Konubinix' opinionated web of thoughts

JSON Web Algorithm

Fleeting

“alg” (Algorithm) Header Parameter Values for JWS

The table below is the set of “alg” (algorithm) Header Parameter values defined by this specification for use with JWS, each of which is explained in more detail in the following sections:

“alg” Param Digital Signature or MAC Implementation
Value Algorithm Requirements
HS256 HMAC using SHA-256 Required
HS384 HMAC using SHA-384 Optional
HS512 HMAC using SHA-512 Optional
RS256 RSASSA-PKCS1-v1_5 using SHA-256 Recommended
RS384 RSASSA-PKCS1-v1_5 using SHA-384 Optional
RS512 RSASSA-PKCS1-v1_5 using SHA-512 Optional
ES256 ECDSA using P-256 and SHA-256 Recommended+
ES384 ECDSA using P-384 and SHA-384 Optional
ES512 ECDSA using P-521 and SHA-512 Optional
PS256 RSASSA-PSS using SHA-256 and MGF1 with SHA-256 Optional
PS384 RSASSA-PSS using SHA-384 and MGF1 with SHA-384 Optional
PS512 RSASSA-PSS using SHA-512 and MGF1 with SHA-512 Optional
none No digital signature or MAC performed Optional

https://datatracker.ietf.org/doc/html/rfc7518

“alg” (Algorithm) Header Parameter Values for JWE

The table below is the set of “alg” (algorithm) Header Parameter values that are defined by this specification for use with JWE. These algorithms are used to encrypt the CEK, producing the JWE Encrypted Key, or to use key agreement to agree upon the CEK.

 "alg" Param Value  
                    
                    
 Key Management     
 Algorithm          
                    
 More   
 Header 
 Params 
 Implementation 
 Requirements   
                
 RSA1_5             
 RSA-OAEP           
                    
 RSA-OAEP-256       
                    
                    
 A128KW             
                    
                    
                    
 A192KW             
                    
                    
                    
 A256KW             
                    
                    
                    
 dir                
                    
                    
 ECDH-ES            
                    
                    
                    
                    
 ECDH-ES+A128KW     
                    
                    
                    
 ECDH-ES+A192KW     
                    
                    
                    
 ECDH-ES+A256KW     
                    
                    
                    
 A128GCMKW          
                    
                    
 A192GCMKW          
                    
                    
 A256GCMKW          
                    
                    
 PBES2-HS256+A128KW 
                    
                    
 PBES2-HS384+A192KW 
                    
                    
 PBES2-HS512+A256KW 
                    
                    
 RSAES-PKCS1-v1_5   
 RSAES OAEP using   
 default parameters 
 RSAES OAEP using   
 SHA-256 and MGF1   
 with SHA-256       
 AES Key Wrap with  
 default initial    
 value using        
 128-bit key        
 AES Key Wrap with  
 default initial    
 value using        
 192-bit key        
 AES Key Wrap with  
 default initial    
 value using        
 256-bit key        
 Direct use of a    
 shared symmetric   
 key as the CEK     
 Elliptic Curve     
 Diffie-Hellman     
 Ephemeral Static   
 key agreement      
 using Concat KDF   
 ECDH-ES using      
 Concat KDF and CEK 
 wrapped with       
 "A128KW"           
 ECDH-ES using      
 Concat KDF and CEK 
 wrapped with       
 "A192KW"           
 ECDH-ES using      
 Concat KDF and CEK 
 wrapped with       
 "A256KW"           
 Key wrapping with  
 AES GCM using      
 128-bit key        
 Key wrapping with  
 AES GCM using      
 192-bit key        
 Key wrapping with  
 AES GCM using      
 256-bit key        
 PBES2 with HMAC    
 SHA-256 and        
 "A128KW" wrapping  
 PBES2 with HMAC    
 SHA-384 and        
 "A192KW" wrapping  
 PBES2 with HMAC    
 SHA-512 and        
 "A256KW" wrapping  
 (none) 
 (none) 
        
 (none) 
        
        
 (none) 
        
        
        
 (none) 
        
        
        
 (none) 
        
        
        
 (none) 
        
        
 "epk", 
 "apu", 
 "apv"  
        
        
 "epk", 
 "apu", 
 "apv"  
        
 "epk", 
 "apu", 
 "apv"  
        
 "epk", 
 "apu", 
 "apv"  
        
 "iv",  
 "tag"  
        
 "iv",  
 "tag"  
        
 "iv",  
 "tag"  
        
 "p2s", 
 "p2c"  
        
 "p2s", 
 "p2c"  
        
 "p2s", 
 "p2c"  
        
 Recommended-   
 Recommended+   
                
 Optional       
                
                
 Recommended    
                
                
                
 Optional       
                
                
                
 Recommended    
                
                
                
 Recommended    
                
                
 Recommended+   
                
                
                
                
 Recommended    
                
                
                
 Optional       
                
                
                
 Recommended    
                
                
                
 Optional       
                
                
 Optional       
                
                
 Optional       
                
                
 Optional       
                
                
 Optional       
                
                
 Optional       
                
                

https://datatracker.ietf.org/doc/html/rfc7518

Notes pointant ici