Cryptographic AlgorithmsΒΆ
The following algorithms MUST be supported:
Algorithm `alg` parameter value |
Description |
Operations |
References |
---|---|---|---|
ES256 |
Elliptic Curve Digital Signature Algorithm (ECDSA) using one of the enabled curves listed in the section below and SHA256. |
Signature |
|
ES384 |
Elliptic Curve Digital Signature Algorithm (ECDSA) using one of the enabled curves listed in the section below and SHA384. |
Signature |
|
ES512 |
Elliptic Curve Digital Signature Algorithm (ECDSA) using one of the enabled curves listed in the section below and SHA521. |
Signature |
|
RSA-OAEP-256 |
RSA Encryption Scheme with Optimal Asymmetric Encryption Padding (OAEP) using SHA256 hash function and the MGF1 with SHA-256 mask generation function. |
Key Encryption |
|
A128CBC-HS256 |
AES encryption in Cipher Block Chaining mode with 128-bit Initial Vector value, plus HMAC authentication using SHA-256 and truncating HMAC to 128 bits. |
Content Encryption |
|
A256CBC-HS512 |
AES encryption in Cipher Block Chaining mode with 256-bit Initial Vector value, plus HMAC authentication using SHA-512 and truncating HMAC to 256 bits. |
Content Encryption |
The following Elliptic Curves MUST be supported for the Elliptic Curve Digital Signature Algorithm:
Curve Family |
Short Curve Name |
References |
---|---|---|
Brainpool |
brainpoolP256r1, brainpoolP384r1, brainpoolP512r1. |
|
NIST |
P-256, P-384, P-521 |
The following algorithms are RECOMMENDED to be supported:
Algorithm `alg` parameter value |
Description |
Operations |
References |
---|---|---|---|
PS256 |
RSASSA (RSA with Signature Scheme Appendix) with PSS ( Probabilistic Signature Scheme) padding using SHA256 hash function and MGF1 mask generation function with SHA-256. |
Signature |
|
PS384 |
RSASSA (RSA with Signature Scheme Appendix) with PSS ( Probabilistic Signature Scheme) padding using SHA384 hash function and MGF1 mask generation function with SHA-384. |
Signature |
|
PS512 |
RSASSA (RSA with Signature Scheme Appendix) with PSS ( Probabilistic Signature Scheme) padding using SHA512 hash function and MGF1 mask generation function with SHA-512. |
Signature |
|
ECDH-ES |
Elliptic Curve Diffie-Hellman (ECDH) Ephemeral Static key agreement using Concat Key Derivation Function (KDF). |
Key Encryption |
|
ECDH-ES+A128KW |
ECDH-ES using Concat KDF and content encryption key (CEK) wrapped using AES with a key length of 128 (A128KW). |
Key Encryption |
|
ECDH-ES+A256KW |
ECDH-ES using Concat KDF and content encryption key (CEK) wrapped using AES with a key length of 256 (A256KW). |
Key Encryption |
The following algorithms MUST NOT be supported:
Algorithm `alg` parameter value |
Description |
Operations |
References |
---|---|---|---|
none |
Signature |
||
RSA_1_5 |
RSAES with PKCS1-v1_5 padding scheme. Use of this algorithm is generally not recommended. |
Key Encryption |
|
RSA-OAEP |
RSA Encryption Scheme with Optimal Asymmetric Encryption Padding (OAEP) using default parameters. |
Key Encryption |
|
HS256 |
HMAC using SHA256. |
Signature |
|
HS384 |
HMAC using SHA384. |
Signature |
|
HS512 |
HMAC using SHA512 |
Signature |