add support for ES algorithms

TeslaGov / ngx-http-auth-jwt-module

Secure your NGINX locations with JWT

MIT License

308 stars 118 forks source link

add support for ES algorithms #118

Closed swaeberle closed 3 months ago

swaeberle commented 7 months ago

See #117

swaeberle commented 7 months ago

Thanks for this. Can you please add tests matching those for RS*?

I'll have a look on this, too!

swaeberle commented 5 months ago

Sorry for the delay. It's close -- make sure all instances of ES 512 are 512 and not 521.

In fact the naming is no mixup but intended.

I used the elliptic curve NIST P-521 to create the keys with -521 suffix. Only later the key is used in combination with SHA-512 to form JWT algorithm ES512 (as defined by RFC 7518 section 3.4).

So the number originates from the named elliptic curve, not the hash function.

Though for the other JWT algorithms, named curve and hash function are equivalent.

beeing commented 3 months ago

Hi, any resolution on this? I'm interested to use it with this too. Thanks in advance!

swaeberle commented 3 months ago

@JoshMcCullough Are you fine with keeping the test keys' file names or do you insist in renaming them?

JoshMcCullough commented 3 months ago

@JoshMcCullough Are you fine with keeping the test keys' file names or do you insist in renaming them?

Thank you for clarifying -- my mistake.

JoshMcCullough commented 3 months ago

v2.1.0: https://github.com/TeslaGov/ngx-http-auth-jwt-module/releases/tag/2.1.0