Jwt.io debugger and ESxxx validation

fxmathieu · April 24, 2020, 4:02pm

Hi,

Just a question about validation of signature token using ESS algorithm.

Is it normal to reject a signature made with a certificate of a different ECDSA while standard Java signature verification allow it ?

In other words jwt.io debugger says:
ESS256 is ok with certificat ECDSA-256 but ko with ECDSA-384 or ECDSA-512
ESS384 is ok with certificat ECDSA-384 but ko with ECDSA-256 or ECDSA-512
ESS512 is ok with certificat ECDSA-512 but ko with ECDSA-256 or ECDSA-384

Thanks for your explanation
François

Topic		Replies	Views
Is the debugger on jwt.io able to validate EdDSA signatures? JWT.io jwtio	3	2513	November 4, 2022
Signature verification for Elliptic Curve JWT.io	1	3856	April 24, 2020
JWT.io Debugger does validate at all. Considers ANY secret as valid. How is this possible? JWT.io jwt-debugger	3	1729	September 25, 2023
How to verify signature in the debugger for RS256? JWT.io jwt-debugger , jwtio	2	5075	August 27, 2019
Jwt.io debuger debugger error when "crit"field is added in header Help jwtio	4	4107	August 11, 2020

Jwt.io debugger and ESxxx validation

Related topics