SigningAlgorithm Property
The algorithm used when signing.
Syntax
public JwtSigningAlgorithms SigningAlgorithm { get; set; }
enum JwtSigningAlgorithms { saHS256, saHS384, saHS512, saRS256, saRS384, saRS512, saES256, saES384, saES512, saPS256, saPS384, saPS512, saNone, saES256K }
Public Property SigningAlgorithm As JwtSigningAlgorithms
Enum JwtSigningAlgorithms saHS256 saHS384 saHS512 saRS256 saRS384 saRS512 saES256 saES384 saES512 saPS256 saPS384 saPS512 saNone saES256K End Enum
Default Value
0
Remarks
This property specifies the algorithm to use when signing.
When signing with an HMAC algorithm Key must be specified. When an RSA or ECDSA algorithm is selected Certificate must be set before calling Sign and SignerCert must be set before calling Verify. The following values are supported:
Algorithm | Description | Private Key Location |
0 (saHS256 - default) | HMAC using SHA-256 | Key |
1 (saHS384) | HMAC using SHA-384 | Key |
2 (saHS512) | HMAC using SHA-512 | Key |
3 (saRS256) | RSASSA-PKCS1-v1_5 using SHA-256 | Certificate |
4 (saRS384) | RSASSA-PKCS1-v1_5 using SHA-384 | Certificate |
5 (saRS512) | RSASSA-PKCS1-v1_5 using SHA-512 | Certificate |
6 (saPS256) | RSASSA-PSS using SHA-256 and MGF1 with SHA-256 | Certificate |
7 (saPS384) | RSASSA-PSS using SHA-384 and MGF1 with SHA-384 | Certificate |
8 (saPS512) | RSASSA-PSS using SHA-512 and MGF1 with SHA-512 | Certificate |
9 (saES256) | ECDSA using P-256 and SHA-256 | Certificate |
10 (saES384) | ECDSA using P-384 and SHA-384 | Certificate |
11 (saES512) | ECDSA using P-521 and SHA-512 | Certificate |
12 (saNone) | None (unprotected) | Not Applicable |
13 (saES256K) | ECDSA using secp256k1 curve and SHA-256 | Certificate |
Note: This setting is also applicable when StrictValidation is enabled before calling Verify.