xref: /aosp_15_r20/prebuilts/misc/common/nimbus-jose-jwt/README.md (revision 847dbab7980efcc7f5706bb9c6d844b91a680afd) 
1# Nimbus JOSE + JWT
2
3* The most popular and robust Java library for JSON Web Tokens (JWT)
4* Supports all standard signature (JWS) and encryption (JWE) algorithms
5* Open source Apache 2.0 licence
6
7Check out the [library homepage](http://connect2id.com/products/nimbus-jose-jwt)
8for more info and examples.
9
10
11## Full compact JOSE and JWT support
12
13Create, serialise and process compact-encoded:
14
15* Plain (unsecured) JOSE objects
16* JSON Web Signature (JWS) objects
17* JSON Web Encryption (JWE) objects
18* JSON Web Key (JWK) objects and JWK sets
19* Plain, signed and encrypted JSON Web Tokens (JWTs)
20
21The less frequently used alternative JSON encoding is on the road map.
22
23
24## Supported JOSE algorithms
25
26The library can handle all standard JOSE algorithms:
27
28* HMAC integrity protection: HS256, HS384 and HS512
29* RSASSA-PKCS1-V1_5 signatures: RS256, RS384 and RS512
30* RSASSA-PSS signatures: PS256, PS384 and PS512
31* EC signatures: ES256, ES384 and ES512
32* Key encryption with RSAES-PKCS1-V1_5: RSA1_5 (deprecated)
33* Key encryption with RSAES OAEP: RSA-OAEP and RSA-OAEP-256
34* Key encryption with AES key wrap: A128KW, A192KW and A256KW
35* Key encryption with AES GCM: A128CGMKW, A192CGMKW and A256CGMKW
36* Direct shared symmetric key encryption: dir
37* Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static: ECDH-ES,
38  ECDH-ES+A128KW, ECDH-ES+A192KW and ECDH-ES+A256KW
39* Password-based encryption: PBES2-HS256+A128KW, PBES2-HS384+A192KW and
40  PBES2-HS512+A256KW
41* Content encryption with AES_CBC_HMAC_SHA2: A128CBC-HS256, A192CBC-HS384,
42  A256CBC-HS512, the deprecated A128CBC+HS256 and A256CBC+HS512 are also
43  supported
44* Content encryption with AES GCM: A128GCM, A192GCM and A256GCM
45* JWE Compression with DEFLATE.
46
47
48## Supported IETF standards
49
50* RFC 7515 - JSON Web Signature (JWS)
51* RFC 7516 - JSON Web Encryption (JWE)
52* RFC 7517 - JSON Web Key (JWK)
53* RFC 7518 - JSON Web Algorithms (JWA)
54* RFC 7519 - JSON Web Token (JWT)
55* RFC 7520 - Examples of Protecting Content Using JSON Object Signing and
56  Encryption (JOSE)
57* RFC 7165 - Use Cases and Requirements for JSON Object Signing and Encryption
58  (JOSE)
59* RFC 8037 - CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON
60  Object Signing and Encryption (JOSE)
61
62
63## System requirements and dependencies
64
65The Nimbus JOSE+JWT library requires Java 7+ and has minimal dependencies.
66
67* JSON Smart for highly efficient parsing and serialisation of JSON.
68* JCIP for concurrency annotations.
69* [optional] BouncyCastle as an alternative JCA provider.
70
71
72For Maven add:
73
74```
75<dependency>
76    <groupId>com.nimbusds</groupId>
77    <artifactId>nimbus-jose-jwt</artifactId>
78    <version>[ version ]</version>
79</dependency>
80```
81
82where `[ version ]` is the latest stable version.
83
84To post bug reports and suggestions:
85
86<https://bitbucket.org/connect2id/nimbus-jose-jwt/issues>
87
88
89Follow updates and new releases on Twitter:
90
91<https://twitter.com/connect2id>
92
93