Help get this topic noticed by sharing it on Twitter, Facebook, or email.

Experiencing the Error "BadSignature" during the Conformance Testing for OpenID Certification

Hi Team,

I am working on running the 'Conformance Testing' [1] (for OpenID Certification), against WSO2 Identity Server 5.1.0 (not released yet).

During the test with Basic profile (with code), most of the tests are going in to "Warning" state, due to failure in signature verification. Test ends with the error "BadSignature".

We suspect that the reason for this failure is, the 'jwks_uri' we have provided when configuring the test suite. WSO2 Identity Server 5.1.0 doesn't have a built in 'jwks_uri', which should share the public key information of the keystore.

Due to this reason, we have provided an externally hosted JSON file (which is mentioned below) as the 'jwks_uri', which has the JWK information of the Public Key of Identity Server keystore. (The modulus 'n' value is BASE64 encoded.)

Still we are experiencing the error "BadSignature", and we cannot figure out what we have missed.

It will be great if you can shed some light to overcome this matter.

{
"keys": [
{
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"n": "QUpTbi1oWFc5Wnp6OU9SQktJQzlPaTZ3ek00emhxd0hhS1cydlpBcWpPZUxscFVXN3pYd3lrNHRraXZ3c3lkUE5hV1VtLTlvRGxFQUIybHNRSnY3andXTnNGN1NHeDVSMDNrZW5DLWNmOE5ieGx4d2EtVG5jam82dXJ1RXNLX1ZrZTI0NEtpU0NIUDhCT3VISS1yNUNTMHg5ZWRGTGdlc29ZbFBQRm9KeFRzNQ==",
"e": "AQAB"
}
]
}

[1] https://openid.net/certification/test...

Thanks & Regards,
Pandula
1 person has
this question
+1
Reply