Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support CAPI on windows #149

Open
Thalhammer opened this issue Jul 8, 2021 · 0 comments
Open

Support CAPI on windows #149

Thalhammer opened this issue Jul 8, 2021 · 0 comments

Comments

@Thalhammer
Copy link
Owner

Describe the impediment
I recently stumbled upon this forum conversation. The tldr is that all proper jwt libraries for c++ require either libressl or openssl. While this is not an issue on *nix cause either one of them is almost always preinstalled or statically linked to the app, it might be a problem for some windows use cases. Microsoft provides the "Cryptographic API" which from a quick look should be able to provide everything we
need to create or verify jwt tokens (at least for hmac and everything based on rsa, not sure about ecdsa). Since we already have all algorithms in nicely extracted parts, it should be relatively easy to introduce an "CAPI Mode" where everything thats possible is implemented and everything thats not is a compile time assert, thus completely removing the requirement for OpenSSL on windows in some cases. This blogpost provides a rough comparison between openssl and capi code and might be a good starting point. The default would still be to link against OpenSSL, providing the full feature set.

Trying to obtain
Everything in the algorithm namespace except for the none algorithm.

Desktop (please complete the following information): (Include/Attach if Applicable)

  • OS: Windows NT
  • Compiler: any
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant