AnsweredAssumed Answered

Using RSA Public Key to Encrypt with Encode Json Web Token

Question asked by ashk on Jul 24, 2018

We are working with a partner who has provided a public key which needs to be used to encrypt a JSON Web Token (JWT), thus becoming a JWE.

 

Previous discussions with CA support have indicated that the CA API Gateway is not capable of doing this.

 

Has anyone been able to make this work?

 

Example of the Public Key format (note: NOT a Public Cert):

-----BEGIN PUBLIC KEY-----
MIIBIjANBxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END PUBLIC KEY-----

 

We have tried populating this in a context variable as follows (note: not a certificate, so we cannot import this in the Manage certificates screen):

 

Usage of the key in Encode Json Web Token properties:

 

Our 3rd party has indicated the following

AlgorithmEncryptionKey Size
RSA-OAEPA256CBC-HS5122048

 

Error in Gateway Audit Events:

Outcomes