Add ECDH-ES support to jwtBuilder

OpenLiberty / open-liberty

Open Liberty is a highly composable, fast to start, dynamic application server runtime environment

https://openliberty.io

Eclipse Public License 2.0

1.13k stars 578 forks source link

Add ECDH-ES support to jwtBuilder #17485

Open ayoho opened 3 years ago

ayoho commented 3 years ago

Add ECDH-ES as an available value for the keyManagementKeyAlgorithm in the metatype for the <jwtBuilder> element. This new value will allow our builder to use Elliptical Curve algorithms for wrapping the Content Encryption Key of a JWE.

c00crane commented 3 years ago

When the product code is updated, please open a work item to 1) search for this issue number and remove the work around in the test cases, 2) update the server configurations for the test cases using a work around, and 3) add new tests in the builder, consumer, mp-jwt FATs for encrypting with Elliptic Curve algorithms.

jimmy1wu commented 2 years ago

when support is added, search tests for issue number and re-enable the tests & remove comments refer: https://github.com/OpenLiberty/open-liberty/pull/17776

c00crane commented 2 years ago

Review the RP Encryption tests for EC support once this work is complete. Make sure that all of the tests are enabled and that all verification steps within the tests are enabled and running properly.