Provided Features
Last updated
Last updated
JWS or JWE objects support every input that can be encoded into JSON:
string
, array
, integer
, float
...
Objects that implement the \JsonSerializable
interface such as JWK
or JWKSet
The detached payload is supported.
Serialization syntax | JWS | JWE |
---|---|---|
Compression mode | Supported |
---|---|
Compression is not recommended. Please avoid its use. See RFC8725 for more information.
Key Type | Supported | Comment |
---|---|---|
JWK objects support JSON Web Key Thumbprint (RFC 7638).
A none
key type for the none
algorithm. It is used to explicitly allow this unsecured algorithm.
JWKSet is fully supported.
Other signature algorithms like RS1
, HS1
or HS256/64
are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Other encryption algorithms like RSA-OEAP-384
or ChaCha20-Poly1305
are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
The algorithms RSA1_5
and RSA-OAEP
are now deprecated. Please use with caution.
Other encryption algorithms like A128CTR
, A192CTR
and A256CTR
are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Signature Algorithm | Supported | Comment |
---|---|---|
Key Encryption Algorithm | Supported | |
---|---|---|
Content Encryption Algorithm | Supported |
---|---|
Compact
YES
YES
Flattened JSON
YES
YES
General JSON
YES
YES
Deflate (DEF
)
YES
oct
YES
Symmetric keys
RSA
YES
RSA based asymmetric keys
EC
YES
Elliptic Curves based asymmetric keys
OKP
YES
Octet Key Pair based asymmetric keys
HS256
HS384
HS512
YES
ES256
ES384
ES512
YES
RS256
RS384
RS512
YES
PS256
PS384
PS512
YES
GMP or BCMath extension is highly recommended
none
YES
Please note that this is not a secured algorithm. USE IT WITH CAUTION!
EdDSA with Ed25519 curve
YES
SODIUM extension is highly required
EdDSA with Ed448 curve
NO
No extension or built-in implementation available
dir
YES
RSA1_5
RSA-OAEP
RSA-OAEP-256
YES
GMP or BCMath extension is highly recommended Read note below!
ECDH-ES
ECDH-ES+A128KW
ECDH-ES+A192KW
ECDH-ES+A256KW
YES
spomky-labs/aes-key-wrap
is required for *KW algorithms
ECDH-SS
ECDH-SS+A128KW
ECDH-SS+A192KW
ECDH-SS+A256KW
YES
spomky-labs/aes-key-wrap
is required for *KW algorithms
A128KW
A192KW
A256KW
YES
spomky-labs/aes-key-wrap
is required
PBES2-HS256+A128KW
PBES2-HS384+A192KW
PBES2-HS512+A256KW
YES
spomky-labs/aes-key-wrap
is required
A128GCMKW
A192GCMKW
A256GCMKW
YES
spomky-labs/aes-key-wrap
is required
ECDH-ES with X25519 curve
YES
SODIUM extension is highly required
ECDH-ES with X448 curve
NO
No extension or built-in implementation available
A128CBC+HS256
A192CBC+HS384
A256CBC+HS512
YES
A128GCM
A192GCM
A256GCM
YES