Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
3.1.7
-
None
-
Unknown
Description
The length of the "n" value is 257 bytes for a 2048 bits key length.
If "n" is handled as an unsigned int, it should be at most 256 bytes.
The added null byte is caused by BigInteger.toByteArray() which always handles the integer as a signed integer.
A fix is just to remove all the first 0-bytes in the encodedModulus, see JwkUtils.prepareRSAJwk.
This fix will surely break clients which just decodes the "n" as an unsigned value using new BigInteger(byte[]) . These clients must be changed to either always insert a leading "0-byte" before using the new BigInteger(byte[]) contstructor, or they should use the BigInteger(signum, magnitude) constructor.
The extra "sign byte" is mentioned in:
https://tools.ietf.org/html/rfc7518#page-30