Provided Features
Supported Input Types:
JWS or JWE objects support every input that can be encoded into JSON:
string,array,integer,float...Objects that implement the
\JsonSerializableinterface such asJWKorJWKSet
The detached payload is supported.
Supported Serialization Modes
| Serialization syntax | JWS | JWE |
|---|---|---|
Compact | YES | YES |
Flattened JSON | YES | YES |
General JSON | YES | YES |
Supported Compression Methods
| Compression mode | Supported |
|---|---|
Deflate ( | YES |
Compression is not recommended. Please avoid its use. See RFC8725 for more information.
Supported Key Types (JWK)
| Key Type | Supported | Comment |
|---|---|---|
oct | YES | Symmetric keys |
RSA | YES | RSA based asymmetric keys |
EC | YES | Elliptic Curves based asymmetric keys |
OKP | YES | Octet Key Pair based asymmetric keys |
JWK objects support JSON Web Key Thumbprint (RFC 7638).
A none key type for the none algorithm. It is used to explicitly allow this unsecured algorithm.
Key Sets (JWKSet)
JWKSet is fully supported.
Supported Signature Algorithms
| Signature Algorithm | Supported | Comment |
|---|---|---|
HS256 HS384 HS512 | YES | |
ES256 ES384 ES512 | YES | |
RS256 RS384 RS512 | YES | |
PS256 PS384 PS512 | YES | GMP or BCMath extension is highly recommended |
none | YES | Please note that this is not a secured algorithm. USE IT WITH CAUTION! |
EdDSA with Ed25519 curve | YES | SODIUM extension is highly required |
EdDSA with Ed448 curve | NO | No extension or built-in implementation available |
Other signature algorithms like RS1, HS1 or HS256/64 are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Supported Key Encryption Algorithms
| Key Encryption Algorithm | Supported | |
|---|---|---|
dir | YES | |
RSA1_5 RSA-OAEP RSA-OAEP-256 | YES | GMP or BCMath extension is highly recommended Read note below! |
ECDH-ES ECDH-ES+A128KW ECDH-ES+A192KW ECDH-ES+A256KW | YES |
|
ECDH-SS ECDH-SS+A128KW ECDH-SS+A192KW ECDH-SS+A256KW | YES |
|
A128KW A192KW A256KW | YES |
|
PBES2-HS256+A128KW PBES2-HS384+A192KW PBES2-HS512+A256KW | YES |
|
A128GCMKW A192GCMKW A256GCMKW | YES |
|
ECDH-ES with X25519 curve | YES | SODIUM extension is highly required |
ECDH-ES with X448 curve | NO | No extension or built-in implementation available |
Other encryption algorithms like RSA-OEAP-384 or ChaCha20-Poly1305 are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
The algorithms RSA1_5 and RSA-OAEP are now deprecated. Please use with caution.
Supported Content Encryption Algorithms
| Content Encryption Algorithm | Supported |
|---|---|
A128CBC+HS256 A192CBC+HS384 A256CBC+HS512 | YES |
A128GCM A192GCM A256GCM | YES |
Other encryption algorithms like A128CTR, A192CTR and A256CTR are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Last updated