Svein Otto Solem created CXF-6996:
-------------------------------------
Summary: "n" in JWK for RSA should be unsigned, but is signed in
JwkUtils.prepareRSAJwk
Key: CXF-6996
URL: https://issues.apache.org/jira/browse/CXF-6996
Project: CXF
Issue Type: Bug
Components: JAX-RS Security
Affects Versions: 3.1.7
Reporter: Svein Otto Solem
Priority: Minor
The length of the "n" value is 257 bytes for a 2048 bits key length.
If "n" is handled as an unsigned int, it should be at most 256 bytes.
The added null byte is caused by BigInteger.toByteArray() which always handles
the integer as a signed integer.
A fix is just to remove all the first 0-bytes in the encodedModulus, see
JwkUtils.prepareRSAJwk.
This fix will surely break clients which just decodes the "n" as an unsigned
value using new BigInteger(byte[]) . These clients must be changed to either
always insert a leading "0-byte" before using the new BigInteger(byte[])
contstructor, or they should use the BigInteger(signum, magnitude) constructor.
The extra "sign byte" is mentioned in:
https://tools.ietf.org/html/rfc7518#page-30
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
