jjwt
jjwt copied to clipboard
jwtk
Java JWT: JSON Web Token for Java and Android
**Describe the bug** We are using `PS256` as signing algorithm with rotated keys. the app is running on java 11 and deployed in kubernetes. Recently we started to encounter signature...
**Is your feature request related to a problem? Please describe.** When building an implementation for `SigningKeyResolver`, the Javadocs for the interface provide no hints as to how an implementation should...
**Is your feature request related to a problem? Please describe.** This issue brings up the issue that it is cumbersome to use JJWT for signing together with a smartcard/HSM as...
jjwt 0.11.2 - create a token with a SecretKeySpec: `new SecretKeySpec(MyKeyString, SignatureAlgorithm.HS256.getJcaName())` - check created token and the SignatureAlgorithm is `HS384` instead. If I look at `io.jsonwebtoken.forSigningKey(Key key)` the `SignatureAlgorithm`...
https://datatracker.ietf.org/doc/html/rfc7517#section-4.6 If receiving a JWK with x5u, it must be verified as defined in the above spec section before it can be used. Work to be done in the `jwe`...
Port #709 to the JWE branch
POC: ``` EstimateIterationsResult estimateIterationsResult = KeyAlgorithms.estimateIterations(PBES2_HS256_A128KW, 100); int index = 1; for (Result r : estimateIterationsResult.getResults()) { System.out.println("Iteration: " + (index++) + ", workFactor=" + r.getWorkFactor() + ", duration=" +...
I is my understanding that java.util.Date should not be used anymore. I suggest to add support for java.time.
