JWSETKit

0.24.0

Star

A kit to create, sign and verify a JWT or JWS object

jsonwebtoken jws jwt json-web-key jwk swift server-side-swift json-web-algorithms json-web-encryption json-web-token jwa jwe jose jose-jwt jose-swift

What's New

JWSETKit 0.24.0

2025-04-14T15:05:16Z

feat: Support Curve25519 import/export from DER (SPKI/PKCS8)
feat: JWK's private key extraction from X509 cerificate
feat: JSONWebKeySet methods for append, filter, match, remove keys
feat: JSONWebKeySet initialize from URL in Darwin platforms
feat: Matching JWKS key for header instead of algorithm/kid
feat: Set kid to thumbprint if no keyId is set
feat: Decrease build size by removing Foundation dependency (Linux)
!feat: Remove unnecessary public key class from algorithm registration functions
!fix: Remove unnecessary throwing in JWKSet methods
fix: More accurate algorithm to find appropriate key for verify or decrypting
fix: Detect RSA is private or public instead of failed initializing
fix: Add missing tests
chore: Minor code improvements
chore: fix a bunch of typos in the documentations and the code itself (#16)
chore: More efficient base64 initialization
chore: Remove AnyKeyPath conformance to Sendable
chore: General hashing and equity check for private keys using public keys
chore: Add accessors for [Cerfificate] in JSONWebValue
chore: Make tirvial methods inlinable for performance
docs: More documentation

JWSETKit

A library for working with JSON Web Signature (JWS) and JSON Web Token (JWT).

Overview

JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based RFC7159 data structures. The JWS cryptographic mechanisms provide integrity protection for an arbitrary sequence of octets.

JSON Web Token (JWT) is a compact claims representation format intended for space constrained environments such as HTTP Authorization headers and URI query parameters.

This module makes it possible to serialize, deserialize, create, and verify JWS/JWT messages.

Supported Swift Versions

This library was introduced with support for Swift 5.8 or later.

Getting Started

To use JWSETKit, add the following dependency to your Package.swift:

dependencies: [
    .package(url: "https://github.com/amosavian/JWSETKit", .upToNextMinor(from: "0.19.0"))
]

Note that this repository does not have a 1.0 tag yet, so the API is not stable.

You can then add the specific product dependency to your target:

dependencies: [
    .product(name: "JWSETKit", package: "JWSETKit"),
]

Usage

For detailed usage and API documentation, check the documentation.

Comparison To Other Libraries

Features

	JWSETKit	jwt-kit	JOSESwift	Auth0's JWTDecode
JSON Web Signature (JWS)	✅	❌	✅	❌
JWS Multiple Signatures	✅	❌	❌	❌
JWS Unencoded/Detached Payload	✅	❌	❌	❌
JSON Web Token (JWT)	✅	✅	✅	✅
JWT Signature Verification	✅	✅	✅	❌
JWT Expire/NotBefore Validity	✅	✅	✅	❌
JSON Web Encryption (JWE)	✅	❌	✅	❌
Support CommonCrypto Keys	✅	❌	❌	❌
Support CryptoKit Keys	✅	❌	❌	❌

Supported Algorithms

Signature/HMAC

	JWSETKit	jwt-kit	JOSESwift	Auth0's JWTDecode
HS256	✅	✅	✅	❌
HS384	✅	✅	✅	❌
HS512	✅	✅	✅	❌
RS256	✅	✅	✅	❌
RS384	✅	✅	✅	❌
RS512	✅	✅	✅	❌
ES256	✅	✅	✅	❌
ES384	✅	✅	✅	❌
ES512	✅	✅	✅	❌
PS256	✅	✅	✅	❌
PS384	✅	✅	✅	❌
PS512	✅	✅	✅	❌
PS512	✅	✅	✅	❌
EdDSA	✅	✅	❌	❌
E256K	❌	❌	❌	❌

Key Encryption

	JWSETKit	JOSESwift
RSA1_5	✅	✅
RSA-OAEP	✅	✅
RSA-OAEP-256	✅	✅
A128KW	✅	✅
A192KW	✅	✅
A256KW	✅	✅
dir	✅	✅
ECDH-ES	✅	❌
ECDH-ES+A128KW	✅	❌
ECDH-ES+A192KW	✅	❌
ECDH-ES+A256KW	✅	❌
A128GCMKW	✅	❌
A192GCMKW	✅	❌
A256GCMKW	✅	❌
PBES2-HS256+A128KW	✅	❌
PBES2-HS384+A192KW	✅	❌
PBES2-HS512+A256KW	✅	❌

Content Encryption

	JWSETKit	JOSESwift
A128CBC-HS256	✅	✅
A192CBC-HS384	✅	✅
A256CBC-HS512	✅	✅
A128GCM	✅	❌
A192GCM	✅	❌
A256GCM	✅	❌

Description

Swift Tools 6.0.0

View More Packages from this Author

Dependencies

Last updated: Wed Jul 09 2025 20:53:28 GMT-0900 (Hawaii-Aleutian Daylight Time)