Algorithms shoud have their own package

[Spomky]

Q	A
Bug report?	no
Feature request?	yes
BC Break report?	to be confirmed
RFC? / Specification	no
Version	v1.x

At the moment, the packages web-token/jwt-signature and web-token/jwt-encryption come with a bunch of algorithms.
This causes some problems and unnecessary requirements (OpenSSL, libSodium...) for applications that use a limited list of algorithms (e.g. HSxxx).

This can be linked to the #97 that introduces new algorithms.

The idea is to remove the algorithms from the two packages listed above and create dedicated packages.
These dedicated packages will be required for v1.x of the project to avoid BC breaks, but will be decoupled for next major revisions and only suggested.

Following packages will be created:

• For signature:
  • web-token/jwt-signature-algorithm-none: none algorithm
  • web-token/jwt-signature-algorithm-rsa: all RSxxx and PSxxx algorithms
  • web-token/jwt-signature-algorithm-ecdsa: all ESxxx algorithms
  • web-token/jwt-signature-algorithm-eddsa: EdDSA algorithm
  • web-token/jwt-signature-algorithm-hmac: all HSxxx algorithms
• For encryption:
  • web-token/jwt-encryption-algorithm-aeskw: all AxxxKW algorithms
  • web-token/jwt-encryption-algorithm-aesgcmkw: all AxxxGCMKW algorithms
  • web-token/jwt-encryption-algorithm-dir: dir algorithm
  • web-token/jwt-encryption-algorithm-ecdh-es: all ECDH-ES algorithms
  • web-token/jwt-encryption-algorithm-pbes2: all PBES2-HSxxx+AyyyKW algorithms
  • web-token/jwt-encryption-algorithm-rsa: all RSA* algorithms
  • web-token/jwt-encryption-algorithm-aescbc: all AxxxCBC+HSyyy algorithms
  • web-token/jwt-encryption-algorithm-aesgcm: all AxxxGCM algorithms

[Spomky]

Done

[github-actions]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.