The global jose
variable provides support for the Javascript Object Signing and Encryption (JOSE) standard. Supported parts of this specification are:
- Generating key sets (JWKs)
- Signing and verifying JWS
- Encrypting and decrypting JWE
You may be familiar with Json Web Tokens (JWT). These are based on the JWS standard, but with a predefined format for the payload. You can create a JWT with the jose.signJws
method.
These methods use the PEM or JWK format for cryptographic keys.
PEM keys are passed as strings. These are base64 encoded and start with "-----BEGIN PRIVATE KEY-----".
Json Web Keys (JWKs) are objects with at least the kty
(key type) and kid
(key id) properties, as defined in the JOSE standard. A key set is an array containing such objects.
Json Web Key (JWT)
Generate a new public and private key pair using the jose.generateKey
function.
generateKey(): Promise<{
private: JsonWebKey;
public: JsonWebKey;
}>;
Json Web Signature (JWS)
Sign and verify payloads using these methods.
signJws(payload: any, jwk: JsonWebKey | string): Promise<string>;
verifyJws(jws: string, jwks: JsonWebKeySet): Promise<any | null>;
Json Web Encryption (JWE)
Encrypt or decrypt data using these methods.
encryptJwe(payload: any, jwk: JsonWebKey | string): Promise<string>;
decryptJwe(jwe: string, jwks: JsonWebKeySet): Promise<any | null>;