[jose] Updated JWA algorithm support table
Mike Jones <Michael.Jones@microsoft.com> Sat, 28 July 2012 03:02 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C3D911E8137 for <jose@ietfa.amsl.com>; Fri, 27 Jul 2012 20:02:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.794
X-Spam-Level:
X-Spam-Status: No, score=-3.794 tagged_above=-999 required=5 tests=[AWL=-0.196, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0CejmL7s8x62 for <jose@ietfa.amsl.com>; Fri, 27 Jul 2012 20:02:07 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe004.messaging.microsoft.com [216.32.181.184]) by ietfa.amsl.com (Postfix) with ESMTP id 276F311E8132 for <jose@ietf.org>; Fri, 27 Jul 2012 20:01:59 -0700 (PDT)
Received: from mail227-ch1-R.bigfish.com (10.43.68.230) by CH1EHSOBE011.bigfish.com (10.43.70.61) with Microsoft SMTP Server id 14.1.225.23; Sat, 28 Jul 2012 03:01:58 +0000
Received: from mail227-ch1 (localhost [127.0.0.1]) by mail227-ch1-R.bigfish.com (Postfix) with ESMTP id C108CBC007F for <jose@ietf.org>; Sat, 28 Jul 2012 03:01:58 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC103.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: 0
X-BigFish: VS0(zzc85fhzz1202hzz8275bh8275dhz2fh2a8h668h839hd25hf0ah107ah34h)
Received-SPF: pass (mail227-ch1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14MLTC103.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail227-ch1 (localhost.localdomain [127.0.0.1]) by mail227-ch1 (MessageSwitch) id 1343444514649218_26417; Sat, 28 Jul 2012 03:01:54 +0000 (UTC)
Received: from CH1EHSMHS018.bigfish.com (snatpool1.int.messaging.microsoft.com [10.43.68.254]) by mail227-ch1.bigfish.com (Postfix) with ESMTP id 9A2DF19C0045 for <jose@ietf.org>; Sat, 28 Jul 2012 03:01:54 +0000 (UTC)
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com (131.107.125.8) by CH1EHSMHS018.bigfish.com (10.43.70.18) with Microsoft SMTP Server (TLS) id 14.1.225.23; Sat, 28 Jul 2012 03:01:53 +0000
Received: from TK5EX14MBXC285.redmond.corp.microsoft.com ([169.254.3.222]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([157.54.79.174]) with mapi id 14.02.0298.005; Sat, 28 Jul 2012 03:01:51 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: Updated JWA algorithm support table
Thread-Index: Ac1sbUqRoEGxbbpCSPS+1W0sPnhKKg==
Date: Sat, 28 Jul 2012 03:01:50 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436674A117@TK5EX14MBXC285.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.37]
Content-Type: multipart/mixed; boundary="_004_4E1F6AAD24975D4BA5B16804296739436674A117TK5EX14MBXC285r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: [jose] Updated JWA algorithm support table
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Jul 2012 03:02:09 -0000
New columns added for NSS and Windows native crypto, plus more data for OS X and Ruby. Thanks to Nov Matake, Christopher Kula, Wan-Teh Chang, Ryan Sleevi, Vijay Bharadwaj, and Brian LaMacchia for the additional data.
-- Mike
Usage
Param Name
Param Val
Description
.NET
Windows native
OS X
iOS
Java JCA
BouncyCastle
Android
PHP
PHPSecLib
Python
M2Crypto
PyCrypto
Ruby
OpenSSL
node.js
NSS
JWS/JWE
alg/int
HS256
HMAC w/ SHA-256 hash
YES
XP SP2
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
JWS/JWE
alg/int
HS384
HMAC w/ SHA-384 hash
YES
XP SP2
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
JWS/JWE
alg/int
HS512
HMAC w/ SHA-512 hash
YES
XP SP2
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
JWS
alg
RS256
RSA w/ SHA-256 hash
YES
XP SP2
YES
YES
YES
YES
YES
NO
YES
NO
YES
YES
YES
YES
YES
YES
JWS
alg
RS384
RSA w/ SHA-384 hash
YES
XP SP2
YES
YES
YES
YES
YES
NO
YES
NO
YES
YES
YES
YES
YES
YES
JWS
alg
RS512
RSA w/ SHA-512 hash
YES
XP SP2
YES
YES
YES
YES
YES
NO
YES
NO
YES
YES
YES
YES
YES
YES
JWS
alg
ES256
ECDSA w/ P-256 curve and SHA-256 hash
YES
Vista
10.6
NO
YES?
YES
YES
NO
NO
NO
YES
NO
YES
VARIES
VARIES?
VARIES
JWS
alg
ES384
ECDSA w/ P-384 curve and SHA-384 hash
YES
Vista
10.6
NO
YES?
YES
YES
NO
NO
NO
YES
NO
YES
VARIES
VARIES?
VARIES
JWS
alg
ES512
ECDSA w/ P-521 curve and SHA-512 hash
YES
Vista
10.6
NO
YES?
YES
YES
NO
NO
NO
YES
NO
YES
VARIES
VARIES?
VARIES
JWE
alg
RSA1_5
RSAES-PKCS1-V1_5
YES
XP SP2
YES
YES
YES
YES
YES
YES
YES
NO
YES
YES
YES
YES
YES
JWE
alg
RSA-OAEP
RSAES OAEP
YES
XP SP2
YES?
YES
YES
YES
YES
NO
YES
NO
YES
YES
YES
YES
NO
JWE
alg
ECDH-ES
Elliptic Curve Diffie-Hellman Ephemeral Static
NO*
Vista
NO?
NO
YES*
YES*
YES*
NO
NO
NO
YES?
NO
VARIES?
VARIES?
NO?
JWE
alg
A128KW
AES Key Wrap w/ 128 bit key
NO
Win7
YES
YES
YES
YES
NO
NO
NO
YES
YES
YES?
YES?
NO
JWE
alg
A256KW
AES Key Wrap w/ 256 bit key
NO
Win7
YES
YES
YES
YES
NO
NO
NO
YES
YES
YES?
YES?
NO
JWE
enc
A128CBC
AES CBC w/ 128 bit key
YES*
XP SP2
YES
YES*
YES*
YES*
YES*
YES*
NO
YES*
YES*
YES*
YES*
YES*
JWE
enc
A256CBC
AES CBC w/ 256 bit key
YES*
XP SP2
YES
YES*
YES*
YES*
YES*
YES*
NO
YES*
YES*
YES*
YES*
YES*
JWE
enc
A128GCM
AES GCM w/ 128 bit key
Codeplex
Vista SP1
NO?
NO
NO
YES
YES
NO
NO
NO
NO?
NO
YES
YES
NO
JWE
enc
A256GCM
AES GCM w/ 256 bit key
Codeplex
Vista SP1
NO?
NO
NO
YES
YES
NO
NO
NO
NO?
NO
YES
YES
NO
JWE
kdf
CS256
Concat Key Derivation Function (KDF)
NO
Win7
NO
NO
NO
NO
NO
NO
NO
NO
NO
NO
NO
JWE
kdf
CS384
Concat Key Derivation Function (KDF)
NO
Win7
NO
NO
NO
NO
NO
NO
NO
NO
NO
NO
NO
JWE
kdf
CS512
Concat Key Derivation Function (KDF)
NO
Win7
NO
NO
NO
NO
NO
NO
NO
NO
NO
NO
NO
YES - Support built into library/platform
BouncyCastle is a crypto lib for Java
Release - Support included in this release of software and later
Android uses BouncyCastle
YES* - Supported but other non-supported code required (Concat KDF)
PHPSecLib is a crypto lib for PHP
VARIES - In sources but often distributed w/ support compiled out
M2Crypto is a crypto lib for Python
NO - Not supported in library/platform
PyCrypto is a crypto lib for Python
NO* - Not supported in the specified configuration (w/ Concat KDF)
NSS is the crypto lib used by Firefox
(blank) - Unknown
? - Answer is a first impression but requires more research
PHP version 5.2
PHPSecLib version 0.3.0
PyCrypto version 2.6
Ruby 1.9.3 with ruby-openssl
Java 7
OS X 10.6 (Snow Leopard)
- Re: [jose] Updated JWA algorithm support table Anil Saldhana
- [jose] Updated JWA algorithm support table Mike Jones