-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for PS256, PS384, PS512 #14
Comments
When is it planned to release this feature? |
Not sure. I need to do some more research to see how much if any of this is possible within the JDK and if any eternal deps are required. If external deps are required I'll probably not implement it in this library and instead make a a separate library to build the additional verifier and signer objects. |
As I understand it, current JDKs support this: https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8229518 In my opinion, supporting PSS is important, since the asymmetric alternatives have flaws: |
Thanks for the link @JuliusPC I'll take a look. |
It looks like the support is pretty good, I prototyped a verifier. I may be able to get this out shortly. |
Committed initial support for these algorithms. I need to do some more testing, and make sure the JSON Web Key parsing doesn't need any changes, but so far it looks pretty straight forward. Using this new algorithms will require the latest Java 8 (>= u251), or later versions of Java. |
Available in version 3.5.0. |
Add support for PS256, PS384, PS512
Additional context:
https://bitbucket.org/b_c/jose4j/issues/129/rsassa-pss-support-in-java-11
The text was updated successfully, but these errors were encountered: