Abusing JWT public keys without the public key
This blog post is dedicated to those to brave souls that dare to roll their own crypto The RSA Textbook of Horrors This story begins with an old project of ours, where we were tasked to verify (among other things) how a business application handles digital signatures of transactions, to...
2021-02-08 — 6 minute read