-
Notifications
You must be signed in to change notification settings - Fork 373
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HS512256 OpenSSL Exception: First num too large #322
Comments
I think the issue is that to be able to use the SHA-512-256 algorithm you need to have the rbnacl gem and libsodium installed. This is probably stated somewhere in the docs, but the code is not that good in showing what algorithms are supported natively and what require some extra things. |
Aah, yea, that's the problem. With rbnacl installed it works, and I see this is documented in the readme. Some sort of gate would be nice, like making that algo unavailable without rbnacl installed, but I'm sure the value of that feature will be outweighed by the weight of the implementation. This can be closed as user error, thanks! |
It should be |
This is great. We could drop the rbnacl dependency for the hmac with sha512256 algo. I wonder if this algorithm was added to the openssl parts somewhere along the way. |
Seems to be working on Ruby 2.5 and openssl gem 2.1.2
On Ruby 2.3 it does not work:
|
I looked into this a bit more. Turns out that the HS512256 using The JWA RFC does not even include anything called I think we should just drop the support of this |
When trying to use the HS512256 algorithm I'm seeing
Unsupported digest algorithm (sha512256).: first num too large
. I've narrowed this down to theOpenSSL::Digest.new("sha512256")
call in https://github.com/jwt/ruby-jwt/blob/master/lib/jwt/algos/hmac.rb#L14The ruby:2.6 container has the latest released OpenSSL gem per https://github.com/ruby/openssl/releases
I also don't see this algorithm in https://ruby-doc.org/stdlib-2.6/libdoc/openssl/rdoc/OpenSSL/Digest.html. Is SHA512256 correct?
The text was updated successfully, but these errors were encountered: