Provided Features
Supported Input Types:
JWS or JWE objects support every input that can be encoded into JSON:
string
,array
,integer
,float
...Objects that implement the
\JsonSerializable
interface such asJWK
orJWKSet
The detached payload is supported.
Supported Serialization Modes
Serialization syntax | JWS | JWE |
---|---|---|
Compact | YES | YES |
Flattened JSON | YES | YES |
General JSON | YES | YES |
Supported Compression Methods
Compression mode | Supported |
---|---|
Deflate ( | YES |
Compression is not recommended. Please avoid its use. See RFC8725 for more information.
Supported Key Types (JWK)
Key Type | Supported | Comment |
---|---|---|
oct | YES | Symmetric keys |
RSA | YES | RSA based asymmetric keys |
EC | YES | Elliptic Curves based asymmetric keys |
OKP | YES | Octet Key Pair based asymmetric keys |
JWK objects support JSON Web Key Thumbprint (RFC 7638).
A none
key type for the none
algorithm. It is used to explicitly allow this unsecured algorithm.
Key Sets (JWKSet)
JWKSet is fully supported.
Supported Signature Algorithms
Signature Algorithm | Supported | Comment |
---|---|---|
HS256 HS384 HS512 | YES | |
ES256 ES384 ES512 | YES | |
RS256 RS384 RS512 | YES | |
PS256 PS384 PS512 | YES | GMP or BCMath extension is highly recommended |
none | YES | Please note that this is not a secured algorithm. USE IT WITH CAUTION! |
EdDSA with Ed25519 curve | YES | SODIUM extension is highly required |
EdDSA with Ed448 curve | NO | No extension or built-in implementation available |
Other signature algorithms like RS1
, HS1
or HS256/64
are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Supported Key Encryption Algorithms
Key Encryption Algorithm | Supported | |
---|---|---|
dir | YES | |
RSA1_5 RSA-OAEP RSA-OAEP-256 | YES | GMP or BCMath extension is highly recommended Read note below! |
ECDH-ES ECDH-ES+A128KW ECDH-ES+A192KW ECDH-ES+A256KW | YES |
|
ECDH-SS ECDH-SS+A128KW ECDH-SS+A192KW ECDH-SS+A256KW | YES |
|
A128KW A192KW A256KW | YES |
|
PBES2-HS256+A128KW PBES2-HS384+A192KW PBES2-HS512+A256KW | YES |
|
A128GCMKW A192GCMKW A256GCMKW | YES |
|
ECDH-ES with X25519 curve | YES | SODIUM extension is highly required |
ECDH-ES with X448 curve | NO | No extension or built-in implementation available |
Other encryption algorithms like RSA-OEAP-384
or ChaCha20-Poly1305
are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
The algorithms RSA1_5
and RSA-OAEP
are now deprecated. Please use with caution.
Supported Content Encryption Algorithms
Content Encryption Algorithm | Supported |
---|---|
A128CBC+HS256 A192CBC+HS384 A256CBC+HS512 | YES |
A128GCM A192GCM A256GCM | YES |
Other encryption algorithms like A128CTR
, A192CTR
and A256CTR
are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Last updated