JWSETKit

0.25.0

Star

A kit to create, sign and verify a JWT or JWS object

jsonwebtoken jws jwt json-web-key jwk swift server-side-swift json-web-algorithms json-web-encryption json-web-token jwa jwe jose jose-jwt jose-swift

What's New

JWSETKit 0.25.0

2025-06-26T15:11:13Z

feat: Key matching for POP (cnf claim) from JWKS
feat: Support RSA-OAEP-384, RSA-OAEP-512 in non-Darwin platforms
feat: Add JSONWebPrivateKey protocol
feat: Support Fully-Specified Algorithms for JOSE draft
feat: Support of AKP algorithms when standardized in future
feat: Support for MLDSA/MLKEM key types and abstracts regarding draft-7
feat: Support APK key thumbprinting
!feat: Key accessors are now only available in related key type
[Breaking] !feat: Default symmetric-key is 256bit now
fix: Add PBES2 salt when not provided
fix: Validating generic keys when initialized from storage
fix: Prevent crash when reading SecureEnclave keys rawRepresentation
fix: PKCS8 thumbprinting must be not allowed
fix: JSONWebKeySymmetric is hashable
[Breaking] !chore: Remove argument name for String conversion method
[Breaking] !chore: JSONWebContainer is not sendable anymore, if it is used directly
chore: Remove redundant subscriptions of storage
chore: SymmetricKey and Certificate to conform JSONWebValueEncodable/Decodable
chore: Base64URL conversions from any UInt8 collection (Data, [UInt8], etc.)
chore: Make JSONWebContainer immutable, introducing MutableJSONWebContainer
chore: Keys are conforming to JSONWebContainer
chore: Initialize keys using init instead of create
chore: Initialize key from another key
chore: Test functions naming linted
chore: Minor refactors and improvements
chore: Remove CryptoSwift dependency and use BoringSSL instead for RSA_1.5
chore: Refactor ASN1 encoding support, remove unused codes
chore: Better algorithm classifications
docs: Update and improve docc documentation

JWSETKit

A library for working with JSON Web Signature (JWS) and JSON Web Token (JWT).

Overview

JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based RFC7159 data structures. The JWS cryptographic mechanisms provide integrity protection for an arbitrary sequence of octets.

JSON Web Token (JWT) is a compact claims representation format intended for space constrained environments such as HTTP Authorization headers and URI query parameters.

This module makes it possible to serialize, deserialize, create, and verify JWS/JWT messages.

Supported Swift Versions

This library was introduced with support for Swift 5.8 or later.

Getting Started

To use JWSETKit, add the following dependency to your Package.swift:

dependencies: [
    .package(url: "https://github.com/amosavian/JWSETKit", .upToNextMinor(from: "0.24.0"))
]

Note that this repository does not have a 1.0 tag yet, so the API is not stable.

You can then add the specific product dependency to your target:

dependencies: [
    .product(name: "JWSETKit", package: "JWSETKit"),
]

Usage

For detailed usage and API documentation, check the documentation.

Comparison To Other Libraries

Features

	JWSETKit	jwt-kit	JOSESwift	Auth0's JWTDecode
JSON Web Signature (JWS)	✅	❌	✅	❌
JWS Multiple Signatures	✅	❌	❌	❌
JWS Unencoded/Detached Payload	✅	❌	❌	❌
JSON Web Token (JWT)	✅	✅	✅	✅
JWT Signature Verification	✅	✅	✅	❌
JWT Expire/NotBefore Validity	✅	✅	✅	❌
JSON Web Encryption (JWE)	✅	❌	✅	❌
Support CommonCrypto Keys	✅	❌	❌	❌
Support CryptoKit Keys	✅	❌	❌	❌

Supported Algorithms

Signature/HMAC

	JWSETKit	jwt-kit	JOSESwift	Auth0's JWTDecode
HS256	✅	✅	✅	❌
HS384	✅	✅	✅	❌
HS512	✅	✅	✅	❌
RS256	✅	✅	✅	❌
RS384	✅	✅	✅	❌
RS512	✅	✅	✅	❌
ES256	✅	✅	✅	❌
ES384	✅	✅	✅	❌
ES512	✅	✅	✅	❌
PS256	✅	✅	✅	❌
PS384	✅	✅	✅	❌
PS512	✅	✅	✅	❌
PS512	✅	✅	✅	❌
EdDSA	✅	✅	❌	❌
Ed25519	✅	❌	❌	❌
Ed448	❌	❌	❌	❌
E256K	❌	❌	❌	❌
ML-DSA-44	❌	❌	❌	❌
ML-DSA-65	❌	❌	❌	❌
ML-DSA-87	❌	❌	❌	❌

Key Encryption

	JWSETKit	JOSESwift
RSA1_5	✅	✅
RSA-OAEP	✅	✅
RSA-OAEP-256	✅	✅
A128KW	✅	✅
A192KW	✅	✅
A256KW	✅	✅
dir	✅	✅
ECDH-ES	✅	✅
ECDH-ES+A128KW	✅	✅
ECDH-ES+A192KW	✅	✅
ECDH-ES+A256KW	✅	✅
A128GCMKW	✅	❌
A192GCMKW	✅	❌
A256GCMKW	✅	❌
PBES2-HS256+A128KW	✅	❌
PBES2-HS384+A192KW	✅	❌
HPKE-0 (P256)	❌	❌
HPKE-1 (P384)	❌	❌
HPKE-2 (P521)	❌	❌
HPKE-3 (X25519)	❌	❌
HPKE-4 (X25519/ChaCha)	❌	❌
HPKE-5 (X448)	❌	❌
HPKE-6 (X448/ChaCha)	❌	❌

Content Encryption

	JWSETKit	JOSESwift
A128CBC-HS256	✅	✅
A192CBC-HS384	✅	✅
A256CBC-HS512	✅	✅
A128GCM	✅	✅
A192GCM	✅	✅
A256GCM	✅	✅

Description

Swift Tools 6.0.0

View More Packages from this Author

Dependencies

Last updated: Sat Jul 26 2025 10:41:34 GMT-0900 (Hawaii-Aleutian Daylight Time)