fix(test): use 2048 bits in RSA key when encoding with JWT

nicolastemciuc · nicolastemciuc · commit 43d0f24c278f · 2025-09-22T15:57:43.000-03:00
- JWT 3 requires the RSA key to be 2048 bits, see: jwt/ruby-jwt#661
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -114,9 +114,8 @@ def finder_for(certificate_file, return_empty: false)
   RootCertificateFinder.new(certificate_file, return_empty)
 end
 
-def create_rsa_key
-  key_bits = 1024 # NOTE: Use 2048 or more in real life! We use 1024 here just for making the test fast.
-
+# NOTE: Use 2048 or more in real life! We use 1024 here just for making the test fast.
+def create_rsa_key(key_bits = 1024)
   OpenSSL::PKey::RSA.new(key_bits)
 end
 
diff --git a/spec/webauthn/attestation_statement/android_safetynet_spec.rb b/spec/webauthn/attestation_statement/android_safetynet_spec.rb
@@ -30,7 +30,7 @@
         OpenSSL::Digest::SHA256.digest(authenticator_data_bytes + client_data_hash)
       )
     end
-    let(:attestation_key) { create_rsa_key }
+    let(:attestation_key) { create_rsa_key(key_bits = 2048) }
 
     let(:leaf_certificate) do
       issue_certificate(root_certificate, root_key, attestation_key, name: "CN=attest.android.com")

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@`
`30`	`30`	`OpenSSL::Digest::SHA256.digest(authenticator_data_bytes + client_data_hash)`
`31`	`31`	`)`
`32`	`32`	`end`
`33`		`- let(:attestation_key) { create_rsa_key }`
	`33`	`+ let(:attestation_key) { create_rsa_key(key_bits = 2048) }`
`34`	`34`
`35`	`35`	`let(:leaf_certificate) do`
`36`	`36`	`issue_certificate(root_certificate, root_key, attestation_key, name: "CN=attest.android.com")`