Hi Team,
We did a POC of using Encrypted JWT with the following setting where my
Algorithms used for Key is A256KW and Content is A256GCM and the SecretKey provided is in hex format with the value "D8A2209DF448D653592FBB3519781A4DD8A2209DF448D653592FBB3519781A4D" and it is working as expected. My token is getting generated perfectly and its encrypted with the following settings.
<GenerateJWT async="false" continueOnError="false" enabled="true" name="JWT-generation">
<DisplayName>JWT-generation-Demo</DisplayName>
<IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
<Algorithms>
<Key>A256KW</Key>
<Content>A256GCM</Content>
</Algorithms>
<SecretKey encoding="hex">
<Value ref="private.aes.encryption.key"/>
</SecretKey>
<OutputVariable>generatedJWT</OutputVariable>
</GenerateJWT>
My Question is how can I generate the SecretKey very similar to what I have used above encoded in hex???
I don't want to create it from online tools so any good documentations or commands reference would help.
example: D8A2209DF448D653592FBB3519781A4DD8A2209DF448D653592FBB3519781A4D
@dchiesa1 Please recommend something
@dchiesa1 Can you please help me here, I would be very helpful
That representation (D8A2209DF448D...) is a hex-encoding of a key.
You can google for hints on how to get a hex encoding of a byte stream.
An AES key is just any stream of bytes. Where you "get" that key, is sort of up to you. Probably you want to generate that key with a random number generator. In Nodejs, you can refer here to generate random bytes. Or in Java, refer here. And then you'd do something like this to print it. Resulting in:
$ jshell
| Welcome to JShell -- Version 11.0.21
| For an introduction type: /help intro
jshell> byte[] bytes = new byte[32];
bytes ==> byte[32] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ... , 0, 0, 0, 0, 0, 0, 0, 0 }
jshell> java.security.SecureRandom.getInstanceStrong().nextBytes(bytes);
jshell> String.format("%032x", new java.math.BigInteger(1, bytes));
$3 ==> "43e3fff8a5dbea6ba8d7beae75d5767d8730971bae9e15400ccf1aa24ec9ac00"
jshell> /exit
| Goodbye
If you have a STRING, a human-readable string, you can encode the string into a hex byte stream like this:
// encode from UTF-8 String to hex
let arg = 'string-to-encode';
let hex = Buffer.from(arg, 'utf-8').toString('hex');
console.log(`${arg}:\n ${hex}`);
and the result is like this:
abcdefg:
61626364656667
But your key (D8A2209D...) is not decodable via UTF-8 into a readable string.