A JWT configured to be signed using the `ES512` algorithm may have an invalid signature

[robotdan]

A JWT configured to be signed using the ES512 algorithm may have an invalid signature

Description

It is possible that when using the ES512 algorithm to sign a JWT, the signature may not be valid.

Observed versions

1.48.0

Affects versions

>= 1.4.0. We introduced Elliptic Curve support in version 1.4.0.

Steps to reproduce

1. Sign a JWT using ES512
2. Verify the signature

In testing, one out of every 1-2k signatures may be invalid.

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

Additional context

Add any other context about the problem here.

[robotdan]

Internal:

• https://github.com/FusionAuth/fusionauth-jwt/pull/56

[robotdan]

Need to update to fusionauth-jwt version 5.3.2 from 5.2.4 to pick up this fix.

• https://github.com/FusionAuth/fusionauth-app/commit/1b803c530584821928be6b2851f6d6e54ca5033c