Closed JakeChampion closed 1 week ago
Would this also include RS256
? 🙂 We need RS256
to be able to verify JWTs from Fanout in a c@e js runtime - for more context: https://developer.fastly.com/learning/concepts/real-time-messaging/fanout/#validating-grip-requests
@jfctfl We support RS256, but that is not what Fanout uses, Fanout uses EC P-256, which we do not support and is already listed in this issue 👍
I assumed it was RS256 based on this rust example. But in any case, glad to see the required algorithm listed here! 👍
If I could lobby for a few more algorithms to be supported 🙏
RSA-PSS
ECDSA
(at least P-256, but ideally all three curves)Ed25519
from https://wicg.github.io/webcrypto-secure-curves/HMAC
Also
pkcs8
andspki
key format import/export are not to be overlooked. Developers LOOOVE to use in favour of JWKs.I have a comprehensive test suite for different runtimes' webcrypto implementations that I could unload on js-compute-runtime eventually.
Originally posted by @panva in https://github.com/fastly/js-compute-runtime/issues/440#issuecomment-1535339296