feat: Support ES256/ES384/ES512 JWT signature algorithms#1995
Open
NiklasHerrmann21 wants to merge 1 commit into
Open
feat: Support ES256/ES384/ES512 JWT signature algorithms#1995NiklasHerrmann21 wants to merge 1 commit into
NiklasHerrmann21 wants to merge 1 commit into
Conversation
Adds ECDSA support to the JWT signature validator alongside the existing
RS*/PS* families. The JCA name SHA*withECDSAinP1363Format is used so the
raw R||S signature format mandated by RFC 7518 §3.4 is accepted directly,
without DER transcoding.
JsonWebKeyImpl now constructs EC public keys from JWK crv/x/y parameters
with strict validation: the curve must match the algorithm and each
coordinate must have the exact octet length per RFC 7518 §6.2.1. The
JWK curve names P-256/P-384/P-521 are mapped to the NIST names that
SunEC's AlgorithmParameters accepts for all three curves.
JwtSignatureAlgorithm.fromType("EC") deliberately returns null — unlike
RSA, EC keys are curve-bound and no safe default exists when a JWK omits
its alg field.
Adds end-to-end coverage in SapIdJwtSignatureValidatorAlgorithmsTest that
generates a fresh key pair per algorithm, builds a synthetic JWKS, signs
a token, and routes it through the real validator with mocked transport.
Extends JsonWebKeySetFactoryTest with PS256, ES256/384/512, and EC
curve/length mismatch cases.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
JwtSignatureValidator, completing the RFC 7518 §3.1 algorithm set on top of the RS*/PS* families added in #. Builds onfeature/jwt-rsa-algorithms.SHA*withECDSAinP1363Formatso the rawR||Ssignature format mandated by RFC 7518 §3.4 is accepted directly, without DER transcoding.crv/x/ywith strict validation: the curve must match the algorithm and each coordinate must have the exact octet length per RFC 7518 §6.2.1.JwtSignatureAlgorithm.fromType(\"EC\")deliberately returnsnull— unlike RSA, EC keys are curve-bound and no safe default exists when a JWK omits itsalgfield.Implementation notes
P-256/P-384/P-521are mapped to the NIST namessecp256r1/secp384r1/secp521r1before being passed toAlgorithmParameters.init(ECGenParameterSpec). SunEC accepts only the NIST names for the larger two curves; without this mapping ES384/ES512 would fail at runtime on the reference JCA provider.JsonWebKeyImplis unchanged; EC support is implemented via a newcreateECPublicKeybranch usingECPublicKeySpec.JsonWebKeyImplconstructor is overloaded — the existing 5-arg signature is preserved for backwards compatibility, EC fields go through a new 8-arg overload that onlyJsonWebKeySetFactorycalls.Test plan
JwtSignatureAlgorithmTest(existing, now parametrized over all 9 algorithms) — happy path + tamper rejection in isolation.SapIdJwtSignatureValidatorAlgorithmsTest— end-to-end through the realSapIdJwtSignatureValidatorwith mocked transport: generates a fresh key pair per algorithm, builds a synthetic JWKS, signs a token, validates it. 9 × happy + 9 × tamper.JsonWebKeySetFactoryTestextended with PS256, ES256/384/512 parsing, plus EC curve-mismatch and coordinate-length-mismatch error cases.mvn -pl java-security test→ 370 tests, 0 failures, 2 pre-existing@Disabledskipped.