mirror of
https://github.com/danbulant/jose
synced 2026-05-25 04:51:47 +00:00
3.7 KiB
3.7 KiB
@panva/jose
TODO:
Table of Contents
TODO:
Implemented specs & features
Legend:
- ✓ Implemented
- ✕ Missing node crypto support / won't implement / not planned / PR welcome
- ◯ TODO
Remaining tasks:
- ✓ JWKS abstraction
- ✓
critJWE/JWS Header parameter handling - ✓
b64JWS crit support - ✓ JWE
ziphandling - ✓ JWE/JWS decrypt/verify algorithm whitelisting
- ◯ JWE/JWS reference (true/false for
kid, name of the field for other fields) - ◯ whitelist additional JWK reference fields (
kid,jku,x5c,x5t,x5t#S256,x5u) - ◯ README and documentation
- ◯ .d.ts types
- ◯ .github files (templates, CoC, Contributing)
- ◯
@panva/jwtcompactonly with convenience methods and options@panva/joseas a dependency
Won't implement:
- ✕ JWS embedded key / referenced verification - won't implement, who needs it can decode the header
and pass the (
x5c,jwk) to JWK.importKey and validate with that key, similarly the application can handle fetching the referencedx5uorjku - ✕ JWS detached content - won't implement, who needs it can remove/attach the payload after/before the respective operation
- ✕ "none" alg support, no crypto, no use, don't bother
| JWK Key Types | Supported | |
|---|---|---|
| RSA | ✓ | RSA |
| Elliptic Curve | ✓ | EC |
| Octet sequence | ✓ | oct |
| Serialization | JWS Sign | JWS Verify | JWE Encrypt | JWE Decrypt |
|---|---|---|---|---|
| Compact | ✓ | ✓ | ✓ | ✓ |
| General JSON | ✓ | ✓ | ✓ | ✓ |
| Flattened JSON | ✓ | ✓ | ✓ | ✓ |
| JWS Algorithms | Supported | |
|---|---|---|
| RSASSA-PKCS1-v1_5 | ✓ | RS256, RS384, RS512 |
| RSASSA-PSS | ✓ | PS256, PS384, PS512 |
| ECDSA | ✓ | ES256, ES384, ES512 |
| HMAC with SHA-2 | ✓ | HS256, HS384, HS512 |
| JWE Key Management Algorithms | Supported | |
|---|---|---|
| AES | ✓ | A128KW, A192KW, A256KW |
| AES GCM | ✓ | A128GCMKW, A192GCMKW, A256GCMKW |
| Direct Key Agreement | ✓ | dir |
| RSAES OAEP | ✓* | RSA-OAEP (*RSA-OAEP-256 is not supported due to its lack of support in Node.JS) |
| RSAES-PKCS1-v1_5 | ✓ | RSA1_5 |
| PBES2 | ✓ | PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW |
| ECDH-ES | ✓ | ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW |
| JWE Content Encryption Algorithms | Supported | |
|---|---|---|
| AES GCM | ✓ | A128GCM, A192GCM, A256GCM |
| AES_CBC_HMAC_SHA2 | ✓ | A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 |
Missing a feature? - If it wasn't already discussed before, ask for it.
Found a bug? - report it.
Support
If you or your business use @panva/jose, please consider becoming a Patron so I can continue maintaining it and adding new features carefree. You may also donate one-time via PayPal.
Usage
TODO: