I am creating ES256 JWT tokens using shell scripts and OpenSSL and noticed that sometimes, the generated signatures are invalid. Ultimately, the integers asn1parse delivers may be too short, I fixed that by zero-padding the hexadecimal integers before concatenating them:
I am creating ES256 JWT tokens using shell scripts and OpenSSL and noticed that sometimes, the generated signatures are invalid. Ultimately, the integers asn1parse delivers may be too short, I fixed that by zero-padding the hexadecimal integers before concatenating them:
I created thousands of signatures and all are now valid according to my validation script: