Encryption Algorithms

This framework comes with several encryption algorithms. These algorithms are in the following namespaces:

  • Jose\Component\Encryption\Algorithm\KeyEncryption: key encryption algorithms

  • Jose\Component\Encryption\Algorithm\ContentEncryption: content encryption algorithms

Main Algorithms

Key Encryption

AlgorithmPackageAdditional header parameter

A128KW

A192KW

A256KW

web-token/jwt-encryption-algorithm-aeskw

No

A128GCMKW

A192GCMKW

A256GCMKW

web-token/jwt-encryption-algorithm-aesgcmkw

iv: (initialization vector) this value is the base64url-encoded representation of the 96-bit IV value used for the key encryption operation. tag: (authentication tag) the value is the base64url-encoded representation of the 128-bit Authentication Tag value resulting from the key encryption operation.

dir

web-token/jwt-encryption-algorithm-dir

No

ECDH-ES

ECDH-ES+A128KW

ECDH-ES+A192KW

ECDH-ES+A256KW

web-token/jwt-encryption-algorithm-ecdh-es

epk: (ephemeral public key) value created by the originator.

ECDH-SS

ECDH-SS+A128KW

ECDH-SS+A192KW

ECDH-SS+A256KW

web-token/jwt-encryption-algorithm-ecdh-es

No

PBES2-HS256+A128KW

PBES2-HS384+A192KW

PBES2-HS512+A256KW

web-token/jwt-encryption-algorithm-pbes2

p2s: (PBES2 salt input) encodes a Salt Input value, which is used as part of the PBKDF2 salt value. p2c: (PBES2 count) contains the PBKDF2 iteration count, represented as a positive JSON integer.

RSA1_5

RSA-OAEP

RSA-OAEP-256

web-token/jwt-encryption-algorithm-rsa

Please note that the additional header parameters MUST be present and MUST be understood. Depending on the algorithm you use, you may be required to check headers BEFORE the decryption operation. Please create a custom Header Checker for theses parameters.

Content Encryption

AlgorithmPackage

A128GCM

A192GCM

A256GCM

web-token/jwt-encryption-algorithm-aesgcm

A128CBC-HS256

A192CBC-HS384

A256CBC-HS512

web-token/jwt-encryption-algorithm-aescbc

The algorithm RSA1_5 is deprecated due to known security vulnerability.

The algorithms ECDH-ES* are not recommended unless used with the OKP key type.

Experimental Algorithms

The following algorithms are experimental and must not be used in production unless you know what you are doing. They are proposed for testing purpose only.

They are all part of the package web-token/jwt-encryption-algorithm-experimental

Key Encryption

AlgorithmDescription

A128CTR

A192CTR

A256CTR

AES CTR based encryption

Chacha20+Poly1305

Please note that this algorithm requires OpenSSL 1.1

RSA-OAEP-384

RSA-OAEP-512

Same algorithm as RSA-OAEP-256 but with SHA-384 and SHA-512 hashing functions

Content Encryption

AlgorithmDescription

A128CCM-16-128

A128CCM-16-64

A128CCM-64-128

A128CCM-64-64

A256CCM-16-128

A256CCM-16-64

A256CCM-64-128

A256CCM-64-64

AES-CCM based algorithms

How To Use

These algorithms have to be used with the Algorithm Manager.

<?php

use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Encryption\Algorithm\KeyEncryption\A128KW;
use Jose\Component\Encryption\Algorithm\KeyEncryption\PBES2HS256A128KW;
use Jose\Component\Encryption\Algorithm\ContentEncryption\A128CBCHS256;

$algorithmManager = new AlgorithmManager([
    new A128KW(),
    new PBES2HS256A128KW(),
    new A128CBCHS256(),
]);

By default, PBES2* algorithms use the following parameter values:

  • Salt size: 64 bytes (512 bits)

  • Count: 4096

You may need to use other values. This can be done during the instantiation of the algorithm:

Example with 16 bytes (128 bits) salt and 1024 counts:

<?php

use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Encryption\Algorithm\KeyEncryption\PBES2HS256A128KW;

$algorithmManager = new AlgorithmManager([
    new PBES2HS256A128KW(16, 1024),
]);

Last updated