GitHub - matelang/jwt-go-aws-kms: AWS KMS adapter for https://github.com/golang-jwt/jwt GoLang Json Web Token(JWT) Library (original) (raw)
AWS KMS adapter for golang-jwt/jwt-go library
This library provides an AWS KMS(Key Management Service) adapter to be used with the popular GoLang JWT librarygolang-jwt/jwt-go.
It will Sign a JWT token using an asymmetric key stored in AWS KMS.
Verification can be done both using KMS Verify method or locally with a cached public key (default).
Supported key types
| Signature Algorithm | JWT alg | Note |
|---|---|---|
| ECC_NIST_P256 | ES256 | |
| ECC_NIST_P384 | ES384 | |
| ECC_NIST_P521 | ES512 | |
| ECC_SECG_P256K1 | - | secp256k1 is not supported by JWT |
| RSASSA_PKCS1_V1_5_SHA_256 | RS256 | |
| RSASSA_PKCS1_V1_5_SHA_384 | RS384 | |
| RSASSA_PKCS1_V1_5_SHA_512 | RS512 | |
| RSASSA_PSS_SHA_256 | PS256 | |
| RSASSA_PSS_SHA_384 | PS384 | |
| RSASSA_PSS_SHA_512 | PS512 |
Usage example
See example.go
Special thanks
Shouting out to:
- dgrijalva
for the easy to extend GoLang JWT Library - golang-jwt
for taking over the project from dgrijalva - Mikael Gidmark
AWS KMS ECC returns the signature in DER-encoded object as defined by ANS X9.62–2005 as mentioned here - codelittinc
for their DER to (R,S) and (R,S) to DER methods found here - karalabe
for reviewing my code - gkelly
for various contributions especially around the library's unit testability