RFC7518: JSON Web Algorithms
This section contains the generic implementation of RFC7518.
Algorithms for JWS
The interface for JWS Algorithms are all inherit from
authlib.jose.rfc7515.JWSAlgorithm
.
Find how to use them in JSON Web Signature (JWS).
HMAC with SHA-2 Functions
This section is defined by RFC7518 Section 3.2.
- HS256: HMAC using SHA-256
- HS384: HMAC using SHA-384
- HS512: HMAC using SHA-512
Digital Signature with RSASSA-PKCS1-v1_5
Algorithms in this section requires extra crypto backends.
This section is defined by RFC7518 Section 3.3.
- RS256: RSASSA-PKCS1-v1_5 using SHA-256
- RS384: RSASSA-PKCS1-v1_5 using SHA-384
- RS512: RSASSA-PKCS1-v1_5 using SHA-384
Digital Signature with ECDSA
Algorithms in this section requires extra crypto backends.
This section is defined by RFC7518 Section 3.4.
- ES256: ECDSA using P-256 and SHA-256
- ES384: ECDSA using P-384 and SHA-384
- ES384: ECDSA using P-521 and SHA-521
Digital Signature with RSASSA-PSS
Algorithms in this section requires extra crypto backends.
This section is defined by RFC7518 Section 3.5.
- PS256: RSASSA-PSS using SHA-256 and MGF1 with SHA-256
- PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
- PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512
Algorithms for JWE
This section contains algorithms for JWE alg
and enc
header. For
alg
the interface are all inherited from
authlib.jose.rfc7516.JWEAlgorithm
. For enc
, the interface are
inherited from authlib.jose.rfc7516.JWEEncAlgorithm
.
Current available algorithms for alg
:
- RSA1_5: RSAES-PKCS1-v1_5
- RSA-OAEP: RSAES OAEP using default parameters
- RSA-OAEP-256: RSAES OAEP using SHA-256 and MGF1 with SHA-256
- A128KW: AES Key Wrap with default initial value using 128-bit key
- A192KW: AES Key Wrap with default initial value using 192-bit key
- A256KW: AES Key Wrap with default initial value using 256-bit key
- A128GCMKW: Key wrapping with AES GCM using 128-bit key
- A192GCMKW: Key wrapping with AES GCM using 192-bit key
- A256GCMKW: Key wrapping with AES GCM using 256-bit key
Current available algorithms for enc
:
- A128CBC-HS256
- A192CBC-HS384
- A256CBC-HS512
- A128GCM
- A192GCM
- A256GCM
Current available algorithms for zip
:
- DEF
Algorithms for JWK
This section defines the parameters for keys using the algorithms via
RFC7518 Section 6. The interface for JWK Algorithms are all inherited from
authlib.jose.rfc7517.JWKAlgorithm
. The available values of kty
:
- EC: Elliptic Curve (requires extra crypto backends)
- RSA: RSA (requires extra crypto backends)
- oct
Find how to use them in JSON Web Key (JWK).