EncryptionAlgorithms.ContentEncryption Class
Abblix.Jwt
Abblix.Jwt.EncryptionAlgorithms
EncryptionAlgorithms.ContentEncryption Class
Content encryption algorithms ("enc" parameter in the JWE header). These encrypt the JWE payload using the Content Encryption Key produced by the key management algorithm.
public static class EncryptionAlgorithms.ContentEncryption
Inheritance System.Object → ContentEncryption
Fields
EncryptionAlgorithms.ContentEncryption.Aes128CbcHmacSha256 Field
AES-128-CBC with HMAC-SHA-256 authentication (RFC 7518 Section 5.2). Backed by .NET
Aes in CBC/PKCS7 mode and HMACSHA256; the 256-bit CEK is split into a
128-bit MAC key and a 128-bit AES key.
public const string Aes128CbcHmacSha256 = "A128CBC-HS256";
Field Value
EncryptionAlgorithms.ContentEncryption.Aes128Gcm Field
AES-128 in Galois/Counter Mode (RFC 7518 Section 5.3). Backed by .NET AesGcm
with a 96-bit IV and 128-bit authentication tag. Single-pass authenticated encryption.
public const string Aes128Gcm = "A128GCM";
Field Value
EncryptionAlgorithms.ContentEncryption.Aes192CbcHmacSha384 Field
AES-192-CBC with HMAC-SHA-384 authentication (RFC 7518 Section 5.2). Backed by .NET
Aes in CBC/PKCS7 mode and HMACSHA384; uses a 384-bit CEK.
public const string Aes192CbcHmacSha384 = "A192CBC-HS384";
Field Value
EncryptionAlgorithms.ContentEncryption.Aes192Gcm Field
AES-192 in Galois/Counter Mode (RFC 7518 Section 5.3). Backed by .NET AesGcm
with a 96-bit IV and 128-bit authentication tag.
public const string Aes192Gcm = "A192GCM";
Field Value
EncryptionAlgorithms.ContentEncryption.Aes256CbcHmacSha512 Field
AES-256-CBC with HMAC-SHA-512 authentication (RFC 7518 Section 5.2). Backed by .NET
Aes in CBC/PKCS7 mode and HMACSHA512; uses a 512-bit CEK.
Default content encryption used by this library when issuing encrypted tokens.
public const string Aes256CbcHmacSha512 = "A256CBC-HS512";
Field Value
EncryptionAlgorithms.ContentEncryption.Aes256Gcm Field
AES-256 in Galois/Counter Mode (RFC 7518 Section 5.3). Backed by .NET AesGcm
with a 96-bit IV and 128-bit authentication tag. Recommended where peers support GCM.
public const string Aes256Gcm = "A256GCM";