Comments (11)
vzsg
commented on May 20, 2024
2
In the playground example, the HS256 algorithm was used where pretty much any byte array can be used as the secret.
In RSA however, you need to provide the key data correctly. In this case, since the key is not automatically Base64-decoded, you should use key.bytes.base64Decoded instead of key.bytes
from jwt.
gaughyean
commented on May 20, 2024
1
It seems jwt doesn't support .p8 file..
I used python to get the token instead...
At 2017-07-18 19:17:47, "Adam" <[email protected]> wrote:
@gaughyean Any progress? I have the same issue
β
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
from jwt.
sidmani
commented on May 20, 2024
Yep, that fixed it. Thanks.
from jwt.
gaughyean
commented on May 20, 2024
In my case (ES256),
let url = URL.init(fileURLWithPath: "/Users/aamac/Desktop/HelloWorld/AuthKey_demoKey.p8")
let data = try Data.init(contentsOf: url)
I try let signer = ES256.init(key: data.makeBytes().base64Decoded) and let signer = ES256.init(key: data.makeBytes()) , but it didn't work. The token I create still don't work.. I got a http status code 500 from the response...
What's wrong with my codes? I can get the right token using a Python library, and get a http status code 200... @vzsg @sidmani @natebird Thank you !
from jwt.
siemensikkema
commented on May 20, 2024
I think the problem is that the p8 file format is not directly supported (yet). However, you are able to create a token, right? That surprises me a bit.
I discovered that the documentation for JWT is not working. It was removed from the README here: 3932ea4#diff-04c6e90faac2675aa89e2176d2eec7d8
There is a section on creating ESCDSA keys there.
You should be able to convert your p8 to something the library understands using `openssl` but I donβt know the exact commands to use by heart.
@Tanner did something go wrong with the documentation migration or should the new documentation be written from scratch?
β¦ On 13 Jun 2017, at 03:19, gaughyean ***@***.***> wrote:
In my case (ES256),
let url = URL.init(fileURLWithPath: "/Users/aamac/Desktop/HelloWorld/AuthKey_demoKey.p8")
let data = try Data.init(contentsOf: url)
I try let signer = ES256.init(key: data.makeBytes().base64Decoded) and let signer = ES256.init(key: data.makeBytes()) , but it didn't work. The token I create still don't work.. I got a http status code 500 from the response...
What's wrong with my codes? I can get the right token using a Python library, and get a http status code 200... @vzsg @sidmani @natebird Thank you !
β
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
from jwt.
gaughyean
commented on May 20, 2024
@siemensikkema I try to do this in the terminal:
AAMacdeMac-mini:Desktop aamac$ openssl ecparam -name prime256v1 -genkey | openssl ec -in /Users/aamac/Desktop/HelloWorld/demoKey.p8 -noout -text
read EC key
Private-Key: (256 bit)
priv:
53:6d:3c:28:28:3f:76:8a:a2:4b:3b:15:17:9b:24:
9d:5b:58:4a:0b:7c:ff:7a:22:60:66:ef:af:22:11:
af:34
pub:
04:1f:ae:f0:d6:8b:31:27:58:0c:c1:d8:7c:76:af:
f3:72:bc:80:4e:e8:a1:81:0c:be:f0:91:9a:0a:9f:
3e:12:9b:8f:b5:3f:57:61:0f:d7:d5:12:16:ec:76:
8a:bd:44:a1:1f:f1:db:f3:4c:e6:4c:68:2f:e2:2e:
a6:45:29:23:7a
ASN1 OID: prime256v1
NIST CURVE: P-256
After that I copied the hex data(priv) and use the tools(http://tomeko.net/online_tools/hex_to_base64.php) to convert the key to base64 (U208KCg/doqiSzsVF5sknVtYSgt8/3oiYGbvryIRrzQ=), then I used the converted base64 string as a key to do this:let keyData = Data.init(base64Encoded:"U208KCg/doqiSzsVF5sknVtYSgt8/3oiYGbvryIRrzQ=")! let signer = ES256.init(key: keyData.makeBytes()) and then creatToken.
I really don't know too much about signature and encryption...
Thanks for your help! @siemensikkema
The token was created, but the request was still not successful..
from jwt.
siemensikkema
commented on May 20, 2024
Hmm, there must be some other difference then. Are the headers and payload exactly the same as the token you're creating with the Python library?
This goes beyond the scope of this issue. Why don't you join us on Slack and ask in #help.
from jwt.
gaughyean
commented on May 20, 2024
thanks~
from jwt.
rurza
commented on May 20, 2024
@gaughyean Any progress? I have the same issue
from jwt.
OleksiiKolosovskyi
commented on May 20, 2024
Is there any progress for support p8 + ES256?
I need this for Apple Music API.
Requirements from Apple docs "...encrypt the token using the Elliptic Curve Digital Signature Algorithm (ECDSA) with the P-256 curve and the SHA-256 hash algorithm..."
from jwt.
vzsg
commented on May 20, 2024
I'm not aware of anyone succeeding with calling the Apple Music API with Vapor's JWT library π
from jwt.
Related Issues (20)
- ES256 implementation is incorrect HOT 1
- Sporadic failure of ES256 HOT 2
- Error when creating a public signer for certificates HOT 5
- Allow JWT to be extended by user HOT 3
- Documentation request. HOT 2
- Allow configuration of URIs in JWT helpers HOT 6
- Multiple JWT signers not working as expected HOT 1
- Could not create public key from x509Cert HOT 22
- This framework doesn't consider someone may use it in macOS? HOT 8
- Support for Swift 2.1 HOT 1
- Carthage support HOT 2
- Is this library can be installed using pods? HOT 4
- Missing RSA Encryption Algorithms HOT 3
- JWK Verification HOT 2
- integrate JWTKit with Vapor HOT 9
- Broken link to documentation HOT 1
- Library not working with Swift 3 HOT 1
- Missing ECDSASigner to support ES256 β¦ HOT 4
- '&' used with non-inout argument of type 'JWT<_>' HOT 1
- [Question] - Encode with RS256 using string data of a private key HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt.