1d4afb5ceSopenharmony_ci# JOSE support 2d4afb5ceSopenharmony_ci 3d4afb5ceSopenharmony_ciJOSE is a set of web standards aimed at encapsulating crypto 4d4afb5ceSopenharmony_cioperations flexibly inside JSON objects. 5d4afb5ceSopenharmony_ci 6d4afb5ceSopenharmony_ciLws provides lightweight apis to performs operations on JWK, JWS and JWE 7d4afb5ceSopenharmony_ciindependent of the tls backend in use. The JSON parsing is handled by the lws 8d4afb5ceSopenharmony_cilejp stream parser. 9d4afb5ceSopenharmony_ci 10d4afb5ceSopenharmony_ci|Part|RFC|Function| 11d4afb5ceSopenharmony_ci|---|---|---| 12d4afb5ceSopenharmony_ci|JWS|[RFC7515](https://tools.ietf.org/html/rfc7515)|JSON Web Signatures| 13d4afb5ceSopenharmony_ci|JWE|[RFC7516](https://tools.ietf.org/html/rfc7516)|JSON Web Encryption| 14d4afb5ceSopenharmony_ci|JWK|[RFC7517](https://tools.ietf.org/html/rfc7517)|JSON Web Keys| 15d4afb5ceSopenharmony_ci|JWA|[RFC7518](https://tools.ietf.org/html/rfc7518)|JSON Web Algorithms| 16d4afb5ceSopenharmony_ci 17d4afb5ceSopenharmony_ciJWA is a set of recommendations for which combinations of algorithms 18d4afb5ceSopenharmony_ciare deemed desirable and secure, which implies what must be done for 19d4afb5ceSopenharmony_ciuseful implementations of JWS, JWE and JWK. 20d4afb5ceSopenharmony_ci 21d4afb5ceSopenharmony_ci## Supported algorithms 22d4afb5ceSopenharmony_ci 23d4afb5ceSopenharmony_ci### Supported keys 24d4afb5ceSopenharmony_ci 25d4afb5ceSopenharmony_ci - All RFC7517 / JWK forms: octet, RSA and EC 26d4afb5ceSopenharmony_ci 27d4afb5ceSopenharmony_ci - singleton and keys[] arrays of keys supported 28d4afb5ceSopenharmony_ci 29d4afb5ceSopenharmony_ci### Symmetric ciphers 30d4afb5ceSopenharmony_ci 31d4afb5ceSopenharmony_ci - All common AES varaiants: CBC, CFB128, CFB8, CTR, EVB, OFB, KW and XTS 32d4afb5ceSopenharmony_ci 33d4afb5ceSopenharmony_ci### Asymmetric ciphers 34d4afb5ceSopenharmony_ci 35d4afb5ceSopenharmony_ci - RSA 36d4afb5ceSopenharmony_ci 37d4afb5ceSopenharmony_ci - EC (P-256, P-384 and P-521 JWA curves) 38d4afb5ceSopenharmony_ci 39d4afb5ceSopenharmony_ci### Payload auth and crypt 40d4afb5ceSopenharmony_ci 41d4afb5ceSopenharmony_ci - AES_128_CBC_HMAC_SHA_256 42d4afb5ceSopenharmony_ci - AES_192_CBC_HMAC_SHA_384 43d4afb5ceSopenharmony_ci - AES_256_CBC_HMAC_SHA_512 44d4afb5ceSopenharmony_ci - AES_128_GCM 45d4afb5ceSopenharmony_ci 46d4afb5ceSopenharmony_ciFor the required and recommended asymmetric algorithms, support currently 47d4afb5ceSopenharmony_cilooks like this 48d4afb5ceSopenharmony_ci 49d4afb5ceSopenharmony_ci|JWK kty|JWA|lws| 50d4afb5ceSopenharmony_ci|---|---|---| 51d4afb5ceSopenharmony_ci|EC|Recommended+|yes| 52d4afb5ceSopenharmony_ci|RSA|Required|yes| 53d4afb5ceSopenharmony_ci|oct|Required|yes| 54d4afb5ceSopenharmony_ci 55d4afb5ceSopenharmony_ci|JWE alg|JWA|lws| 56d4afb5ceSopenharmony_ci|---|---|---| 57d4afb5ceSopenharmony_ci|RSA1_5|Recommended-|yes| 58d4afb5ceSopenharmony_ci|RSA-OAEP|Recommended+|no| 59d4afb5ceSopenharmony_ci|ECDH-ES|Recommended+|no| 60d4afb5ceSopenharmony_ci 61d4afb5ceSopenharmony_ci|JWS alg|JWA|lws| 62d4afb5ceSopenharmony_ci|---|---|---| 63d4afb5ceSopenharmony_ci|HS256|Required|yes| 64d4afb5ceSopenharmony_ci|RS256|Recommended+|yes| 65d4afb5ceSopenharmony_ci|ES256|Recommended|yes| 66d4afb5ceSopenharmony_ci 67d4afb5ceSopenharmony_ci## Minimal Example tools 68d4afb5ceSopenharmony_ci 69d4afb5ceSopenharmony_ci[JWK](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/crypto/minimal-crypto-jwk) 70d4afb5ceSopenharmony_ci 71d4afb5ceSopenharmony_ci[JWS](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/crypto/minimal-crypto-jws) 72d4afb5ceSopenharmony_ci 73d4afb5ceSopenharmony_ci[JWE](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/crypto/minimal-crypto-jwe) 74d4afb5ceSopenharmony_ci 75d4afb5ceSopenharmony_ci## API tests 76d4afb5ceSopenharmony_ci 77d4afb5ceSopenharmony_ciSee `./minimal-examples/api-tests/api-test-jose/` for example test code. 78d4afb5ceSopenharmony_ciThe tests are built and confirmed during CI. 79d4afb5ceSopenharmony_ci 80