2

I am trying move my JWT Auth from secret phrase to RS256

here is example code:

import fs from 'fs'
import jwt from 'jsonwebtoken'

const private_key = fs.readFileSync('private.key')
const public_key = fs.readFileSync('public.pem')

const token = jwt.sign({
    some: 'payload'
}, private_key, { algorithm: 'RS256' })

const verified = jwt.verify(token, public_key)

Here is format of my public key:

-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAyLVWMJHRJ0VRPiyhjvPJTwpgNkMd4jjvUxEfy54COanbrL+GeOVd
NB2YooopYzgJJZyVhHSD+GwyH7WTvsItwNkfMiZKmjUIEA9dIfcbmHNXtfXraiSh
aTSO7NIREGzGQjBfzRGNeWpR83P+ffE5H0gfi9FFJlvV8QSLSSXJNMXVFAga//fb
uT/CYLg29bzEBtNSdgTHNrbwSvYzGFDOHNChDelX6fp34JMhtb6UNh6cIqhURclK
reQHz2oDcBaXnCAHjvC8p/IoG8xV2Ws5gK6bVW7h0EP5XoaUVHVpjPv5TDFz+veR
/lkKdowQU74E5oyei1WzDXSTusCR9gKIcQIDAQAB
-----END RSA PUBLIC KEY-----

And I am getting following error: 

JsonWebTokenError: invalid algorithm

When I try to verify on jwt.io token is successfully signed.

Akber Iqbal
  • 14,487
  • 12
  • 48
  • 70
iamwtk
  • 1,031
  • 3
  • 13
  • 24

1 Answers1

1

Try this:

var fs = require('fs')
var jwt = require('jsonwebtoken')

const private_key = fs.readFileSync('private.key', 'utf8')
const public_key = fs.readFileSync('public.pem', 'utf8')


const token = jwt.sign({
    some: 'payload'
}, private_key, { algorithm: 'RS256' })

const verified = jwt.verify(token, public_key, { algorithms: 'RS256'})

private key:(private.key)

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDCDzF83j+imr1t2fNtfT4Fusm3LJAzFK49xK3bepARl2gcKKNm
YJI6svZ8mznkoDp1uCuwyBKVIkRfrGAd1FuuVrzMi0kairWGz71FHbcubKy/6AOG
caONmk0K1DjS4dIzJLmIeUpv2jrtIctGDt2tXg4OQi1aM59yS4efZlbNxQIDAQAB
AoGARlZPb5z2n69KfaiDzOmaM2Vye4wRcBJM3WKOSYDw+w9P0vT/1LmoBtKa+Ksi
nrVcuxJX86lw4tEayzqlU+qGl9Z5uOI+vMjh6e4hpEQN2KVrVnpEUrzVX8yZN22A
KWWZsWucU7djb8wLpezYNYd5bItUuOXFRnmrjuPQhqLXbPkCQQDmiR+zwmcOTir0
9auT88fTeLpr7XT+YyrBOHjgwUTd8HO3C2FuL/dDv3pP9LrsUgynMTMef3nF2qh0
40bep4qPAkEA136gUbisosNHa7GRKCSPUobmEBc4pRr2CtaUbAvGFJMbV+RCzu7a
n0hHbPZwlWBTN/WIfrj5dvNRa+lbk3PcawJAem2P/HLdL+erQHPHLsdj85ZFylNM
slwPtJU8/H8nB4ZOrYLJty6Z7cyeNCAPtLjOJ2wlbajdDonUtF6OoGfxWQJBALGp
TOVzGqkp1CUehO0SjzLb0qrraiD8xGKVHFKjtk/aJE3m+4l9dLKjNXfJCXKtso5N
GJZZTBpcagFMp9o+SDcCQQCKwJ9tVu/4X5SFgbVSr06u1tPkCccYFAiqbpEH4fPx
zt18ubZgiViKiYKT6gHZPKI8bhkmvG/Fg/zJ9FBYjl+9
-----END RSA PRIVATE KEY-----

public key:(public.pem)

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCDzF83j+imr1t2fNtfT4Fusm3
LJAzFK49xK3bepARl2gcKKNmYJI6svZ8mznkoDp1uCuwyBKVIkRfrGAd1FuuVrzM
i0kairWGz71FHbcubKy/6AOGcaONmk0K1DjS4dIzJLmIeUpv2jrtIctGDt2tXg4O
Qi1aM59yS4efZlbNxQIDAQAB
-----END PUBLIC KEY-----
Sagar Rana Magar
  • 550
  • 1
  • 3
  • 18
  • Thank you for taking time to respond, I am getting following error `Error: Something went wrong: PEM_read_bio_PUBKEY failed` – iamwtk Nov 02 '18 at 18:52
  • but when I take it as is and create it in project, it works. Will dig deeper and let you know. – iamwtk Nov 02 '18 at 18:59
  • With your keys it works, with mine it gives this error, so perhaps there is problem with my way of generating them, they look the same, just longer. Can you give me advice how you generated your keys above? – iamwtk Nov 02 '18 at 19:04
  • 1
    Problem was in the keys which I generated ssh-keygen, when i generated keys with openssl it works. – iamwtk Nov 02 '18 at 19:23
  • may be your key have some issue. – Sagar Rana Magar Nov 02 '18 at 23:37
  • Is it necessary to store the public key with .pem extension and the private key with .key? – Zullu Oct 27 '19 at 10:32