-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for providing verifier #234
Comments
Very true. This is related to #170 in the sense that if this library were more modular you would be able to load custom verifiers too. Otherwise the solution is to add a SS256K verifier to the embedded bunch already supported. If that doesn't come with extra dependency baggage, it would be a quick fix, but since I haven't worked with SS256K before I'm not aware of the existing implementations out there. Do you have insight into this, @sondreb ? |
We have in our identity wallet, previously migrated to @noble/secp256k1, so to avoid dependency on yet another library for the same purpose, I wanted to create our own Signer and Verifier using that library. It's not super important to use the new library, though it's very clean, zero dependencies and very fast. did-jwt relies on Couple of unrelated things I noticed:
My preferred option would be to use JsonWebKey2020 with an Schnorr Public Key, which only defines the x coordinate. Guess that could be marked by setting the "crv" on the jwk field to "SS256K", mapping that to the exact same value as the "alg" on the signed JWT/JWS. I already had a working implementation using "publicKeyMultibase", but was not sure if JWK was a "better" option. |
60987e0 fixes what I mentioned here with no support for |
It is currently possible to specify a custom signer, but it's not possible to specify a custom verifier.
createJWT
allows signing with custom algorithm, like "SS256K" (Schnorr), but it's not possible to specify the verifier using theverifyJWT
, so if the JWT/JWS is signed with a custom signer, the verifier will fail.The text was updated successfully, but these errors were encountered: