ASP.NET Core JWT - what't the difference between HmacSha512 and HmacSha512Signature algorithms?

Question

There're these two similar options in SecurityAlgorithms class. Which one should be used for signing JWT token? Is there any difference?

Answer 1

The difference is in the header of the token and specifically in the alg attribute. When you use HmacSha512 the header looks like this:

{
  "alg": "HS512",
  "typ": "JWT"
}

But when you use HmacSha512Signature the header looks like this:

{
  "alg": "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512",
  "typ": "JWT"
}

You can confirm that using https://jwt.io/.

When I had the same question, I found out that many libraries, mostly outside .NET, do not support http://www.w3.org/2001/04/xmldsig-more#hmac-sha512 as a valid value for the alg attribute because it is not included in the JSON Web Algorithms RFC, Section 3.1.

Related discussion 1: https://github.com/auth0/node-jsonwebtoken/issues/662

Related discussion 2: https://giters.com/jwtk/jjwt/issues/676

So personally I decided to use HmacSha512. If your whole system will be developed inside the .NET ecosystem you can use either and they work the same but if the token could be consumed by an application that isn't .NET it's probably better to use HmacSha512.

Answer 2

There's no functional difference for JWTs; under the hood, HmacSha512Signature gets converted to HmacSha512.

My limited understanding is that they're different constants that represent the same underlying algorithm. The Signature versions are identifiers for representing the algorithm in XML, while the ones without the suffix map to the algorithm identifiers used by JWT.

Old documentation contains a remark on using the algorithms ending in 'Signature' for the signature argument, but the latest documentation no longer contains that remark. I suspect the Signature version was kept around for legacy and backwards compatibility reasons.