Reputation: 394
Sign the token payload using RSA algorithm
NOTE: Self signed certificate is installed on my machine.
I have a JWT token, which I am trying to sign using RSA algorithm, I found a library "JOSE" for achieving the same with the below method.
Jose.JWT.Encode(payload, certificate.GetRSAPrivateKey(), JwsAlgorithm.RS256);
After digging into it's "Encode" method, I found that it is using Hashing SHA-256 algorithm in it.
I am looking for a approach where hashing is excluded & directly signed by using RSA .
Any help will be appreciated !
Upvotes: 0
Views: 454
Answers (1)
Reputation: 93948
The hash is a security requirement for most if not all signature algorithms. So you cannot exclude it.
You can however use RSA using signatures giving (partial) message recovery (as specified in ISO/IEC 9796-2) , which can return (part of) the message that has been signed. They are generally considered deprecated; if you need less signature overhead then you'd use Elliptic Curve cryptography instead.
However, which of these two you choose doesn't matter, as either one would break the JOSE / JS Web Token protocol you're trying to implement.
Upvotes: 1
Related Questions
- How to sign a JWT using RS256 with RSA private key
- c# How to verify signature JWT?
- Encrypt JWT token
- Invalid Signature for token generate in c# with JWT
- How to create JWT signed with RsaSsaPssSha256
- How to sign/encrypt JWT in C# with PEM key?
- C# Cannot sign JWT using certificate
- Validate JWT signature with RS512 using System.IdentityModel.Tokens.Jwt
- C# How to verify signature on JWT token?
- How to create signature for my JWT?