search

vapor / jwt-kit

🔑 JSON Web Token (JWT) signing and verification (HMAC, ECDSA, EdDSA, RSA, PSS) with support for JWS and JWK
https://api.vapor.codes/jwtkit/documentation/jwtkit/
MIT License
190 stars 49 forks source link

Invalid signature reported by jwt.io for RSA256 based JWT #74

Closed rohit3d2003 closed 11 months ago

rohit3d2003 commented 2 years ago

Describe the bug

We are creating JWT leveraging jwt-kit based on RSA 256 algorithm in iOS application (Swift). The jwt is created successfully but when we put the generated jwt in jwt.io, it says 'Invalid Signature'. I am not sure if I am missing anything.

To Reproduce

  1. Generate JWT as per the attached screenshot
  2. Copy generated JWT and enter on jwt.io
  3. Messages is decoded properly but it reports 'Invalid Signature' at the bottm

Additional context

Screen Shot 2022-06-15 at 7 57 43 AM

Screen Shot 2022-06-15 at 8 00 31 AM

Add any other context about the problem here.

0xTim commented 2 years ago

Have you tried actually using the token? I think it's fine - I believe you-re getting an invalid signature because it doesn't know your private key to be able to check it.

E.g. trying https://techdocs.akamai.com/iot-token-access-control/docs/generate-jwt-rsa-keys produces the same result

0xTim commented 11 months ago

Closing due to inactivity, feel free to reopen if this is still an issue!