Support for JWT verification without x5c. #271
Comments
bburli
changed the title
|
Currently you need to calculate the public key from the modulus and exponent and use that. #160 (comment) Should give you a good start. Of course if you be interested in adding a function to the library with an example I would be very willing to help get the PR in merged. It's a common feature request and would be a great contribution 👍 |
|
@prince-chrismc Thank you. I would be very willing. I will get back to you. |
|
I ended up implementing JWK JSON to PEM conversion for RSA and EC keys in this function in YugabyteDB. Hopefully it is useful. |
|
Thanks ! There's some interesting bits |
|
@prince-chrismc Oh my! I totally missed that I had wanted to do this! My apologies. Is it done or can I take it up? I do intend to do this and there is enough to go on thanks to you and @dr0pdb. |
|
NM, I saw the linked PR just now :( |
|
The current PR is failing so you are more then welcome to open a a new one! |
|
@prince-chrismc Sure, will give it a shot. Thanks. |
I have a use case where jwk doesn't have x5c but only
eandnfor RSA256. I noticed that it's not possible to only passeandnto the library and get the jwt verified.eandnand then user it for verification or am I missing something?error:04067072: rsa routines:r sa_ossl_public_decrypt: padding check failed. I am far from an OpenSSL expert but I tried using all padding methods and none works. How do I know the padding method used in signature?Thanks in advance.
The text was updated successfully, but these errors were encountered: