You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the impediment
I recently stumbled upon this forum conversation. The tldr is that all proper jwt libraries for c++ require either libressl or openssl. While this is not an issue on *nix cause either one of them is almost always preinstalled or statically linked to the app, it might be a problem for some windows use cases. Microsoft provides the "Cryptographic API" which from a quick look should be able to provide everything we
need to create or verify jwt tokens (at least for hmac and everything based on rsa, not sure about ecdsa). Since we already have all algorithms in nicely extracted parts, it should be relatively easy to introduce an "CAPI Mode" where everything thats possible is implemented and everything thats not is a compile time assert, thus completely removing the requirement for OpenSSL on windows in some cases. This blogpost provides a rough comparison between openssl and capi code and might be a good starting point. The default would still be to link against OpenSSL, providing the full feature set.
Trying to obtain
Everything in the algorithm namespace except for the none algorithm.
Desktop (please complete the following information): (Include/Attach if Applicable)
OS: Windows NT
Compiler: any
The text was updated successfully, but these errors were encountered:
Describe the impediment
I recently stumbled upon this forum conversation. The tldr is that all proper jwt libraries for c++ require either libressl or openssl. While this is not an issue on *nix cause either one of them is almost always preinstalled or statically linked to the app, it might be a problem for some windows use cases. Microsoft provides the "Cryptographic API" which from a quick look should be able to provide everything we
need to create or verify jwt tokens (at least for hmac and everything based on rsa, not sure about ecdsa). Since we already have all algorithms in nicely extracted parts, it should be relatively easy to introduce an "CAPI Mode" where everything thats possible is implemented and everything thats not is a compile time assert, thus completely removing the requirement for OpenSSL on windows in some cases. This blogpost provides a rough comparison between openssl and capi code and might be a good starting point. The default would still be to link against OpenSSL, providing the full feature set.
Trying to obtain
Everything in the algorithm namespace except for the
none
algorithm.Desktop (please complete the following information): (Include/Attach if Applicable)
The text was updated successfully, but these errors were encountered: