JEF
 
JSON Encryption Format
Table of Contents
1. Introduction
2. Sample Object
3. Notation
4. Data Types
5. JEF Objects
encryptedData
keyEncryption
publicKey
6. Operation
7. Security Considerations
Appendix A: Test Vectors
Appendix B: References
Appendix C: Document History
Appendix D: Author
1. Introduction
This document specifies a container formatted in JSON [RFC7159] for holding encrypted binary data, coined JEF (JSON Encryption Format).
JEF was derived from IETF's JWE [RFC7516] specification and supports a subset of the same algorithms [RFC7518]. Public keys are represented as JWK [RFC7517] objects while the encryption container itself utilizes a notation similar to JCS [JCS] in order to maintain a consistent "style" in applications using encryption and signatures, including providing header information in plain text.
The JEF encryption scheme is fully compatible with the ES6 [ES6] JSON/JavaScript serialization and parsing specification.
2. Sample Object
The following sample object is used to visualize the JEF specification:
{
  "algorithm": "A128CBC-HS256",
  "keyEncryption": {
    "algorithm": "ECDH-ES+A256KW",
    "keyId": "20170101:mybank:p256",
    "ephemeralKey": {
      "kty": "EC",
      "crv": "P-256",
      "x": "TuQcAR59JcagARFQpzeLoiLjI2eOb8WNJt0EV7gSC2o",
      "y": "bi9yMtUkg22ZGqvAQYkNSBIdWOqS1ulpVEAX8nr-wKE"
    },
    "encryptedKey": "MO5XPHkU01oMrY2uKDDOne-ldGRLm_fYtKCFLzJ_ettv2b0eiDPbBw"
  },
  "iv": "r0A0EHO03fYdb47D8SDPYg",
  "tag": "17qFCA8E5y9ufRIQHrcphw",
  "cipherText": "H3tCjvQ-fSQpwO969RUStN1wrOoAFkqiiufhE-kO57Q"
}
The sample object can be decrypted by using the EC private key defined in Test Vectors.
3. Notation
JEF containers always start with a top-level JSON object.
JSON objects are described as tables with associated properties. When a property holds a JSON object this is denoted by a link to the actual definition.
Properties may either be mandatory (M) or optional (O) as defined in the "Req" column.
In some JSON objects there is a choice from a set of mutually exclusive alternatives.
This is manifested in object tables like the following:
Property selection 1Type selection 1ReqComment selection 1
Property selection 2Type selection 2Comment selection 2
4. Data Types
The table below shows how the data types used by this specification are mapped into native JSON types:
TypeMappingDescription
stringstringArbitrary string
uristringURI [RFC3986]
byte[]stringBase64URL-encoded [RFC4648] binary data
cryptostringBase64URL-encoded positive integer with arbitrary precision. Note that the value must not contain leading zero-valued bytes
object{}JSON object
5. JEF Objects
The following tables describe the JEF JSON structures in detail.
encryptedData
PropertyTypeReqComment
"version": "http://xmlns.webpki.org/jef/v1"uriOEncryption object version identifier. For future revisions of JEF, this property would be mandatory.
"algorithm": "algorithm"stringMData encryption algorithm. Currently the following JWE [RFC7516] algorithms are recognized:
  • A128CBC-HS256
  • A192CBC-HS384
  • A256CBC-HS512
  • A128GCM
  • A192GCM
  • A256GCM
"keyId": "keyId"stringOIf the keyId property is defined, data is supposed to be encrypted by a specific named (symmetric) key.
"keyEncryption": keyEncryptionobjectIf the keyEncryption property is defined, the (symmetric) data encryption key is supposed to be provided in-line, but encrypted.
"iv": "iv"byte[]MInitialization vector.
"tag": "tag"byte[]MAuthentication tag.
"cipherText": "cipherText"byte[]MEncrypted data.
Note that if neither keyId nor keyEncryption are defined, the (symmetric) data encryption key is assumed to known by the recipient.
keyEncryption
PropertyTypeReqComment
"version": "http://xmlns.webpki.org/jef/v1"uriOEncryption object version identifier. For future revisions of JEF, this property would be mandatory.
"algorithm": "algorithm"stringMKey encryption algorithm. Currently the following JWE [RFC7516] algorithms are recognized:
"keyId": "keyId"stringOIf the keyId property is defined, it is supposed to identify the public key associated with the encrypted (or derived) key.
"publicKey": publicKeyobjectPublic key associated with the encrypted (or derived) key.
Additional ECDH Properties
"ephemeralKey": publicKeyobjectMEphemeral EC public key.
Additional ECDH+KW Properties
"ephemeralKey": publicKeyobjectMEphemeral EC public key.
"encryptedKey": "encryptedKey"byte[]MEncrypted symmetric key.
Additional RSA Encryption Properties
"encryptedKey": "encryptedKey"byte[]MEncrypted symmetric key.
Note that if neither keyId nor publicKey are defined, the associated key is assumed to known by the recipient.
publicKey
PropertyTypeReqComment
"kty": "kty"stringMKey type indicator. Currently the following types are recognized:
Additional EC Properties
"crv": "crv"stringMEC curve name. The currently recognized EC curves include:
  • P-256
  • P-384
  • P-521
Note: If proprietary curve names are added, they must be expressed as URIs.
"x": "x"byte[]MEC curve point X. The length of this field must be the full size of a coordinate for the curve specified in the crv parameter. For example, if the value of crv is P-521, the decoded argument must be 66 bytes.
"y": "y"byte[]MEC curve point Y. The length of this field must be the full size of a coordinate for the curve specified in the crv parameter. For example, if the value of crv is P-256, the decoded argument must be 32 bytes.
Additional RSA Properties
"n": "n"cryptoMRSA modulus. Also see the crypto data type.
"e": "e"cryptoMRSA exponent. Also see the crypto data type.
This object represents a subset of JWK [RFC7517].
6. Operation
Prerequisite: A JSON object in accordance with [RFC7159] containing properly formatted JEF data.
Parsing restrictions:Since JEF uses the same algorithms as JWE [RFC7516] the JWA [RFC7518] reference apply with one important exception: Additional Authenticated Data used by the symmetric ciphers. This difference is due to the way encryption meta-data is formatted. The process for creating Additional Authenticated Data is as follows:Applied on the Sample Object, a conforming JEF Additional Authenticated Data process should return the following JSON string:
{"algorithm":"A128CBC-HS256","keyEncryption":{"algorithm":"ECDH-ES+A256KW","keyId":"20170101:mybank:p256","ephemeralKey"
:{"kty":"EC","crv":"P-256","x":"TuQcAR59JcagARFQpzeLoiLjI2eOb8WNJt0EV7gSC2o","y":"bi9yMtUkg22ZGqvAQYkNSBIdWOqS1ulpVEAX8n
r-wKE"},"encryptedKey":"MO5XPHkU01oMrY2uKDDOne-ldGRLm_fYtKCFLzJ_ettv2b0eiDPbBw"}}
Note that the output string was folded for improving readability.
The Additional Authenticated Data string is subsequently UTF-8 encoded before being applied to the encryption algorithm.
7. Security Considerations
This specification does (to the author's knowledge), not introduce additional vulnerabilities over what is specified for JWE [RFC7516].
Appendix A: Test Vectors
This section holds test data which can be used to verify the correctness of a JEF implementation.
All encryption tests encrypt the string below (after first having converted it to UTF-8):
"Hello encrypted world!"
The Sample Object can be decrypted by the private part of the following EC key in JWK [RFC7517] format:
{
  "kid": "20170101:mybank:p256",
  "kty": "EC",
  "crv": "P-256",
  "x": "_gow8fcS3Dx9z6j57U5q8tunnRBdrgLU9A7CZTYCnqU",
  "y": "bdfJGraBVL5aPj38TG4tHwxpU2VKwG1XBp0wQfCLOFQ",
  "d": "4f5C3onScS-l9MmKlvIbOV_M3jcQ9qOd4RoYFVlJUIo"
}
ECDH encryption object requiring the same private key as in the sample object while using a different set of algorithms both for key encryption and content encryption:
{
  "algorithm": "A128GCM",
  "keyEncryption": {
    "algorithm": "ECDH-ES+A128KW",
    "keyId": "20170101:mybank:p256",
    "ephemeralKey": {
      "kty": "EC",
      "crv": "P-256",
      "x": "O7hnNi_2as62VYv_kaxKf624qhjMrW8_4cY9GomkbDQ",
      "y": "MwcmwdGKabRlWRRDXooradgmmh01t2p6q_0iMcy-9_M"
    },
    "encryptedKey": "9oJgtGF0G6F_8RMId0zDYDoh8l6dFEu7"
  },
  "iv": "CWatej6VY9HlSA_x",
  "tag": "Cnc0c3ZIHgxxQMVKeD-T1Q",
  "cipherText": "a8hnGiJBFIcOI5Bp_sNsFoZq8975lA"
}
ECDH encryption object requiring the same private key as in the sample object while providing the public key information in line, instead of using a keyId:
{
  "algorithm": "A128CBC-HS256",
  "keyEncryption": {
    "algorithm": "ECDH-ES+A256KW",
    "publicKey": {
      "kty": "EC",
      "crv": "P-256",
      "x": "_gow8fcS3Dx9z6j57U5q8tunnRBdrgLU9A7CZTYCnqU",
      "y": "bdfJGraBVL5aPj38TG4tHwxpU2VKwG1XBp0wQfCLOFQ"
    },
    "ephemeralKey": {
      "kty": "EC",
      "crv": "P-256",
      "x": "VbwCZOUh7YqmvYlhNY3Pt78GygAPMw1aJyzR9PXeO_o",
      "y": "L48sh3QRr75n67O6b0viOXZLdcQLrWAQDHJkBSEoUE0"
    },
    "encryptedKey": "68iW8LF0DWc0SpA_wlfi-qIPP_jZq9V5jAQUs-cx7B8Wi59Lu0kXPQ"
  },
  "iv": "JIgOOlyMHYr8PH4kkh8ulQ",
  "tag": "qhX4rp3ybPKoopX7EE4RwQ",
  "cipherText": "p8i9cQ8DQe8i9xmp4UJHnpulGoIikEPq3Z6lYZfEYWY"
}
EC private key for decrypting the subsequent object:
{
  "kid": "20170101:mybank:p384",
  "kty": "EC",
  "crv": "P-384",
  "x": "SxtEVg93j4L2bK7Q8qJDYo6xRvP3p3ptyqmQaYnZRH5Ube2T2RogGMl-HHZRTYMO",
  "y": "Zu8b16lT-c5VstC4H9WA28LvcLleE6auP-A9Dr76uu8MI5YjOGH64MJZFswOX8Vz",
  "d": "PWoaRCsLI8sGkKy9O6yTPx8f0lN6CAYu9jfmlI5YmW6XW9qc6Qd2hz6FsrsZ2cxd"
}
ECDH encryption object requiring the private key above:
{
  "algorithm": "A256CBC-HS512",
  "keyEncryption": {
    "algorithm": "ECDH-ES",
    "publicKey": {
      "kty": "EC",
      "crv": "P-384",
      "x": "SxtEVg93j4L2bK7Q8qJDYo6xRvP3p3ptyqmQaYnZRH5Ube2T2RogGMl-HHZRTYMO",
      "y": "Zu8b16lT-c5VstC4H9WA28LvcLleE6auP-A9Dr76uu8MI5YjOGH64MJZFswOX8Vz"
    },
    "ephemeralKey": {
      "kty": "EC",
      "crv": "P-384",
      "x": "T_1aEuHUoFPQEA1P2MFcH1jT40TXZUIVKzmm3H6R_Pc6ZZ0kn5chZWxF86-gRl_G",
      "y": "cek_NpkO8ySQAzc1C-D9ncE8ORpP1ygTUGWTnnPILgu1JBtdHeyAByw75a5nO0GM"
    }
  },
  "iv": "EtJ0AWimhlt_nPIVM4GemA",
  "tag": "7OW9Kud4UCzmSVd49BX-7D0d0IUg2m8HgjZigbtKMx8",
  "cipherText": "vdzV4bHs0AK0erllAfmJaWkYNNHco7M4Xb_zkisvZcs"
}
EC private key for decrypting the subsequent object:
{
  "kid": "20170101:mybank:p521",
  "kty": "EC",
  "crv": "P-521",
  "x": "AKwELPGw-uyxNNMpqynB-71e-5GNMcLmFM0j0mbyVToRflwlWnXS-iAXxR_nOoWK426QoXlyNieyaWBQdwXrnKfj",
  "y": "AIgLgTCaxgKc461uMwFZ04qdBaVa9Wgy8VLNiHrZkKYL3Q_qmLTa9TKQgRThuCpcqlZFnhMPrPLgb3ev6rqCt0GS",
  "d": "AXfJ2R7ao8c2_gL9porCC1yR90w-R8MZ0HNjXcftOlkBD7njIFj7QAYlljJCkx7M3LJSeo5ha4Dg7mD0V1a_vhqr"
}
ECDH encryption object requiring the private key above:
{
  "algorithm": "A128GCM",
  "keyEncryption": {
    "algorithm": "ECDH-ES+A128KW",
    "publicKey": {
      "kty": "EC",
      "crv": "P-521",
      "x": "AKwELPGw-uyxNNMpqynB-71e-5GNMcLmFM0j0mbyVToRflwlWnXS-iAXxR_nOoWK426QoXlyNieyaWBQdwXrnKfj",
      "y": "AIgLgTCaxgKc461uMwFZ04qdBaVa9Wgy8VLNiHrZkKYL3Q_qmLTa9TKQgRThuCpcqlZFnhMPrPLgb3ev6rqCt0GS"
    },
    "ephemeralKey": {
      "kty": "EC",
      "crv": "P-521",
      "x": "ABsa37aeOWkAqz4-5EeFau-DyUjRexl45PJHzwz_YwpaKlKdj9R7jxkd6ocUyymgQLpxg3JWFsARiyZbdXNa5rcC",
      "y": "AXR89kdk6o057Aw8aIcWTkLy960XyMLrqPiNKDPiGsrfCoB4NqTVsDo0cblr8R_TFCIpwbmTqAoVwHxnRoQOswlD"
    },
    "encryptedKey": "J_K7Xf_mK9rlZ7-K8xobdvBaTmNS_YJM"
  },
  "iv": "KUA4_yOLop5JYu92",
  "tag": "pFdsa-_srsS9V_duf59f7Q",
  "cipherText": "Y2DZ4aCZqdGRk50TODl_XumBsdtx6A"
}
RSA private key for decrypting the subsequent object:
{
  "kid": "20170101:mybank:r2048",
  "kty": "RSA",
  "n": "oBq8_RJIJF9h2dm4r1kjBwv_W-G_YM-clG7GYwGWih3Y22HZnBmMn2Iqf4uXiwty9lICxrdBNcU6b79DY_GmNbA5j16dsuBIqZSq8yMtXfDpC8OS7Dy6OxjFyMZrA4IEqqjvDEmJC5aXoaBD3exECDvsRgB18jNoKyq2CDWgg22wuLz7I0B_T2tM26hPLRw8KfM8pQ1bPUcFn_nUKCrW7Wc2KIWGPwsPmL24VVctzhUWkr-nHuR_RKs2KAff0SYTpWElyEau7AqHiHAOhnPnGOxfb7r6V1AbDx-F95gSDFtoFPRWhNJDng1qHI23UD_7ONTGIK_I4I6y1rf7r26TDQ",
  "e": "AQAB",
  "d": "RbPeW38-ETfFbgavtQdljIfYoLPjkc5RKP4hOLFUTMU5yCkNiDxHUIx4XBb13v8ZCcwikUjvBu3axxPJzxVBe1ZBeP2EQoAKommrEzdZZPChRRHcQSUfHuNmGEbqCBju1y29BOhu1bC2SxNu-IsIA12zO7avosZmr4Rkw6Y1P4Ip67l-9D5KjCcQPfNpSwZzsvXd9AAocpjFZXGOlrjOOnyIblx1IRlyo32_A4PWYniRl_sp26eNr5zGpib_QdU1SrXzuDQcqAmjgiibPeLls7rCvCT1BIBU0MBUzU34dI5lLlMuYWNSNIC6Oa1UYsNoQ1pQHp9H3sy5e0reekN7gQ",
  "p": "99e3Ckt9gVVEpjY4u6Tp9wjC0XPhYqntmq-4JVBIMaMDs87gUC8r7GGFpFfJaImTUxMB0Z442A8gCW7yqS_Xaq6-ddhSalAvb-LaNXpyPEfETNoOoKfa3TMQMe_J9nzv6OcD6Y43CpMOtZLJdrGxtiCytTGhILsAdees91tdw3k",
  "q": "pV_BHdUqnbMTRF8hoYr_f2_9DXe_XYITU1bWlp2Izj8zySuOI4dusrGQIOY8ZFhc-fA_mBICrFlNrPdDv909FP3bJ9MsGrlxsFvLojiiRs4jPcUDqLynOVPrrQ7HWDoMjawfnTGX7LUe8gf-e4yTsq0WXvMCrulBgPG7Sla0MzU",
  "dp": "uVO27Z3RdZq7QMae2cHRqgYFF_Zc_RgwMlFfk5daxLMvG4-AsLT1VUb_VgrG8sKdRaua2pJD01xMCoHKNrUtkfqlNR3TUugu8K1jmkW7klPf98--zGd4A5whahXyobx-8Vt903GiuueIQkJHH9h0GMqOl2tLH1x2VbQt5LGPhZE",
  "dq": "mJ-a1zGYtxpCOeOiYjiqPK7aWMefcWlO9Kc8PJz_WXmzDYKJF_kyDPEbF4HlUqbKiFFWH77fgLiam3tIp5ZDfVAcJtEZ70Ae0KincvvZqIcutx9QlTYnDx2IcJsnFyHb3BRyyNywXeF6wdzm3JeM6GYeM1sLqunTbnGqbJ1AidE",
  "qi": "73MikBETtdyRa37zKeQc-RtPkWhj4HUyQSSNcYyXnCJmPGLt4LFAo2YMp11w7Y_9cOOo5rI3N4LLuGFfOZ9ecCxCP86NUWKY05DrjGnHUvTcmKDlbxEIMnGES0uoykxMoa5-hYjdcd3AgxOQ-EPV6ZipedP0UZmEfNPoZJbKbQc"
}
RSA encryption object requiring the private key above:
{
  "algorithm": "A256GCM",
  "keyEncryption": {
    "algorithm": "RSA-OAEP-256",
    "publicKey": {
      "kty": "RSA",
      "n": "oBq8_RJIJF9h2dm4r1kjBwv_W-G_YM-clG7GYwGWih3Y22HZnBmMn2Iqf4uXiwty9lICxrdBNcU6b79DY_GmNbA5j16dsuBIqZSq8yMtXfDpC8OS7Dy6OxjFyMZrA4IEqqjvDEmJC5aXoaBD3exECDvsRgB18jNoKyq2CDWgg22wuLz7I0B_T2tM26hPLRw8KfM8pQ1bPUcFn_nUKCrW7Wc2KIWGPwsPmL24VVctzhUWkr-nHuR_RKs2KAff0SYTpWElyEau7AqHiHAOhnPnGOxfb7r6V1AbDx-F95gSDFtoFPRWhNJDng1qHI23UD_7ONTGIK_I4I6y1rf7r26TDQ",
      "e": "AQAB"
    },
    "encryptedKey": "W1SK7cTXLI5mWg8zrc633VVEM9PIqAa3jxkMGpVqqvV9BBgiOnpLtokJaoWkbf6otk72-C6tUIL6anuVf7M1EjH5a5xzqnV99PiusfSnEAsflTlYKMRFG-wItYgAo4EkxiZzB8bKhwA8NYA2fOiV0I8R-gZncNlmV2iq4RIKdNKNhXdvzK2VTE9iO0okJCOTEgXFRoieReaoZewsdglFxqnPC1ClJuZr-HKatYI_2hufAugq5_bx1ckB3CMBSGifG8VnQjvv8VGhe2Enlwaan9RgefKI_awVp2d-Gcv7aCp6d5gZdu4fGVkAuG5vsNlAFC0y3X_sVtWM-wo8I2lFIA"
  },
  "iv": "3PfAxawUT6IcXufN",
  "tag": "VlkEtudGlgm5lD6t3tDJDA",
  "cipherText": "ZErCjUxJnqATD0-bNRnnR5ft0x5hsA"
}
RSA encryption object requiring the same private key as in the previous example but relying on that this being implicitly known since the encryption object neither contains a keyId, nor a publicKey property:
{
  "algorithm": "A256GCM",
  "keyEncryption": {
    "algorithm": "RSA-OAEP-256",
    "encryptedKey": "JZKCedhn0csNMGrfQ7knY4bv14HWnbwUmZGH2EgaPpHBs2wadf_q4s0fXWlntP_B2ejQyXaDnUFZbfdSidGzg5PoGaXlnutGtazzgaF1FqDRtfovip9DGqq0OIB_rZZsyFtVQp1CVWLpv68cFJ1RUbyynNcw2aJlLAIJpTjzfzAIuxNooesJU-RBWRMUJGOIdfhgFWCtrlfse05ueeOdsXyi_CL7zudOStkLADa0Je2OQ6OgDLOMahXgWpgN-t9y0w3wI5QuQaF9MjoJoMgNSl9-5U6NuPS4r8EitBFaRGjEY-p81C3odBvXmSA61JKL3g5rpY2HFduKFl-Yfvlkew"
  },
  "iv": "cHShIa38494NwxJn",
  "tag": "DLyMu-HaS5-ltDOLJgODmQ",
  "cipherText": "8XKYBvNSkYvKv3CzwQIQGvCRS_kDAA"
}
RSA encryption object requiring the same private key as in the previous example while using a different set of algorithms both for key encryption and content encryption:
{
  "algorithm": "A128GCM",
  "keyEncryption": {
    "algorithm": "RSA-OAEP",
    "encryptedKey": "W8U7Y6t7Je7UlOmRqi84y49UBtX8NQfGBBsedj_LH0capiyDAt8U9yuBij8yLoRjbwHdiBDPEDtfrfWY19uj2G4_XEBcRRCfrtiizKrsgCdlC5FQel8byEkPMEOgSsZpeVwzzjyd7SCAZG9aUdcbX8iG3wyg7mBhUpgJXC8HBeOeLSdl0Fq6l3SdDxdZ7JYpXLvZY2af1C-8PbHzBMGHyxI2ncUoGerysgGflZ5l1i7vuPpsAtbSN7wv-jmQRNawJ___HRnpeAUB2PV_B0C9XNQFIe9J3FRuQ5fSTqfn_W5uYzkA0AVlr4MQoIwGl2uJPBTDSCljmlVMFYWvsPTvUQ"
  },
  "iv": "vDvjPmGYAjv2-jB5",
  "tag": "_LnV0CZ7ehDtbqurupxZHA",
  "cipherText": "ykDyiibT8OXW-13HtDvcxmdqajkoLQ"
}
AES key named "s128bitkey" here provided in Base64URL notation:
QhI6ZZNgFjrYhHH4wImROw
Encryption object requiring the key above for decryption:
{
  "algorithm": "A128GCM",
  "keyId": "s128bitkey",
  "iv": "qUZbFXlIhd9OsY9x",
  "tag": "YcfPOyDN01pqoJjdj4WqOQ",
  "cipherText": "HaUAhP3GvlOjyuO7D-sWKGp0W67y3Q"
}
AES key named "s256bitkey" here provided in Base64URL notation:
f92FGjudLa_F8NAAMOIrk0OQDNQu3klIVopKLuZVKRo
Encryption object requiring the key above for decryption:
{
  "algorithm": "A128CBC-HS256",
  "keyId": "s256bitkey",
  "iv": "sTDjHH63ExGWVcs03MFULg",
  "tag": "AsM_vPiUUIj-rwJ_dCcUeA",
  "cipherText": "_fibK407sl3X3VFALJ0oCF4ikIH1ozWeqEyXycTW-U8"
}
AES key named "s256bitkey" here provided in Base64URL notation:
f92FGjudLa_F8NAAMOIrk0OQDNQu3klIVopKLuZVKRo
Encryption object requiring the key above for decryption:
{
  "algorithm": "A256GCM",
  "iv": "CRGRzC8gLsUrcOHB",
  "tag": "yUYZY7ntuQTmoNeuuIDvSw",
  "cipherText": "ykgBT6iSNb_j8tkllx436plBRMp7Fw"
}
AES key named "s256bitkey" here provided in Base64URL notation:
f92FGjudLa_F8NAAMOIrk0OQDNQu3klIVopKLuZVKRo
Encryption object requiring the key above for decryption:
{
  "algorithm": "A256GCM",
  "keyId": "s256bitkey",
  "iv": "apTU8Swf_sATDo9H",
  "tag": "6XP0v6objbPvT0v67F5mIg",
  "cipherText": "eJrngb28Ngrjoa1xpkEfOtUVpTA88Q"
}
AES key named "s512bitkey" here provided in Base64URL notation:
g9JulrcaXddnwhXyAe9YhPsD3-Wo7pYS1OPJQuhNRd_cWAHLg3mVjzr2ANaOuhoU6UXJDxZVZx8ELOp7NNUyNg
Encryption object requiring the key above for decryption:
{
  "algorithm": "A256CBC-HS512",
  "keyId": "s512bitkey",
  "iv": "jUBuGiVcmxD68ONGz9suWw",
  "tag": "jbqFh6534qsruUZ5qrbHBBmSnGpuk3mXKbVwjeKqIAg",
  "cipherText": "zPlhvc3l99RVq0iTvE6IKkyQwoMwSCRYK4yXPwiGTGg"
}
Appendix B: References
ReferenceDescription
[ES6]A. Wirfs-Brock, "ECMAScript 2015 Language Specification", ECMA-262, June 2015.
https://www.ecma-international.org/ecma-262/6.0/ECMA-262.pdf
[JCS]A. Rundgren, "JCS - JSON Cleartext Signature", Work in progress, V0.70, May 2017. https://cyberphone.github.io/doc/security/jcs.html
[OPENKEY]"OpenKeyStore Project", https://github.com/cyberphone/openkeystore
[RFC3986]T. Berners-Lee, R. Fielding, L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", RFC 3986, January 2005. https://tools.ietf.org/html/rfc3986
[RFC4648]S. Josefsson, "The Base16, Base32, and Base64 Data Encodings", RFC 4648, October 2006. https://tools.ietf.org/html/rfc4648
[RFC7159]T. Bray, "The JavaScript Object Notation (JSON) Data Interchange Format", RFC 7159, March 2014. https://tools.ietf.org/html/rfc7159
[RFC7516]M. Jones, J. Hildebrand, "JSON Web Encryption (JWE)", RFC 7516, May 2015. https://tools.ietf.org/html/rfc7516
[RFC7517]M. Jones, "JSON Web Key (JWK)", RFC 7517, May 2015. https://tools.ietf.org/html/rfc7517
[RFC7518]M. Jones, "JSON Web Algorithms (JWA)", RFC 7518, May 2015. https://tools.ietf.org/html/rfc7518
Appendix C: Document History
DateVerComment
2016-08-030.3Initial publication in HTML5
2017-04-190.4Changed public keys to use JWK [RFC7517] format
2017-04-250.5Added KW and GCM algorithms
2017-05-150.51Added test vectors and missing RSA-OAEP algorithm
Appendix D: Author
JEF was developed by Anders Rundgren (anders.rundgren.net@gmail.com) as a part of the OpenKeyStore [OPENKEY] project .