search

Brightspace / D2L.Security.OAuth2

Brightspace OAuth 2.0 for C#
Apache License 2.0
7 stars 16 forks source link

Reject RSA JSON key whose modulus has 0 byte prefix #245

Closed jcousins-cs closed 2 years ago

jcousins-cs commented 2 years ago

As per https://datatracker.ietf.org/doc/html/rfc7518#section-6.3.1.1, we should reject RSA JSON web keys with decoded modulus that starts with a 0 byte.