[mitreid-connect] RS256 signature and keys
Luiz Omori
luiz.omori at duke.edu
Mon Jul 6 13:25:28 EDT 2015
Hi,
I've been using http://jwt.io to debug JWT tokens but couldn't verify the signature. Anybody else having problems with that? I've also played a bit with Jose4j and Nimbus in Java but failed also.
Also, I may be wrong but apparently the RS256 minimum key size is 2048 so MitreId may want to update its default key (I know, I know, we should replace it anyway...but just to give a good example). And while at that, had an interesting error while trying to sign (using Nimbus) a message with a locally generated key: "javax.crypto.BadPaddingException: Message is larger than modulus". In that particular instance there was a bug in my code however while researching the error found out that there is a limitation on the size of the encrypted text which is quite short (117 for 1024 bits key - TBC). So, is the JWT broken in chunks if above that size? How should I pad?
Regards,
Luiz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20150706/1e370068/attachment.htm
More information about the mitreid-connect
mailing list