This page gives you an overview about the different standardized algorithms when using a JSON web token (JWT).
For a complete overview with much more explanations I recommend you to read the original docs - JSON Web Algorithms (JWA).
In the following tables "CPC solution" says if I'm providing a solution in one of my articles.
short name | long name | CPC solution |
---|---|---|
HS256 | HMAC using SHA-256 | ❌ |
HS384 | HMAC using SHA-384 | ❌ |
HS512 | HMAC using SHA-512 | ❌ |
RS256 | RSASSA-PKCS1-v1_5 using SHA-256 | ✅ |
RS384 | RSASSA-PKCS1-v1_5 using SHA-384 | ❌ |
RS512 | RSASSA-PKCS1-v1_5 using SHA-512 | ❌ |
ES256 | ECDSA using P-256 and SHA-256 | ❌ |
ES384 | ECDSA using P-384 and SHA-384 | ❌ |
ES512 | ECDSA using P-521 and SHA-512 | ❌ |
PS256 | RSASSA-PSS using SHA-256 and MGF1 with SHA-256 | ✅ |
PS384 | RSASSA-PSS using SHA-384 and MGF1 with SHA-384 | ❌ |
PS512 | RSASSA-PSS using SHA-512 and MGF1 with SHA-512 | ❌ |
none | No digital signature or MAC | ❌ |
short name | long name | CPC solution |
---|---|---|
RSA1_5 | RSAES-PKCS1-v1_5 | ✅ |
RSA-OAEP | RSAES OAEP using default parameters | ❌ |
RSA-OAEP-256 | RSAES OAEP using SHA-256 and MGF1 with SHA-256 | ✅ |
... | much more algorithms | ❌ |
short name | long name | CPC solution |
---|---|---|
A128CBC-HS256 | AES_128_CBC_HMAC_SHA_256 | ❌ |
A192CBC-HS384 | AES_192_CBC_HMAC_SHA_384 | ❌ |
A256CBC-HS512 | AES_256_CBC_HMAC_SHA_512 | ❌ |
A128GCM | AES GCM using 128-bit key | ❌ |
A192GCM | AES GCM using 192-bit key | ❌ |
A256GCM | AES GCM using 256-bit key | ✅ |
Last update: Feb. 22nd 2021
Back to the main page: readme.md or back to the JSON web token overview page.