-
Type: Task
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Server Security
The DPoP project (PM-3537) will add another area in the server where an API for performing asymmetric cryptography tasks (such as digital signature signing & validation) would be very handy. Currently, only the JWS validator for OIDC performs asymmetric crypto in the server, therefore much of the asymmetric crypto functions are implemented within JWS validator, with its platform-specific variants (eg jws_validator_(openssl|apple|none|windows).cpp). This ticket aims to move all the common asymmetric crypto functionality (& platform specific stuff) into a library, and provide a platform agnostic API for the rest of the server.