6

For the purpose of generating the signed JWT for apple sign in. Apple has provided the private key in pem format. The only examples on the internet are the same ruby example (for example one here https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple). The only nimbus-jose example that comes close is https://connect2id.com/products/nimbus-jose-jwt/examples/jws-with-ec-signature which assumes i want to generate the keypair.

I dont see any obvious way to do this. What am i missing?

Kevin
  • 24,871
  • 19
  • 102
  • 158
  • 1
    I have exactly the same issue. I would like to use PEMEncodedKeyParser to parse only the private from PEM encoded object. I also need that to create a JWT token to invoke Apple services. – Abbadon Mar 02 '22 at 07:30

1 Answers1

5

I'll answer my own question on this one.

First, generate the public key from the private key:

openssl ec -in private.pem -pubout -out public.pem
cat public.pem private.pem > keypair.pem

Then use the helper method on ECKey to directly convert the pem keypair into ECKey:

val pemContents: String = ...read file...
val jwk: JWK = ECKey.parseFromPEMEncodedObjects(pemContents)
val signer: ECDSASigner = ECDSASigner(jwk as ECKey)
Kevin
  • 24,871
  • 19
  • 102
  • 158