signWith for RSA512 #942
-
I'm trying to build a JWT Token using the RSA512 signing algorithm. My first attempt was to do the following:
However, when I run my code, it fails with the following error: "Unable to determine a suitable MAC or Signature algorithm for the specified key using available heuristics: either the key size is too weak to be used with available algorithms, or the key size is unavailable (e.g. if using a PKCS11 or HSM (Hardware Security Module) key storage). If you are using a PKCS11 or HSM keystore, consider using the JwtBuilder.signWith(Key, SecureDigestAlgorithm) method instead." I think that the solution is to use a signWith method which also takes the signature algorithm like this: There is a method in the javadoc with a signature of signWith(K key, SecureDigestAlgorithm), but I can't find any example on google of allowed SecureDigestAlgorithm - if I try: Any hints/tips would be appreciated. Thanks. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Hi there! The older https://github.com/jwtk/jjwt?tab=readme-ov-file#signaturealgorithm-override With that, your example might look like this: return Jwts.builder()
.claims(claims)
.subject(username)
.issuedAt(issuedAt)
.expiration(expiration.getTime())
.signWith(getPrivateKey(), Jwts.SIG.RS512) // <---
.compact(); I hope that helps! Feel free to ask any follow-up questions :) |
Beta Was this translation helpful? Give feedback.
Hi there!
The older
io.jsonwebtoken.SignatureAlgorithm
enum (which is not extensible and did not allow for custom algorithm implementations) has been deprecated in favor of the newer (pluggable)io.jsonwebtoken.security.SignatureAlgorithm
interface. Default (RFC-standard) implementations for that interface are available via theJwts.SIG
registry class:https://github.com/jwtk/jjwt?tab=readme-ov-file#signaturealgorithm-override
With that, your example might look like this:
I hope that helps! Fee…