JWT woes - crypto issues?

Igor Clark igor.clark@REDACTED
Sun Feb 7 13:01:13 CET 2021


Thanks very much Michael and Leonard for your replies!

ES384 is mandated by the service I'm generating the tokens for ( Amazon IVS https://docs.aws.amazon.com/ivs/latest/userguide/private-channels-generate-tokens.html ).

On the assumption the problem not anything to do with the erlang/SSL version, or similar, but rather just an issue with jwerl, I've submitted an issue on jwerl's gitlab repo (as the Github one seems to be just a mirror), with sample code, keys and outputs: https://gitlab.com/glejeune/jwerl/-/issues/17

I'd be delighted if anybody here has any more light to throw on the matter, but hopefully will hear something back from the Gitlab issue. Will close the loop on this message FYI if so.

Thanks, all, for your time -
Igor

> On 6 Feb 2021, at 19:44, Leonard B <leonard.boyce@REDACTED> wrote:
> 
> Michael, one small issue with https://github.com/artemeff/jwt
> 
> It does not support ES384
> See: https://github.com/artemeff/jwt/blob/master/src/jwt.erl#L47
> 
> On Sat, Feb 6, 2021 at 2:02 PM <grimlog@REDACTED> wrote:
>> 
>> Hi,
>> 
>>> I've tried several other Erlang JWT libraries, which won't even seem to build because the compile fails with that same warning (I guess this is something to do with warnings as errors, maybe, but I don't know how to switch that off in rebar3) - I've even tried importing Elixir libs but I got nowhere quickly with that. The > jwerl library seems to work and is apparently in decently wide use, so there must be something off about my setup or *something*, given that interoperability is pretty much the point of JWT, and this is falling at the first hurdle.
>> 
>>> Anyone got any ideas? Would really appreciate a pointer on how to track down what's going wrong!
>> 
>>> Thanks,
>>> Igor
>> 
>> I used https://github.com/artemeff/jwt about a year ago and it worked fine for me.
>> 
>> Michael



More information about the erlang-questions mailing list