Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wich public key format to use with EC alg (ES256) ? #14

Open
kgeorgy opened this issue Apr 12, 2022 · 0 comments
Open

Wich public key format to use with EC alg (ES256) ? #14

kgeorgy opened this issue Apr 12, 2022 · 0 comments

Comments

@kgeorgy
Copy link

kgeorgy commented Apr 12, 2022

For RSA plublic key, I found that you should use a base 64 encoded DER using PKCS1.

In python, this is given by:

base64.b64encode(public_jwk.prepared_key.public_bytes(
    encoding=serialization.Encoding.DER,
    format=serialization.PublicFormat.PKCS1
))

Now I'm trying to switch to EC based keys, I first tried to use a JWKS file (see #13 ), bit it seems unsupported for now. Now I'm trying to use the auth_opt_jwt_sec_base64 option, but I'm not sure how to format the key, because PKCS1 is RSA only.

I tried this:

base64.b64encode(public_jwk.prepared_key.public_bytes(
    encoding=serialization.Encoding.DER,
    format=serialization.PublicFormat.SubjectPublicKeyInfo
))

But with that I always get ValidationError(InvalidSignature). I'm sure that the token I use are properly signed because I can validate them using the https://jwt.io/ provided tool.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kgeorgy