Improve "header" docs

[palmerabollo]

In the readme, it is not clear what you should put in the header variable.

[nagarjun]

@palmerabollo Did you figure out what the kid is? I couldn't find any information about it.

[ealogar]

The kid is the identifier of the public key used to verify the token. It's used to renew certificates.

[nagarjun]

@ealogar Can you please provide us with a simple code sample? I'm currently sending { kid: 'myHexString' } for the header but it throws an "Invalid hex string" error. Thank you.

[nagarjun]

@ealogar Looks like my issue isn't with the kid but rather the hash and encryption keys. Even if I send a 16 byte hexadecimal key like e9acfd74dd4abfc61cd9ec1a505433c9, I get the error: ENCRYPTION_ERROR: Encryption error: Invalid key length. I couldn't find any information about this either. Appreciate your help. Thanks.

[palmerabollo]

@nagarjun depending on the algorithm you use to encrypt/decrypt, you key must be 16 or 32 chars length. See for example

node-jwt-utils/test/unit/jwt-utils-test.js

Line 624 in cac36cc

it('should encrypt and decrypt with A256CBC-HS512', function() {

for A256CBC-HS512. What algorithm are you using?

[ealogar]

Ensure the key for encryption is 16 or 32 length and contains hexadecimal values only.