Supported Algorithms

Key types

This version of WSOP supports the following key algorithms:

Algorithm Key Type Notes

AES

AES or Rijndael

ECDSA

ECDSA

Supported curves are:

  • P-256

  • P-384

  • P-521

RSA

RSA

SHA-256 HMAC

HMACSHA256

SHA-384 HMAC

HMACSHA384

SHA-512 HMAC

HMACSHA512

Signing algorithms

The following supported signing and verification algorithm identifiers are aligned to the JOSE IANA registry:

  • RS256

  • RS384

  • RS512

  • PS256

  • PS384

  • PS512

  • HS256

  • HS384

  • HS512

  • ES256

  • ES384

  • ES512

Product-specific signing algorithms

The following algorithms are available from the ECDSA-SHAXXX suite:

  • ECDSA-SHA256

  • ECDSA-SHA384

  • ECDSA-SHA512

Each of these elliptic curve (EC) algorithms for signing and verification uses the corresponding hash algorithm from the SHA2 family, and each allows the user to specify a key created using any one of the curves P-256, P-384, or P-521. This free choice contrasts with the Elliptic Curve JSON Web Algorithms (ES256, ES384, ES521). Each of those uses a matched pair of EC and hash function (P-256 with SHA-256, P-384 with SHA384, P-521 with SHA512) so that there is a close match in cryptographic security strength between the EC public/private key cryptography and the hash algorithm.

The security strength of any signature created using the ECDSA-SHAXXX suite will be the strength of its weakest part.

Encryption algorithms

The following supported encryption and decryption algorithm identifiers are aligned to the JOSE IANA registry:

  • RSA1_5

  • RSA-OAEP

  • RSA-OAEP-256

  • A128CBC

  • A192CBC

  • A256CBC

  • A128CBC-NOPAD

  • A192CBC-NOPAD

  • A256CBC-NOPAD

  • A128GCM

  • A192GCM

  • A256GCM