using Wikipedia as a starting point, then proceed to specifications.
I want to implement RSA encrytion/decryption in my App.I googled around the net to find any Library or Classes which perform the RSA encryption/decryption algorithm,but was not able to find any suitable link.I know i can use the SecKeyGeneratePair provided by Apple to generate the private public key pair.But it is a necessity for me to use the RSA algorithm as i want to implement it over client-server network.So the Algorithm needs to common amongst the parties.
Please provide some valuable info.
Thanks
Aditya
Isn't that what SecKeyEncrypt and SecKeyDecrypt functions do?
The functions SecKeyEncrypt and SecKeyDecrypt uses the RSA keys you got from SecKeyGeneratePair.