UNPKG

jose/CHANGELOG.md

Version:
20.4 kBMarkdownView Raw
1# Change Log
2
3All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
4
5## [1.25.2](https://github.com/panva/jose/compare/v1.25.1...v1.25.2) (2020-04-15)
6
7
8### Bug Fixes
9
10* **build:** don't publish junk files ([6e98c1a](https://github.com/panva/jose/commit/6e98c1a5f994224b9412fc47c4065b468c89fe2c))
11
12
13
14## [1.25.1](https://github.com/panva/jose/compare/v1.25.0...v1.25.1) (2020-04-15)
15
16
17### Bug Fixes
18
19* use native openssl AES Key Wrap 🤦 ([dcf8d75](https://github.com/panva/jose/commit/dcf8d75a8aca4f05fe04df64fdd2ba50bbc75bc9))
20
21
22
23# [1.25.0](https://github.com/panva/jose/compare/v1.24.1...v1.25.0) (2020-03-11)
24
25
26### Features
27
28* update JWT Profile for OAuth 2.0 Access Tokens to latest draft ([bc77a15](https://github.com/panva/jose/commit/bc77a15fab10f8a29561ef667a923b2f074fa9b3))
29
30
31
32## [1.24.1](https://github.com/panva/jose/compare/v1.24.0...v1.24.1) (2020-03-05)
33
34
35### Bug Fixes
36
37* allow importing simpler passphrases as `oct` keys ([f86bda3](https://github.com/panva/jose/commit/f86bda3bb709f29e4264fb8de45242f518128744))
38
39
40
41# [1.24.0](https://github.com/panva/jose/compare/v1.23.0...v1.24.0) (2020-02-25)
42
43
44### Features
45
46* add JWT.verify "typ" option for checking JWT Type Header parameter ([fc08426](https://github.com/panva/jose/commit/fc08426466233709b442ba21232768ddeeb94e56))
47
48
49
50# [1.23.0](https://github.com/panva/jose/compare/v1.22.2...v1.23.0) (2020-02-18)
51
52
53### Bug Fixes
54
55* **typescript:** add optional JWK.Key props and make them readonly ([b92079c](https://github.com/panva/jose/commit/b92079cb64216b8ea91082adc07ac03972dbbb0e)), closes [#67](https://github.com/panva/jose/issues/67)
56
57
58### Features
59
60* add ECDH-ES with X25519 and X448 OKP keys ([38369ea](https://github.com/panva/jose/commit/38369ea3d72812abe7ecebd6dc7da164b0a2e29d))
61* add RSA-OAEP-384 and RSA-OAEP-512 JWE Key Management Algorithms ([7477f08](https://github.com/panva/jose/commit/7477f0831b38765a9a916b35b1d40aaf11f0e6b8))
62
63
64
65## [1.22.2](https://github.com/panva/jose/compare/v1.22.1...v1.22.2) (2020-02-06)
66
67
68### Performance Improvements
69
70* various codepaths refactored ([3e3d7dd](https://github.com/panva/jose/commit/3e3d7dd38168159e188e54c48a9f83e3a02a8fe1))
71
72
73
74## [1.22.1](https://github.com/panva/jose/compare/v1.22.0...v1.22.1) (2020-02-03)
75
76
77### Bug Fixes
78
79* actually remove the base64url proper encoding check ([eae01b5](https://github.com/panva/jose/commit/eae01b57ab9f33e8c621ffcd2a77d513a51d22b2))
80
81
82
83# [1.22.0](https://github.com/panva/jose/compare/v1.21.1...v1.22.0) (2020-01-29)
84
85
86### Features
87
88* keystore filtering by JWK Key thumbprint ([a9f6f71](https://github.com/panva/jose/commit/a9f6f7135005d6231d6f42d95c02414139a89d17))
89
90
91### Performance Improvements
92
93* base64url decode, JWT.verify, JWK.Key instance re-use ([470b4c7](https://github.com/panva/jose/commit/470b4c73154e1fcf8b92726d521940e5e11c9d94))
94
95
96
97## [1.21.1](https://github.com/panva/jose/compare/v1.21.0...v1.21.1) (2020-01-25)
98
99
100### Bug Fixes
101
102* contactKDF iteration count fixed for key sizes larger than 256 bits ([70ff222](https://github.com/panva/jose/commit/70ff22227ad303e57228dc8351688531499a833a))
103
104
105
106# [1.21.0](https://github.com/panva/jose/compare/v1.20.0...v1.21.0) (2020-01-23)
107
108
109### Bug Fixes
110
111* **typescript:** don't expose non existant classes, fix decode key ([0f8bf88](https://github.com/panva/jose/commit/0f8bf886da1b5d02cd0d968d0ec02a58673df258))
112
113
114### Features
115
116* add opt-in support for Unsecured JWS algorithm "none" ([3a6d17f](https://github.com/panva/jose/commit/3a6d17fdd18d8bbd074c07c2dd08f0406c16a8f1))
117
118
119
120# [1.20.0](https://github.com/panva/jose/compare/v1.19.0...v1.20.0) (2020-01-16)
121
122
123### Features
124
125* add JWTExpired error and JWTClaimInvalid claim and reason props ([a0c0c7a](https://github.com/panva/jose/commit/a0c0c7ad70f42d9b23b3e71de43599a8ac6fe1ff)), closes [#62](https://github.com/panva/jose/issues/62)
126
127
128
129# [1.19.0](https://github.com/panva/jose/compare/v1.18.2...v1.19.0) (2020-01-13)
130
131
132### Features
133
134* exposed shorthands for JWT verification profiles ([b1864e3](https://github.com/panva/jose/commit/b1864e319d1a7a42eadfa0c4b0145952e7814726))
135
136
137
138## [1.18.2](https://github.com/panva/jose/compare/v1.18.1...v1.18.2) (2020-01-08)
139
140
141### Bug Fixes
142
143* ensure asn1.js version to remove Buffer deprecation notice ([13b1106](https://github.com/panva/jose/commit/13b1106048fdeae00b09d54f05245dded85b14a7))
144* expose JOSENotSupported key import errors on unsupported runtimes ([bc81e5d](https://github.com/panva/jose/commit/bc81e5dec2987f6ce6dc3fa5daa23dfe620c0a34))
145* typo in JOSENotSupported error when x509 certs are not supported ([bb58c9c](https://github.com/panva/jose/commit/bb58c9ce52e807ca4cfad6bcbf1ab96b91778b1f))
146
147
148
149## [1.18.1](https://github.com/panva/jose/compare/v1.18.0...v1.18.1) (2020-01-01)
150
151
152### Bug Fixes
153
154* force iat past check when maxTokenAge option is used + JWT refactor ([828ad5a](https://github.com/panva/jose/commit/828ad5a33dc0cc0049923b69f43f97463295456e))
155
156
157
158# [1.18.0](https://github.com/panva/jose/compare/v1.17.2...v1.18.0) (2019-12-31)
159
160
161### Features
162
163* add JWT validation profiles for Access Tokens and Logout Tokens ([7bb5c95](https://github.com/panva/jose/commit/7bb5c953a9c6d9bd915e8ebc0608bc0649427745))
164
165
166
167## [1.17.2](https://github.com/panva/jose/compare/v1.17.1...v1.17.2) (2019-12-17)
168
169
170### Bug Fixes
171
172* skip validating iat is in the past when exp is present ([0ed5025](https://github.com/panva/jose/commit/0ed5025de30a754de95ae2587ce0f4573909b006))
173
174
175
176## [1.17.1](https://github.com/panva/jose/compare/v1.17.0...v1.17.1) (2019-12-10)
177
178
179### Bug Fixes
180
181* properly fail to import unsupported openssh keys ([bee5744](https://github.com/panva/jose/commit/bee574457f29597ccab09d51ac61b85dd7a7146a))
182
183
184
185# [1.17.0](https://github.com/panva/jose/compare/v1.16.2...v1.17.0) (2019-12-10)
186
187
188### Features
189
190* importing a certificate populates x5c and x5t thumbprints ([25a7a71](https://github.com/panva/jose/commit/25a7a71915c4f7514536cec9e7e162d0ad3b670c)), closes [#59](https://github.com/panva/jose/issues/59)
191
192
193
194## [1.16.2](https://github.com/panva/jose/compare/v1.16.1...v1.16.2) (2019-12-05)
195
196
197### Bug Fixes
198
199* handle Unencoded Payload (b64:false) with arbitrary buffer payloads ([daabedc](https://github.com/panva/jose/commit/daabedc776617f4fde427b3a5e79d8c176293132)), closes [#57](https://github.com/panva/jose/issues/57)
200
201
202
203## [1.16.1](https://github.com/panva/jose/compare/v1.16.0...v1.16.1) (2019-12-05)
204
205
206### Bug Fixes
207
208* allow PBES2 for the correct JWK `use` values ([f0d7194](https://github.com/panva/jose/commit/f0d719416ec9ca041ea88b8a983b5d899a6aa107))
209
210
211
212# [1.16.0](https://github.com/panva/jose/compare/v1.15.1...v1.16.0) (2019-12-04)
213
214
215### Features
216
217* two official jose plugins/extensions for those living on the edge ([5b27c97](https://github.com/panva/jose/commit/5b27c97ac8836ffa9f3880e009c8db5afbfbaa2c)), closes [#56](https://github.com/panva/jose/issues/56)
218
219
220
221## [1.15.1](https://github.com/panva/jose/compare/v1.15.0...v1.15.1) (2019-11-30)
222
223
224### Bug Fixes
225
226* **typescript:** export Key Input types ([0277fcd](https://github.com/panva/jose/commit/0277fcd1896af497e79190212b0719f7e62366c1))
227
228
229
230# [1.15.0](https://github.com/panva/jose/compare/v1.14.0...v1.15.0) (2019-11-27)
231
232
233### Bug Fixes
234
235* default JWT.sign `kid` option value is false for HMAC signatures ([ce77388](https://github.com/panva/jose/commit/ce7738825403f8cdb8f99cb51c096baf0dfa3af7))
236
237
238### Features
239
240* allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations ([5e1009a](https://github.com/panva/jose/commit/5e1009a63e4bc829009cc46d6295c00f8431024c))
241
242
243
244# [1.14.0](https://github.com/panva/jose/compare/v1.13.0...v1.14.0) (2019-11-26)
245
246
247### Features
248
249* allow JWKS.KeyStore .all and .get to filter for key curves ([ea60338](https://github.com/panva/jose/commit/ea60338ca6f58f2626992a38da76812477ce4540))
250
251
252
253# [1.13.0](https://github.com/panva/jose/compare/v1.12.1...v1.13.0) (2019-11-23)
254
255
256### Features
257
258* return the CEK from JWE.decrypt operation with { complete: true } ([c3eb845](https://github.com/panva/jose/commit/c3eb8450b98b2f5ecc127d69afe85a7ae2cc5aaa))
259
260
261
262## [1.12.1](https://github.com/panva/jose/compare/v1.12.0...v1.12.1) (2019-11-14)
263
264
265
266# [1.12.0](https://github.com/panva/jose/compare/v1.11.0...v1.12.0) (2019-11-05)
267
268
269### Features
270
271* add JWS.verify encoding and parsing options ([6bb66d4](https://github.com/panva/jose/commit/6bb66d4f0b4c96f2da8ac5f14fda6bc4f53f2994))
272
273
274
275# [1.11.0](https://github.com/panva/jose/compare/v1.10.2...v1.11.0) (2019-11-03)
276
277
278### Features
279
280* expose crypto.KeyObject instances in supported runtimes ([8ea9683](https://github.com/panva/jose/commit/8ea968312e97ed0f992fab909a20e7993159ec45))
281
282
283
284## [1.10.2](https://github.com/panva/jose/compare/v1.10.1...v1.10.2) (2019-10-29)
285
286
287### Bug Fixes
288
289* only use secp256k1 keys for signing/verification ([9588223](https://github.com/panva/jose/commit/95882232d6d409a321b6a8c168f5b78ebbdabf95))
290
291
292
293## [1.10.1](https://github.com/panva/jose/compare/v1.10.0...v1.10.1) (2019-10-04)
294
295
296### Bug Fixes
297
298* throw proper error when runtime doesn't support OKP ([0a16efb](https://github.com/panva/jose/commit/0a16efb)), closes [#48](https://github.com/panva/jose/issues/48)
299
300
301
302# [1.10.0](https://github.com/panva/jose/compare/v1.9.2...v1.10.0) (2019-10-01)
303
304
305### Features
306
307* rename package ([26f4cf2](https://github.com/panva/jose/commit/26f4cf2))
308
309
310
311## [1.9.2](https://github.com/panva/jose/compare/v1.9.1...v1.9.2) (2019-09-16)
312
313
314### Bug Fixes
315
316* keystore.toJWKS(true) does not throw on public keys ([81abdfa](https://github.com/panva/jose/commit/81abdfa)), closes [#42](https://github.com/panva/jose/issues/42)
317
318
319
320## [1.9.1](https://github.com/panva/jose/compare/v1.9.0...v1.9.1) (2019-09-10)
321
322
323
324# [1.9.0](https://github.com/panva/jose/compare/v1.8.0...v1.9.0) (2019-08-24)
325
326
327### Features
328
329* allow JWKS.asKeyStore to swallow errors ([78398d3](https://github.com/panva/jose/commit/78398d3))
330
331
332
333# [1.8.0](https://github.com/panva/jose/compare/v1.7.0...v1.8.0) (2019-08-22)
334
335
336### Features
337
338* added Node.js lts/dubnium support for runtime supported features ([67a8601](https://github.com/panva/jose/commit/67a8601))
339
340
341
342# [1.7.0](https://github.com/panva/jose/compare/v1.6.1...v1.7.0) (2019-08-20)
343
344
345### Features
346
347* add RSA-OAEP-256 support (when a node version supports it) ([28d7cf8](https://github.com/panva/jose/commit/28d7cf8)), closes [#29](https://github.com/panva/jose/issues/29)
348
349
350
351## [1.6.1](https://github.com/panva/jose/compare/v1.6.0...v1.6.1) (2019-07-29)
352
353
354### Bug Fixes
355
356* properly pad calculated RSA primes ([dd121ce](https://github.com/panva/jose/commit/dd121ce))
357
358
359
360# [1.6.0](https://github.com/panva/jose/compare/v1.5.2...v1.6.0) (2019-07-27)
361
362
363### Bug Fixes
364
365* use the correct ECPrivateKey version when importing EC JWK ([24acd20](https://github.com/panva/jose/commit/24acd20))
366
367
368### Features
369
370* electron v6.x support ([e7ad82c](https://github.com/panva/jose/commit/e7ad82c))
371
372
373
374## [1.5.2](https://github.com/panva/jose/compare/v1.5.1...v1.5.2) (2019-07-27)
375
376
377### Bug Fixes
378
379* importing x5c in electron requires the input split ([181fd09](https://github.com/panva/jose/commit/181fd09))
380
381
382
383## [1.5.1](https://github.com/panva/jose/compare/v1.5.0...v1.5.1) (2019-07-27)
384
385
386### Bug Fixes
387
388* correctly pad integers when importing RSA JWK ([1dc7f35](https://github.com/panva/jose/commit/1dc7f35))
389
390
391
392# [1.5.0](https://github.com/panva/jose/compare/v1.4.1...v1.5.0) (2019-07-23)
393
394
395### Features
396
397* validate JWTs according to a JWT profile - ID Token ([6c98b61](https://github.com/panva/jose/commit/6c98b61))
398
399
400
401## [1.4.1](https://github.com/panva/jose/compare/v1.4.0...v1.4.1) (2019-07-14)
402
403
404### Bug Fixes
405
406* honour the JWT.sign `jti` option ([36c9ce2](https://github.com/panva/jose/commit/36c9ce2)), closes [#33](https://github.com/panva/jose/issues/33)
407
408
409
410# [1.4.0](https://github.com/panva/jose/compare/v1.3.0...v1.4.0) (2019-07-08)
411
412
413### Features
414
415* add secp256k1 EC Key curve and ES256K ([211d7af](https://github.com/panva/jose/commit/211d7af))
416
417
418
419# [1.3.0](https://github.com/panva/jose/compare/v1.0.2...c51dc28) (2019-06-21)
420
421
422### Features
423
424* compute private RSA key p, q, dp, dq, qi when omitted ([6e3d6fd](https://github.com/panva/jose/commit/6e3d6fd)), closes [#26](https://github.com/panva/jose/issues/26)
425* add support for JWK x5c, x5t and x5t#S256 ([9d46c48](https://github.com/panva/jose/commit/9d46c48))
426* instances of JWKS.KeyStore are now iterable (e.g. for ... of) ([2eae293](https://github.com/panva/jose/commit/2eae293))
427
428### Bug Fixes
429
430* limit calculation of missing RSA private components ([5b53cb0](https://github.com/panva/jose/commit/5b53cb0))
431* reject rsa keys without all factors and exponents with a specific message ([b0ff436](https://github.com/panva/jose/commit/b0ff436))
432
433### Deprecations
434
435- this deprecates the use of `JWK.importKey` in favor of
436`JWK.asKey`
437- this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
438`JWKS.asKeyStore`
439
440Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
441in the process getting blocked when large bitsize RSA private keys
442were missing their components and could also result in an endless
443calculation loop when the private key's private exponent was outright
444invalid or tampered with.
445
446The new methods still allow to import private RSA keys with these
447optimization key parameters missing but it is disabled by default and one
448should choose to enable it when working with keys from trusted sources
449
450It is recommended not to use `jose` versions with this feature in
451its original on-by-default form - v1.1.0 and v1.2.0
452
453
454
455## [1.0.2](https://github.com/panva/jose/compare/v1.0.1...v1.0.2) (2019-05-13)
456
457
458### Bug Fixes
459
460* add missing keystore.toJWKS() .d.ts definition ([c7a8606](https://github.com/panva/jose/commit/c7a8606)), closes [#25](https://github.com/panva/jose/issues/25)
461
462
463
464## [1.0.1](https://github.com/panva/jose/compare/v1.0.0...v1.0.1) (2019-04-27)
465
466
467### Bug Fixes
468
469* oct key ts "k" type fix ([0750d2c](https://github.com/panva/jose/commit/0750d2c))
470
471
472
473<a name="1.0.0"></a>
474# [1.0.0](https://github.com/panva/jose/compare/v0.12.0...v1.0.0) (2019-04-23)
475
476
477### Bug Fixes
478
479* fail to import invalid PEM formatted strings and buffers ([857dc2b](https://github.com/panva/jose/commit/857dc2b))
480
481
482### Features
483
484* add JWK key_ops support, fix .algorithms() op returns ([23b874c](https://github.com/panva/jose/commit/23b874c))
485* add key.toPEM() export function with optional encryption ([1159b0d](https://github.com/panva/jose/commit/1159b0d))
486* add OKP Key and EdDSA sign/verify support ([2dbd3ed](https://github.com/panva/jose/commit/2dbd3ed)), closes [#12](https://github.com/panva/jose/issues/12)
487
488
489### BREAKING CHANGES
490
491* key.algorithms(op) un+wrapKey was split into correct
492wrapKey/unwrapKey/deriveKey returns
493* keystore.all and keystore.get `operation` option was
494removed, `key_ops: string[]` supersedes it
495* Node.js minimal version is now v12.0.0 due to its
496added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)
497
498
499
500<a name="0.12.0"></a>
501# [0.12.0](https://github.com/panva/jose/compare/v0.11.5...v0.12.0) (2019-04-07)
502
503
504### Reverts
505
506* add EC P-256K JWK and ES256K sign/verify support ([e21fea1](https://github.com/panva/jose/commit/e21fea1))
507
508
509### BREAKING CHANGES
510
511* removing ES256K alg and EC P-256K crv support until the
512IETF WG decides on what the final names will be.
513
514
515
516<a name="0.11.5"></a>
517## [0.11.5](https://github.com/panva/jose/compare/v0.11.4...v0.11.5) (2019-04-04)
518
519
520### Features
521
522* add key.secret<boolean> and key.type<string> for completeness ([2dd7053](https://github.com/panva/jose/commit/2dd7053))
523* add key.thumbprint always returning the JWK Thumbprint (RFC7638) ([65db7e0](https://github.com/panva/jose/commit/65db7e0))
524
525
526
527<a name="0.11.4"></a>
528## [0.11.4](https://github.com/panva/jose/compare/v0.11.3...v0.11.4) (2019-03-28)
529
530
531### Bug Fixes
532
533* properly restrict EC curves in generate(Sync) ([764b863](https://github.com/panva/jose/commit/764b863))
534* remove unintended exposure of private material via enumerables ([946d9df](https://github.com/panva/jose/commit/946d9df))
535
536
537
538<a name="0.11.3"></a>
539## [0.11.3](https://github.com/panva/jose/compare/v0.11.2...v0.11.3) (2019-03-27)
540
541
542### Bug Fixes
543
544* throw on unsupported EC curves ([cfa4222](https://github.com/panva/jose/commit/cfa4222))
545
546
547### Features
548
549* add EC P-256K JWK and ES256K sign/verify support ([2e33e1c](https://github.com/panva/jose/commit/2e33e1c))
550
551
552
553<a name="0.11.2"></a>
554## [0.11.2](https://github.com/panva/jose/compare/v0.11.1...v0.11.2) (2019-03-19)
555
556
557### Bug Fixes
558
559* internal symbol method is now really a symbol ([925d47c](https://github.com/panva/jose/commit/925d47c))
560* key.toJWK() fixed on windows ([57f1692](https://github.com/panva/jose/commit/57f1692)), closes [#17](https://github.com/panva/jose/issues/17)
561
562
563## [0.11.1](https://github.com/panva/jose/compare/v0.11.0...v0.11.1) (2019-03-17)
564
565
566### Bug Fixes
567
568* restrict RS key algorithms by the key's bit size ([9af295b](https://github.com/panva/jose/commit/9af295b))
569
570
571# [0.11.0](https://github.com/panva/jose/compare/v0.10.0...v0.11.0) (2019-03-16)
572
573
574### Bug Fixes
575
576* all JWA defined RSA operations require key of 2048 or more ([cc70c5d](https://github.com/panva/jose/commit/cc70c5d))
577* use correct salt length for RSASSA-PSS ([e936d54](https://github.com/panva/jose/commit/e936d54))
578
579
580### BREAKING CHANGES
581
582* all [JWA](https://tools.ietf.org/html/rfc7518) defined
583RSA based operations require key size of 2048 bits or more.
584
585
586
587# [0.10.0](https://github.com/panva/jose/compare/v0.9.2...v0.10.0) (2019-03-12)
588
589
590### Bug Fixes
591
592* do not list "dir" under wrap/unwrapKey operations ([17b37d3](https://github.com/panva/jose/commit/17b37d3))
593
594
595### Features
596
597* keystore .all and .get operation option ([d349ba9](https://github.com/panva/jose/commit/d349ba9))
598
599
600### BREAKING CHANGES
601
602* "dir" is no longer returned as wrap/unwrapKey key
603operation
604
605
606
607## [0.9.2](https://github.com/panva/jose/compare/v0.9.1...v0.9.2) (2019-03-05)
608
609
610### Bug Fixes
611
612* "dir" is only available on keys with correct lengths ([6854860](https://github.com/panva/jose/commit/6854860))
613* do not 'in' operator when importing keys as string ([be3f4e4](https://github.com/panva/jose/commit/be3f4e4))
614
615
616
617## [0.9.1](https://github.com/panva/jose/compare/v0.9.0...v0.9.1) (2019-03-02)
618
619
620### Bug Fixes
621
622* only import RSA, EC and oct successfully ([e5e02fc](https://github.com/panva/jose/commit/e5e02fc))
623
624
625# 0.9.0 (2019-03-02)
626
627Initial release
628
629### Implemented Features
630
631- JSON Web Signature (JWS) - [RFC7515][spec-jws]
632- JSON Web Encryption (JWE) - [RFC7516][spec-jwe]
633- JSON Web Key (JWK) - [RFC7517][spec-jwk]
634- JSON Web Algorithms (JWA) - [RFC7518][spec-jwa]
635- JSON Web Token (JWT) - [RFC7519][spec-jwt]
636- JSON Web Key (JWK) Thumbprint - [RFC7638][spec-thumbprint]
637- JWS Unencoded Payload Option - [RFC7797][spec-b64]
638
639| JWK Key Types | Supported ||
640| -- | -- | -- |
641| RSA | ✓ | RSA |
642| Elliptic Curve | ✓ | EC |
643| Octet sequence | ✓ | oct |
644
645| Serialization | JWS Sign | JWS Verify | JWE Encrypt | JWE Decrypt |
646| -- | -- | -- | -- | -- |
647| Compact | ✓ | ✓ | ✓ | ✓ |
648| General JSON | ✓ | ✓ | ✓ | ✓ |
649| Flattened JSON  | ✓ | ✓ | ✓ | ✓ |
650
651| JWS Algorithms | Supported ||
652| -- | -- | -- |
653| RSASSA-PKCS1-v1_5 | ✓ | RS256, RS384, RS512 |
654| RSASSA-PSS | ✓ | PS256, PS384, PS512 |
655| ECDSA | ✓ | ES256, ES384, ES512 |
656| HMAC with SHA-2 | ✓ | HS256, HS384, HS512 |
657
658| JWE Key Management Algorithms | Supported ||
659| -- | -- | -- |
660| AES | ✓ | A128KW, A192KW, A256KW |
661| AES GCM | ✓ | A128GCMKW, A192GCMKW, A256GCMKW |
662| Direct Key Agreement | ✓ | dir |
663| RSAES OAEP | ✓<sup>*</sup> | RSA-OAEP <sub>(<sup>*</sup>RSA-OAEP-256 is not supported due to its lack of support in Node.js)</sub> |
664| RSAES-PKCS1-v1_5 | ✓ | RSA1_5 |
665| PBES2 | ✓ | PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW |
666| ECDH-ES | ✓ | ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW |
667
668| JWE Content Encryption Algorithms | Supported ||
669| -- | -- | -- |
670| AES GCM | ✓ | A128GCM, A192GCM, A256GCM |
671| AES_CBC_HMAC_SHA2 | ✓ |  A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 |
672
673[spec-b64]: https://tools.ietf.org/html/rfc7797
674[spec-jwa]: https://tools.ietf.org/html/rfc7518
675[spec-jwe]: https://tools.ietf.org/html/rfc7516
676[spec-jwk]: https://tools.ietf.org/html/rfc7517
677[spec-jws]: https://tools.ietf.org/html/rfc7515
678[spec-jwt]: https://tools.ietf.org/html/rfc7519
679[spec-thumbprint]: https://tools.ietf.org/html/rfc7638