Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Encrypted Payload Envelop
See original GitHub issueIt doesn’t appear that Swagger has a way of describing that the message payload can be placed in an encryption envelop. Is there plans to add that in the future?
Something like this:
{
"securePayload": {
"key": "AES public symmetric key",
"iv": "AES initialization vector",
"payload": "AES encrypted payload"
}
}
Issue Analytics
- State:
- Created 8 years ago
- Reactions:3
- Comments:7 (6 by maintainers)
Top Results From Across the Web
Envelope encryption | Cloud KMS Documentation
Storing and encrypting data at Google's scale requires using a central cryptographic key management service with multiple layers of keys for the encrypted...
Read more >Contents of the encrypted password or password phrase ... - IBM
RACF® will first sign, and then envelope (encrypt) the password or password phrase payload (defined below). The recipient will decrypt the envelope to ......
Read more >Cloud Architecture Pattern: Envelope ... - Nilay's Corner
Encrypted payload and encrypted data key sent to the consumer where consumer reverse the two-fold encryption. Envelope Encryption is useful for stronger data ......
Read more >Use envelope encryption with data keys to protect messaging ...
Azure and AWS cloud SDKs support Envelope style data encryption useful for data that ends up at rest in messaging, streaming or storage ......
Read more >When to use envelope encryption and when not?
Using Encryption as a Service mechanism, which will simply encrypt and decrypt every single payload using a single API call (e.g. Hashicorp ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@RobDolinMS While HTTP (or rather HTTPS) allow encrypting everything, this is just on the transport layer.
There might be cases where encrypted content needs to be passed on by one of the communication partners (which doesn’t even have the key) to/from someone else, maybe together with some non-encrypted metadata.
In this case a wrapper like in the initial post might be useful, with a way to define in OpenAPI both how the unencrypted parts and how the encrypted parts look (after decryption/before encryption).
Is this just handled at the HTTP layer?