Javascript Object Signing and Encryption - JOSE


JavaScript Object Notation (JSON) is a text format for the serialization of structured data described in RFC 4627. The JSON format is often used for serializing and transmitting structured data over a network connection. With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services, which use encryption, digital signatures, message authentication codes (MACs) algorithms, that carry their data in JSON format.

see more …


RFC Title Date Pages Status
Active Internet-Drafts
draft-ietf-jose-cfrg-curves CFRG ECDH and signatures in JOSE - - -
RFC 7165 Use Cases and Requirements for JSON Object Signing and Encryption (JOSE) 2014-04 25 Informational
RFC 7515 JSON Web Signature (JWS) 2015-05 59 Proposed Standard
RFC 7516 JSON Web Encryption (JWE) 2015-05 51 Proposed Standard
RFC 7517 JSON Web Key (JWK) 2015-05 40 Proposed Standard
RFC 7518 JSON Web Algorithms (JWA) 2015-05 69 Proposed Standard
RFC 7519 JSON Web Token (JWT) 2015-05 30 Proposed Standard
RFC 7520 Examples of Protecting Content Using JSON Object Signing and Encryption (JOSE) 2015-05 120 Informational
RFC 7638 JSON Web Key (JWK) Thumbprint 2015-12 13 Standards Track
RFC 7797 JSON Web Signature (JWS) Unencoded Payload Option 2016-02 11 Standards Track
key-managed-json-web-signature Key Managed JSON Web Signature (KMJWS) - - -


jwk = {'k': <password>}


对称算法 HS256, HS384, HS512
非对称算法 RS256, RS384, RS512


.Net - Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for .NET

  1. - Charter
  2. - Documents
  3. - Javascript Object Signing and Encryption (JOSE) [github]
  4. - 基于Token的认证和基于声明的标识
  5. - Libraries, Products, and Tools