dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-25 04:51:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
jose/README.md
Filip Skokan 7bc3cc4c71 feat: resolving alg/enc, crit members, add tests
2019-02-20 23:12:08 +01:00

3.5 KiB
Raw Blame History

ultimate-jose

build codecov

TODO:

Table of Contents

TODO:

Implemented specs & features

  • Implemented
  • Missing node crypto support / won't implement / not planned / PR welcome
  • TODO
  • ✓ JWKS abstraction
  • crit JWE/JWS Header parameter handling
  • b64 JWS handling
  • ◯ JWE zip handling
  • ◯ JWE/JWS decrypt/verify algorithm whitelisting
  • ◯ JWE/JWS reference (true/false for kid, name of the field for other fields)
  • ◯ README and documentation
  • ◯ whitelist additional JWK reference fields (kid, jku, x5c, x5t, x5t#S256, x5u)
  • ✕ JWS embedded key / referenced verification - won't implement, who needs it can decode the header and pass the (x5c, jwk) to JWK.importKey and validate with that key, similarly the application can handle fetching the referenced x5u or jku
  • ✕ JWS detached content - won't implement, who needs it can remove/attach the payload after/before the respective operation
JWK Key Types Supported
RSA RSA
Elliptic Curve EC
Octet sequence oct
Serialization JWS Sign JWS Verify JWE Encrypt JWE Decrypt
Compact
General JSON
Flattened JSON
JWS Algorithms Supported
RSASSA-PKCS1-v1_5 RS256, RS384, RS512
RSASSA-PSS PS256, PS384, PS512
ECDSA ES256, ES384, ES512
HMAC with SHA-2 HS256, HS384, HS512
JWE Key Management Algorithms Supported
AES A128KW, A192KW, A256KW
AES GCM A128GCMKW, A192GCMKW, A256GCMKW
Direct Key Agreement dir
RSAES OAEP * RSA-OAEP (*RSA-OAEP-256 is not supported due to its lack of support in Node.JS)
RSAES-PKCS1-v1_5 RSA1_5
PBES2 PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW
ECDH-ES ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW
JWE Content Encryption Algorithms Supported
AES GCM A128GCM, A192GCM, A256GCM
AES_CBC_HMAC_SHA2 A128CBC-HS256, A192CBC-HS384, A256CBC-HS512

Missing a feature? - If it wasn't already discussed before, ask for it.
Found a bug? - report it.

Support

If you or your business use ultimate-jose, please consider becoming a Patron so I can continue maintaining it and adding new features carefree. You may also donate one-time via PayPal.

Usage

TODO: