New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ES256 signature length #163
Comments
Thanks for the issue! |
I was unable to reproduce the issue in master, so I guess this is already fixed in between 0.6.0 and master. |
Thanks @martijndwars - if you could provide even a trivial snippet of code that allows us to reproduce the problem that'd be really helpful. If I had to guess, I think it's related to the ASN.1/DER encoding that was fixed in master. @martintreurnicht might have some insight here since he graciously contributed related code. |
@lhazlewood thanks for your quick reply. I was unable to reproduce the issue in master, so I guess this is already fixed in between 0.6.0 and master. I'm replacing jose4j by jjwt again to see if the issue is fixed in master and will let you know the result. Anyway, sorry for opening the issue before testing on master! |
No worries! The help is much appreciated! |
Hi, yes the change i made was to change the signature from ASN.1/DER encoding (which is the standard in java) to JOSE, which is the format that should be used as per the RFC spec. @lhazlewood you guys should to an official release soon otherwise you'll keep on getting these type of issues |
I can confirm that the issue does not exist on master, so I'll close it. I look forward to the 0.7.0 release! |
Thanks! I think we'll be able to release 0.7 shortly - this was the last bug. |
According to draft-ietf-json-web-algorithms, the length of the signature for ES256 must be 64 bytes. The signature that is being produced by jjwt is longer (e.g. the base64 encoded string is 94 characters, which corresponds to 126 bytes).
When I replaced jjwt by jose4j, the problem was solved. Apparently, they encountered this issue as well, though I'm not sure what is going wrong in jjwt.
The text was updated successfully, but these errors were encountered: