json_web_token_ex icon indicating copy to clipboard operation
json_web_token_ex copied to clipboard
verified publisher icon garyf

How to pass in proper RSA key?

Open munjalpatel opened this issue 7 years ago • 2 comments

Hello,

I am trying to verify a JWT token using RS256 and an RSA public key. However, I keep getting "ArgumentError"

What is the correct way to pass in RSA key?

This is what I am doing:

[{_, key, _}] = "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----\n"
|> :public_key.pem_decode

token = "__header__.__payload__.__sig__"
JsonWebToken.verify(token, %{alg: "RS256", key: key})

This is the error I get:

** (ArgumentError) argument error (crypto) :crypto.pkey_verify_nif(:rsa, :sha256, "header.payload.sig", <<7, 49, 241, 224, ..., 85, 4, 3, 19, ...>>, []) (crypto) crypto.erl:420: :crypto.verify/6 (json_web_token) lib/json_web_token/jws.ex:103: JsonWebToken.Jws.verified/3 (json_web_token) lib/json_web_token/jwt.ex:89: JsonWebToken.Jwt.verify/2

munjalpatel avatar May 01 '18 16:05 munjalpatel

Also having this issue, got any solution?

ghost avatar May 11 '21 17:05 ghost

This is how I'm doing it

defmodule .. do

@public_key JsonWebToken.Algorithm.RsaUtil.public_key(Application.get_env(:my_app, :pub_pem))


  def decode(jwt) do
    options = %{alg: "RS256", iss: _redacted, key: @public_key}

    JsonWebToken.verify(jwt, options)
    |> mockable(JwtClaims).verify(options)
  end
end

barberj avatar Apr 28 '22 21:04 barberj