JWT Framework
v1.x
v1.x
  • Introduction
  • Components
    • Algorithm Management (JWA)
    • Key (JWK) and Key Set (JWKSet)
      • Key Management (JWK)
      • Key Set Management (JWKSet)
    • Header Checker
    • Claim Checker
    • Signed Tokens (JWS)
      • Signature Algorithms
      • JWS Creation
      • JWS Loading
    • Encrypted Tokens (JWE)
      • Encryption Algorithms
      • JWE Creation
      • JWE Loading
  • Symfony Bundle
    • Algorithm Management
    • Key and Key Set Management
      • Key Management (JWK)
      • Key Set Management (JWKSet)
    • Header and Claim Checker Management
    • Signed Tokens
      • JWS serializers
      • JWS creation
      • JWS verification
    • Encrypted Tokens
      • JWE serializers
      • JWE creation
      • JWE decryption
    • Configuration Helper
  • Console
    • Standalone Application
    • Symfony Console
    • PHAR Application
  • Security Recommendations
  • Advanced Topics
    • Nested Tokens
    • Serialization
    • Custom Algorithm
    • Signed tokens and
      • Unprotected Header
      • Multiple Signatures
      • Detached Payload
      • Unencoded Payload
    • Encrypted tokens and
      • Unprotected Headers
      • Multiple Recipients
      • Additional Authentication Data (AAD)
  • Benchmarks
    • Result table
  • Migration
    • From spomky-labs/jose
      • Keys (JWK)
      • Key Sets (JWKSet)
      • Signed Tokens (JWS)
      • Encrypted Tokens (JWE)
      • Header Checking
      • Claim Checking
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Components
  2. Signed Tokens (JWS)

Signature Algorithms

This framework comes with several signature algorithms. These algorithms are in the following namespace: Jose\Component\Signature\Algorithm.

From v1.2, the algorithms have their own sub-packages. To avoid BC breaks, these packages are automatically installed for all v1.x of the framework. Starting at v2.0, you will have to explicitly install the algorithm packages you need.

  • HMAC with SHA-2 Functions. Package web-token/jwt-signature-algorithm-hmac

    • HS256

    • HS384

    • HS512

  • Elliptic Curve Digital Signature Algorithm (ECDSA). Package web-token/jwt-signature-algorithm-ecdsa

    • ES256

    • ES384

    • ES512

  • RSASSA-PKCS1 v1_5. Package web-token/jwt-signature-algorithm-rsa

    • RS256

    • RS384

    • RS512

  • RSASSA-PSS. Package web-token/jwt-signature-algorithm-rsa

    • PS256

    • PS384

    • PS512

  • Edwards-curve Digital Signature Algorithm (EdDSA) Package web-token/jwt-signature-algorithm-eddsa

    • EdDSA (only with the Ed25519 curve)

  • Unsecured algorithm Package web-token/jwt-signature-algorithm-none

    • none

The following signature algorithms are experimental and must not be used in production unless you know what you are doing. They are proposed for testing purpose only.

They are all part of the package web-token/jwt-signature-algorithm-experimental

  • RS1: RSASSA-PKCS1 v1_5 with SHA-1 hashing function.

  • HS1: HMAC with SHA-1 hashing function.

How To Use

Example:

<?php

use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Signature\Algorithm\PS256;
use Jose\Component\Signature\Algorithm\ES512;
use Jose\Component\Signature\Algorithm\None;

$algorithm_manager = AlgorithmManager::create([
    new PS256(),
    new ES512(),
    new None(),
]);
PreviousSigned Tokens (JWS)NextJWS Creation

Last updated 6 years ago

Was this helpful?

These algorithms have to be used with the . They do not need any arguments.

Algorithm Manager