jose - "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node

  •        75

"JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno. The test suite utilizes examples defined in RFC7520 to confirm its JOSE implementation is correct.



Related Projects

jose - :closed_lock_with_key: JSON Object Signing and Encryption library (JWT, JWS, JWE, JWA, JWK, JWKSet and more)

  •    PHP

The detached content is also supported.Unencoded payload is supported. This means you can sign and verify payload without base64 encoding operation. As per the RFC7797, the b64 header MUST be protected. When b64 header is set, the crit protected header with value b64 in its array of values is mandatory.

python-jose - A JOSE implementation in Python

  •    Python

Docs are available on ReadTheDocs.The JavaScript Object Signing and Encryption (JOSE) technologies - JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) - collectively can be used to encrypt and/or sign content using a variety of algorithms. While the full set of permutations is extremely large, and might be daunting to some, it is expected that most applications will only use a small set of algorithms to meet their needs.

jose-jwt - Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for

  •    CSharp

Minimallistic zero-dependency library for generating, decoding and encryption JSON Web Tokens. Supports full suite of JSON Web Algorithms as of July 4, 2014 version. JSON parsing agnostic, can plug any desired JSON processing library. Extensively tested for compatibility with jose.4.j, Nimbus-JOSE-JWT and json-jwt libraries.v2.1 and above added extra features support for .NET461+ and coming with 3 version of binaries (NET4, NET461 and netstandard1.4).

go-jose - An implementation of JOSE standards (JWE, JWS, JWT) in Go

  •    Go

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. This includes support for JSON Web Encryption, JSON Web Signature, and JSON Web Token standards.Disclaimer: This library contains encryption software that is subject to the U.S. Export Administration Regulations. You may not export, re-export, transfer or download this code or any part of it in violation of any United States law, directive or regulation. In particular this software may not be exported or re-exported in any form or on any media to Iran, North Sudan, Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any US maintained blocked list.

jose - A comprehensive set of JWT, JWS, and JWE libraries.

  •    Go

JOSE is a comprehensive set of JWT, JWS, and JWE libraries.The only other JWS/JWE/JWT implementations are specific to JWT, and none were particularly pleasant to work with.

joken - Elixir JWT library

  •    Elixir

The goal of this library is to provide a convenient way to create, sign, verify, and validate JWTs while allowing the flexibility to customize each step along the way. This library also includes a Plug for checking tokens as well.1 Implemented mostly in pure Erlang. May be less performant than other supported signature algorithms. See jose JWS algorithm support for more information.

jjwt - Java JWT: JSON Web Token for Java and Android

  •    Java

JJWT aims to be the easiest to use and understand library for creating and verifying JSON Web Tokens (JWTs) on the JVM.JJWT is a Java implementation based on the JWT, JWS, JWE, JWK and JWA RFC specifications.

cli - A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

  •    Go

step is a zero trust swiss army knife. It’s an easy-to-use and hard-to-misuse utility for building, operating, and automating systems that use zero trust technologies like authenticated encryption (X.509, TLS), single sign-on (OAuth OIDC, SAML), multi-factor authentication (OATH OTP, FIDO U2F), encryption mechanisms (JSON Web Encryption, NaCl), and verifiable claims (JWT, SAML assertions). For more information and docs see the step website and the blog post announcing step.

jsrsasign - The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN

  •    HTML

The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token/Key in pure JavaScript.Public page is .

jose - JSON Object Signing and Encryption library for PHP.

  •    PHP

This library provides a lightweight implementation of the JWS (JSON Web Signature) specification.This library needs PHP 5.5+ and the library OpenSSL.

Apache Oltu - OAuth protocol implementation in Java

  •    Java

Apache Oltu is an OAuth protocol implementation in Java. It also covers others "OAuth family" related implementations such as JWT, JWS and OpenID Connect.

node-jws - JSON Web Signatures

  •    Javascript

An implementation of JSON Web Signatures. This was developed against draft-ietf-jose-json-web-signature-08 and implements the entire spec except X.509 Certificate Chain signing/verifying (patches welcome).

miniflare - 🔥 Fully-local simulator for Cloudflare Workers

  •    TypeScript

Miniflare is a simulator for developing and testing Cloudflare Workers. It's an alternative to wrangler dev, written in TypeScript, that runs your workers in a sandbox implementing Workers' runtime APIs.

jwt-go - Golang implementation of JSON Web Tokens (JWT)

  •    Go

BREAKING CHANGES:* Version 3.0.0 is here. It includes a lot of changes including a few that break the API. We've tried to break as few things as possible, so there should just be a few type signature changes. A full list of breaking changes is available in See for more information on updating your code.NOTICE: It's important that you validate the alg presented is what you expect. This library attempts to make it easy to do the right thing by requiring key types match the expected alg, but you should take the extra step to verify it in your usage. See the examples provided.

workers-graphql-server - 🔥Lightning-fast, globally distributed Apollo GraphQL server, deployed at the edge using Cloudflare Workers

  •    Javascript

An Apollo GraphQL server, built with Cloudflare Workers. Try a demo by looking at a deployed GraphQL playground. Why this rules: Cloudflare Workers is a serverless application platform for deploying your projects across Cloudflare's massive distributed network. Deploying your GraphQL application to the edge is a huge opportunity to build consistent low-latency API servers, with the added benefits of "serverless" (I know, the project has server in it): usage-based pricing, no cold starts, and instant, easy-to-use deployment software, using Wrangler.

paseto - Platform-Agnostic Security Tokens

  •    PHP

Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards. What follows is a reference implementation. Requires PHP 7 or newer.

Authlib - An ambitious authentication library for OAuth 1, OAuth 2, OpenID clients and servers.

  •    Python

The ultimate Python library in building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included. Authlib is compatible with Python2.7+ and Python3.6+.

end-to-end - End-To-End is a crypto library to encrypt, decrypt, digital sign, and verify signed messages (implementing OpenPGP and OTR)

  •    Javascript

End-To-End is a crypto library to encrypt, decrypt, digital sign, and verify signed messages (implementing OpenPGP and OTR).This is the source code for the End-To-End library. It's built upon a newly developed, JavaScript-based crypto library. End-To-End implements the OpenPGP standard, IETF RFC 4880, enabling key generation, encryption, decryption, digital signature, and signature verification.

python-ecdsa - pure-python ECDSA signature/verification

  •    Python

This is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve Digital Signature Algorithm), implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs (signing key and verifying key), sign messages, and verify the signatures. The keys and signatures are very short, making them easy to handle and incorporate into other protocols. This library provides key generation, signing, and verifying, for five popular NIST "Suite B" GF(p) curves, with key lengths of 192, 224, 256, 384, and 521 bits. The "short names" for these curves, as known by the OpenSSL tool (openssl ecparam -list_curves), are: prime192v1, secp224r1, prime256v1, secp384r1, and secp521r1. It also includes the 256-bit curve used by Bitcoin, whose short name is secp256k1. No other curves are included, but it would not be too hard to add more.

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.