Why marshaling only works with ECDSA

I am exploring the support of marshaling in signing in Vault for a project, and found that marshaling_algorithm is only supported with ECDSA keys in signing (path_sign_verify.go) in Vault, which is also mentioned in Transit - Secrets Engines - HTTP API | Vault by HashiCorp. We might use ‘JWS’ of mashaling with different type of keys, would like to know why marshaling_algorithm ‘JWS’ cannot work with other type of keys like RSA? From JSON Web Signature (JWS) it seems OK for 2 to work together. Appreciate if someone can explain. Thank you!

1 Like