search

Thalhammer / jwt-cpp

A header only library for creating and validating json web tokens in c++
https://thalhammer.github.io/jwt-cpp/
MIT License
875 stars 239 forks source link

Add helper for making RSA key from exponent and modulus #307

Closed prince-chrismc closed 9 months ago

prince-chrismc commented 1 year ago

Follow up of #298 since GitHub closed the PR when I pushed and will not let me re-open 😞

I fixed the wolfSSL test not passing, I put together some code for the openssl 3.0 support

//cc @zofer1 who originally submitted this

While evaluating JWT-CPP I have found a case where we have the public key defined as modulus and exponent. I have added a wrapper function to allow this functionality and hide the openssl details for this.

I have also added adding a set of claims defined as json to a verifier to allow static configuration files in the application level.

For the case where we may apply external claims verification we only want to verify the signature only and skip the claims verification. For this I have split the verify functions accordingly while maintaining a BWC.

closes https://github.com/Thalhammer/jwt-cpp/issues/271

zofer1 commented 1 year ago

I see you made a lot of changes. OpenSSL did deprecate the functions in v3 but it is still usable. I will test the openssl 3 changes although I wanted to do this at a later stage after the original PR is approved and with the additions for elliptic curve. Please advise if further tasks are pending so we make it this time before the PR is closed

prince-chrismc commented 1 year ago

We made a decent effort to remove all the deprecated function usage with OpenSSL 3.0 and it would be ideal to keep it that way. The test code you submitted passes but I do agree it needs to be tested more.

I would love to fixup some of the memory management, there's a current a leak when it makes the key. it would be easier to merge this before trying to add more.

I think it's getting a little bit complicated and the EC curve will need just a much fiddling to maintain support for the 5 (or 6) combination of SSL libraries we support

prince-chrismc commented 1 year ago

I am pretty happy with this there's some missing negative case tests https://coveralls.io/builds/62156107/source?filename=include%2Fjwt-cpp%2Fjwt.h#L953 especially for the openssl error and I try to find sometime this week to work on those

prince-chrismc commented 9 months ago

Finally found the memory leak 🚀

More improvements to actions + fixed an example 😫 worth it

prince-chrismc commented 9 months ago

Finally green ✅