cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update code comment

Browse source
This commit is contained in:
Tim Möhlmann 2024-08-20 10:44:45 +03:00
parent 7e1846e6e2
commit 2a3e87afff
1 changed files with 3 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pkg/crypto/hash.go
View file

@ -22,12 +22,10 @@ func GetHashAlgorithm(sigAlgorithm jose.SignatureAlgorithm) (hash.Hash, error) {
case jose.RS512, jose.ES512, jose.PS512: case jose.RS512, jose.ES512, jose.PS512:
return sha512.New(), nil return sha512.New(), nil
// There is no published spec for this yet. // There is no published spec for this yet, but we have confirmation it will get published.
// There is consensus here: https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-eddsa-id-tokens // There is consensus here: https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-eddsa-id-tokens
// Currently go-jose only supports the ed25519 curve key for EdDSA, so we can safely assume sha512 here. // Currently Go and go-jose only supports the ed25519 curve key for EdDSA, so we can safely assume sha512 here.
// // It is unlikely ed448 will ever be supported: https://github.com/golang/go/issues/29390
// TODO: When go-jose ever decides to support ed448, we need to know the "crv" parameter and use shake256 for ed448.
// The "crv" value is currently not exposed by go-jose.JSONWebKey and is currently only hard-coded to be set during marshalling.
case jose.EdDSA: case jose.EdDSA:
return sha512.New(), nil return sha512.New(), nil