This framework is not just a library, it also contains a Symfony bundle for easy integration into your application. It also provides a standalone console command that will help you to manage your keys and key sets.
Provided Features
Supported Input Types:
JWS or JWE objects support every input that can be encoded into JSON:
string, array, integer, float...
Objects that implement the \JsonSerializable interface such as JWK or JWKSet
The is supported.
Supported Serialization Modes
Compact JSON Serialization Syntax for JWS and JWE
Flattened JSON Serialization Syntax for JWS and JWE
General JSON Serialization Syntax for JWS and JWE
Supported Compression Methods
Supported Key Types (JWK)
JWK objects support JSON Web Key Thumbprint ().
Note: we use anonekey type for thenonealgorithm only.
Key Sets (JWKSet)
JWKSet is fully supported.
Supported Signature Algorithms
Supported Key Encryption Algorithms
Supported Content Encryption Algorithms
Prerequisites
This framework needs at least:
,
GMP extension.
MBString extension.
Depending on the algorithms you using, other PHP extensions may be required (e.g. OpenSSL).
Please also consider the following optional requirements:
If you intent to use EdDSA or ECDH-ES algorithm with Ed25519/X25519 curves on PHP 7.1, please install this
Continuous Integration
It has been successfully tested using PHP 7.1, PHP 7.2 and nightly with all algorithms.
Tests vectors from the are fully implemented and all tests pass. Other test vector sources may be used (e.g. new algorithm specifications).
We also track bugs and code quality using and .
Coding Standards are verified by .
Code coverage is analyzed by .
How to use
Security Recommendations
To avoid security issues on your application, please follow thesecarefully.
Performances
Please read the to know how to test the algorithms of the framework.
You can also see the made with our development environment.
Contributing
Requests for new features, bug fixed and all other ideas to make this framework useful are welcome. If you feel comfortable writing code, you could try to fix or .
Do not forget to .
If you think you have found a security issue, DO NOT open an issue. .
Licence
This project is release under .
Octet Key Pair based asymmetric keys
none
YES
Please note that this is not a secured algorithm. USE IT WITH CAUTION!
EdDSA with Ed25519 curve
YES
EdDSA with Ed448 curve
NO
No extension or built-in implementation available
HS1
YES
From v1.2. Experimental. Not recommended ; for testing purpose or compatibility with old systems only.
RS1
YES
From v1.2. Experimental. Not recommended ; for testing purpose or compatibility with old systems only.
HS256/64
YES
From v1.2. Experimental. Not recommended ; for testing purpose or compatibility with old systems only.
PBES2-HS256+A128KW, PBES2-HS384+A192KW and PBES2-HS512+A256KW
YES
A128GCMKW, A192GCMKW and A256GCMKW
YES
ECDH-ES with X25519 curve
YES
ECDH-ES with X448 curve
NO
No extension or built-in implementation available
RSA-OEAP-384 and RSA-OAEP-512
YES
From v1.2. Experimental. For testing purpose only.
ChaCha20-Poly1305
YES
From v1.2. Experimental. For testing purpose only.
Compression Method
Supported
Comment
Deflate (DEF)
YES
GZip (GZ)
YES
This compression method is not described in the specification
ZLib (ZLIB)
YES
This compression method is not described in the specification
Key Type
Supported
Comment
oct
YES
Symmetric keys
RSA
YES
RSA based asymmetric keys
EC
YES
Elliptic Curves based asymmetric keys
OKP
Signature Algorithm
Supported
Comment
HS256, HS384 and HS512
YES
ES256, ES384 and ES512
YES
RS256, RS384 and RS512
YES
PS256, PS384 and PS512
Key Encryption Algorithm
Supported
Comment
dir
YES
RSA1_5, RSA-OAEP and RSA-OAEP-256
YES
The algorithms RSA1_5 and RSA-OAEP are now deprecated. Please use with caution.
ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW and ECDH-ES+A256KW
YES
A128KW, A192KW and A256KW
Content Encryption Algorithm
Supported
Comment
A128CBC+HS256, A192CBC+HS384 and A256CBC+HS512
YES
A128GCM, A192GCM and A256GCM
YES
A128CTR, A192CTR and A256CTR
YES
From v1.2. Not recommended. For testing purpose only.
