Home > front end >  What are the ideal characteristics of the secret key in HS512 JWT algorithm?
What are the ideal characteristics of the secret key in HS512 JWT algorithm?

Time:02-16

I am generating JWT with the HS512 algorithm.

A secret key is used to sign the header and content. Presently I am using the key as follows: q1w2e3r4t5y6u7i8o9p0

What are the ideal characteristics of the secret key in HS512 JWT algorithm?

For example: Length must be n characters; include upper case, lower case, symbols....?

CodePudding user response:

Ideally your HS512 secret is 512 random bits (64 random bytes). You encode this secret as base64, base64url, or hex for "storage" and then decode it before it's used as a secret.

HS512 is HMAC with SHA-512, secret with less than 64 bytes gets padded to 64 bytes, secrets larger than 64 bytes add no additional security.

You can generate these with openssl, e.g.

openssl rand -hex 64

This will produce e.g.

2dae84f846e4f4b158a8d26681707f4338495bc7ab68151d7f7679cc5e56202dd3da0d356da007a7c28cb0b780418f4f3246769972d6feaa8f610c7d1e7ecf6a

Which you then hex decode to be used as the symmetric secret.

Same goes for HS256 (256 bits, 32 bytes), HS384 (384 bits, 48 bytes).

Page link:https//www.codepudding.com/frontend/302688.html

Prev:AudioSource continues playing old clip after new clip assigned
Next:Laravel Validator Not Returning Key
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding