52.5.1JWT Signature Algorithms

 

The following table shows JWT signature algorithms that are supported in Smile CDR for both signing and signature verification of JSON Web Tokens.

NameAlgorithmNotes
HS256HMAC using SHA-256 hash algorithmThe HMAC+SHA family of algorithms requires a secret key to be shared between the issuing server and the verifying server, so the private key must be explicitly defined in the server definition configured with Smile CDR.
HS384HMAC using SHA-384 hash algorithm
HS512HMAC using SHA-512 hash algorithm
RS256RSASSA-PKCS-v1_5 using SHA-256 hash algorithm
RS384RSASSA-PKCS-v1_5 using SHA-384 hash algorithm
RS512RSASSA-PKCS-v1_5 using SHA-512 hash algorithm
ES256ECDSA using P-256 (secp256r1) curve and SHA-256 hash algorithm
ES256KECDSA using P-256K (secp256k1) curve and SHA-256 hash algorithm
ES384ECDSA using P-384 curve and SHA-384 hash algorithm
ES512ECDSA using P-521 curve and SHA-512 hash algorithm
PS256RSASSA-PSS using SHA-256 hash algorithm and MGF1 mask generation function with SHA-256
PS384RSASSA-PSS using SHA-384 hash algorithm and MGF1 mask generation function with SHA-384
PS512RSASSA-PSS using SHA-512 hash algorithm and MGF1 mask generation function with SHA-512
EdDSAEdDSA signature algorithms