Help using RSA public/private keypairs to sign

[DEGoodmanWilson]

I've created an RSA keypair in PEM format to use with signing/verifying JWTs. However, OpenSSL doesn't like them—I get a failure at https://github.com/arun11299/cpp-jwt/blob/3ae6dfa2c51f63313d72b3cda794dc6ed3e628de/include/jwt/impl/algorithm.ipp#L207 PEM_read_bio_PrivateKey() is returning NULL

Code:

        jwt::jwt_object obj{jwt::params::algorithm(jwt::algorithm::RS256), jwt::params::secret(priv_key)};
        obj.add_claim(…);
        auto enc_str = obj.signature();
        return enc_str;

The obj.signature() is, of course, the call that is failing, throwing a AlgorithmErrc::SigningErr exception.

The test private key I'm using looks like:

-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAy+djH+H7xTAgLhUnSqEWCkUNsnoXZYRWK1+MvF+eIn2eOkTP
…blahblahblah…
xvvr8ZSd1u1rjxlNvHi6Cx8v76D81dIYiK7hxa0TSAvIEgnNkjaVKFc=
-----END RSA PRIVATE KEY-----

Which is the format OpenSSL is expecting right? There is no passphrase on this key.

[arun11299]

@DEGoodmanWilson I have added a new example under examples which shows how to create and use RSA key. Example name is simple_ex3_rsa.cc

Also make sure you are using the right openssl version. I was able to work with the created RSA key pair.

[DEGoodmanWilson]

For reference, I'm using OpenSSL 1.0.2n at the moment. I'll look at your new example, and see if downgrading OpenSSL helps after that. 🙇‍♂️

[DEGoodmanWilson]

PEBKAC: I was losing the newlines in my PEM-encoded keys, and that's what OpenSSL was throwing up on.