The signing key‘s size is 136 bits which is not secure enough for the HS256 algorithm. The JWT JWA S

今天在用JWT的时候发现报了这个错误

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Sun Feb 07 15:30:44 CST 2021

There was an unexpected error (type=Internal Server Error, status=500).

The signing key's size is 136 bits which is not secure enough for the HS256 algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HS256 MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). Consider using the io.jsonwebtoken.security.Keys class's 'secretKeyFor(SignatureAlgorithm.HS256)' method to create a key guaranteed to be secure enough for HS256. See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.

 

查了一些资料,发现是因为使用HS256算法需要的秘钥长度为2048

解决方案:

把自己的秘钥加长为2048个字符就好了

你可能感兴趣的:(java,jwt,java,spring,boot)