feat: Support RS384/RS512 and PS256/PS384/PS512 JWT signature algorithms#1991
Open
NiklasHerrmann21 wants to merge 1 commit into
Open
feat: Support RS384/RS512 and PS256/PS384/PS512 JWT signature algorithms#1991NiklasHerrmann21 wants to merge 1 commit into
NiklasHerrmann21 wants to merge 1 commit into
Conversation
The JwtSignatureValidator previously only accepted RS256-signed tokens. Extend JwtSignatureAlgorithm with the five additional RSA-based algorithms from RFC 7518 §3.3 (RSASSA-PKCS1-v1_5 with SHA-384/SHA-512) and §3.5 (RSASSA-PSS with SHA-256/SHA-384/SHA-512), and set the corresponding PSSParameterSpec on the JCA Signature instance for the PS* variants. Algorithm selection is driven by the JWT header `alg` value; unknown values continue to be rejected with the existing "is not supported" error path. Also tightens JwtSignatureAlgorithm.fromType to an explicit mapping (RSA -> RS256, everything else -> null) so the JWK fallback semantics do not depend on enum declaration order as new algorithms are added. Parameterized tests verify that every declared algorithm round-trips through validateSignature with a freshly generated RSA key pair, and that a tampered payload is rejected for each algorithm. ECDSA algorithms (ES256/ES384/ES512) will follow in a separate PR.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds support for five additional RSA-based JWT signature algorithms in
JwtSignatureValidator:RS384,RS512— RSASSA-PKCS1-v1_5 with SHA-384 / SHA-512 (RFC 7518 §3.3)PS256,PS384,PS512— RSASSA-PSS with SHA-256 / SHA-384 / SHA-512 (RFC 7518 §3.5)RS256continues to work unchanged.What changed
JwtSignatureAlgorithm(enum) now declares all six algorithms with the JCA name passed toSignature.getInstance(...)and, for PSS, the appropriatePSSParameterSpec.JwtSignatureValidator#validateSignaturecallsSignature#setParameter(...)when the selected algorithm carries a parameter spec. RSA-PKCS1 paths are unchanged.JwtSignatureAlgorithm#fromTypeis now an explicitRSA → RS256mapping. Previously the answer depended on enum declaration order, which would have silently changed semantics as new algorithms are added.What did not change
algin the JWT header is rejected with the existingJWT token validation with signature algorithm '...' is not supported.error.kty=RSA, soJsonWebKeyImpl#createRSAPublicKeycovers them.Test plan
mvn -pl java-security test— green, 16 new parameterized tests inJwtSignatureAlgorithmTestmvn install -DskipTests(full repo compile) — greenvalidateSignature_acceptsTokenSignedWithAlgorithm) and verify that a tampered payload is rejected (validateSignature_rejectsTamperedToken)Out of scope
ECDSA algorithms (
ES256,ES384,ES512) require a separate JWK key-type path (kty=ECwithcrv,x,y) and additional curve mapping. They will be addressed in a follow-up PR.Companion ticket
Lifts the supported-algorithm set toward parity with the node.js library (which gained RS384/RS512 in 4.0.0) and prepares the way for PS* and ES* coverage.