我正在尝试按照此处提供的示例创建嵌套的json JWT
http://connect2id.com/products/nimbus-jose-jwt/examples/signed-and-encrypted-jwt
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.*;
import com.nimbusds.jwt.*;
// Generate 256-bit AES key for HMAC as well as encryption
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(256);
SecretKey secretKey = keyGen.generateKey();
// Create HMAC signer
JWSSigner signer = new MACSigner(secretKey.getEncoded());
// Prepare JWT with claims set
JWTClaimsSet claimsSet = new JWTClaimsSet();
claimsSet.setSubject("alice");
claimsSet.setIssueTime(new Date());
claimsSet.setIssuer("https://c2id.com");
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);
// Apply the HMAC
signedJWT.sign(signer);
// Create JWE object with signed JWT as payload
JWEObject jweObject = new JWEObject(
new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A256GCM)
.contentType("JWT") // required to signal nested JWT
.build(),
new Payload(signedJWT));
// Perform encryption
jweObject.encrypt(new DirectEncrypter(secretKey.getEncoded()));
// Serialise to JWE compact form
String jweString = jweObject.serialize();
我产生的结果jweString的问题未正确解决
eyJhbGc.
.6Ne
.tw8z
我得到的是4个而不是3个,有一个空的部分
eyJhbGc.
.6Ne
最佳答案
JWE的一般格式有五个部分,<Header>.<EncryptedKey>.<InitializationVector>.<Ciphertext>.<AuthenticationTag>。在某些情况下,例如使用示例中的直接加密,则没有加密密钥,而该部分将保留为空。因此,您应该获得一个包含五个部分的JWE,其中一个部分为空,看起来像eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..PVEd_V4E8qyppt6u.UOLp2qTNMw3iA9tyTEDHeJAdTczzI5uP4BkXHQSC6U73kywATBbvdWqz9nilsSWr1y-E1duTMvRL7hzDyyWPMZnpfnCWsjhzZtTnd22HODMWUpU.CoQq987RvHGIN5D6HhrjiQ