jsrsasign: Can't verify JWT with PEM RSA public key

Question

I'm using jsrsasign to verify JWTs in my browser application; the JWT is signed with an asymmetric RSA key on the server (using a different library).

I'm trying to do the following:

jsrsasign.default.jws.JWS.verifyJWT('ey.......' /* my jwt */, '-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAwEYqf3HAL+h0CbcM6cnVfT6hDw0nNPkLYKld54qRYhJa+txnI8so
bIhP4/1l3TnNZldFFOatRlZAxuNG8Dk4L/QQmDeIsOkYQ5oiytSCbUrJv44aOPjL
G72XhVOaOLMT2vp/guOVAjTYOyF83asoOpPVtFeiBHhKudMrpPzeq3qwGMxfVVPy
NlztFjnTlkAKMtkbkwcpzdTn4y/pDo47+LgkDckReoqTIK4Z1bp86Oa6eBOa7/6w
hIXG3aCQiMQfJUBEBRA7mmV4g+jNWMhCBMEsOZj+KUErfilPv1FL4zP3E8kNCu+B
GYCSuj0doIxreVHDifXd+5Lmhr6NDkhG5QIDAQAB
-----END RSA PUBLIC KEY-----', { alg: 'RS256'});

I'm getting an error that's completely unhelpful - it says "not supported argument". Has anyone run into this? What did you do to solve the issue?

score 0 · Accepted Answer · edited May 23 '17 at 11:45

This was resolved here: https://github.com/kjur/jsrsasign/issues/105

The library only supports public keys in the PKCS#8 format, not PCKS1. There is an excellent explanation of the different formats (and conversion between them) here: How can I transform between the two styles of public key format, one "BEGIN RSA PUBLIC KEY", the other is "BEGIN PUBLIC KEY"

jsrsasign: Can't verify JWT with PEM RSA public key

1 Answers1