Commits on Jan 28, 2024

1. - Ensured Secret JWK 'k' byte arrays for HMAC-SHA algorithms can be l… …

   …arger than the identified HS* algorithm. This is allowed per https://datatracker.ietf.org/doc/html/rfc7518#section-3.2: "A key of the same size as the hash output ... _or larger_ MUST be used with this algorithm"
   
   - Ensured that, when using the JwkBuilder, Secret JWK 'alg' values would automatically be set to 'HS256', 'HS384', or 'HS512' if the specified Java SecretKey algorithm name equals a JCA standard name (HmacSHA256, HmacSHA384, etc) or JCA standard HMAC-SHA OID.
   
   Fixes #901.

   

   lhazlewood committed Jan 28, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for d9c030e
   • Browse repository at this point

   Copy the full SHA

   d9c030e View commit details

   Browse the repository at this point in the history

2. - Ensured Secret JWK 'k' byte arrays for HMAC-SHA algorithms can be l… …

   …arger than the identified HS* algorithm. This is allowed per https://datatracker.ietf.org/doc/html/rfc7518#section-3.2: "A key of the same size as the hash output ... _or larger_ MUST be used with this algorithm"
   
   - Ensured that, when using the JwkBuilder, Secret JWK 'alg' values would automatically be set to 'HS256', 'HS384', or 'HS512' if the specified Java SecretKey algorithm name equals a JCA standard name (HmacSHA256, HmacSHA384, etc) or JCA standard HMAC-SHA OID.
   - Updated CHANGELOG.md accordingly.

   

   lhazlewood committed Jan 28, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 6ac5cc7
   • Browse repository at this point

   Copy the full SHA

   6ac5cc7 View commit details

   Browse the repository at this point in the history