SigningAlgorithm Property
The algorithm used when signing.
Syntax
public var signingAlgorithm: JwtSigningAlgorithms {
get {...}
set {...} }
public enum JwtSigningAlgorithms: Int32 { case saHS256 = 0 case saHS384 = 1 case saHS512 = 2 case saRS256 = 3 case saRS384 = 4 case saRS512 = 5 case saES256 = 6 case saES384 = 7 case saES512 = 8 case saPS256 = 9 case saPS384 = 10 case saPS512 = 11 case saNone = 12 case saES256K = 13 }
Default Value
0
Remarks
This property specifies the algorithm to use when signing.
When signing with an HMAC algorithm Key must be specified. When an RSA or ECDSA algorithm is selected Certificate must be set before calling Sign and SignerCert must be set before calling Verify. The following values are supported:
Algorithm | Description | Private Key Location |
0 (saHS256 - default) | HMAC using SHA-256 | Key |
1 (saHS384) | HMAC using SHA-384 | Key |
2 (saHS512) | HMAC using SHA-512 | Key |
3 (saRS256) | RSASSA-PKCS1-v1_5 using SHA-256 | Certificate |
4 (saRS384) | RSASSA-PKCS1-v1_5 using SHA-384 | Certificate |
5 (saRS512) | RSASSA-PKCS1-v1_5 using SHA-512 | Certificate |
6 (saPS256) | RSASSA-PSS using SHA-256 and MGF1 with SHA-256 | Certificate |
7 (saPS384) | RSASSA-PSS using SHA-384 and MGF1 with SHA-384 | Certificate |
8 (saPS512) | RSASSA-PSS using SHA-512 and MGF1 with SHA-512 | Certificate |
9 (saES256) | ECDSA using P-256 and SHA-256 | Certificate |
10 (saES384) | ECDSA using P-384 and SHA-384 | Certificate |
11 (saES512) | ECDSA using P-521 and SHA-512 | Certificate |
12 (saNone) | None (unprotected) | Not Applicable |
13 (saES256K) | ECDSA using secp256k1 curve and SHA-256 | Certificate |
Note: This setting is also applicable when StrictValidation is enabled before calling Verify.