parsing RSA keys is wrong

[its-dibo]

when passing an RSA key to jwt.verify(token, secretOrPublicKey, {algoriths: ['RS256'] }), it is being parsed wrongly.

when passing a public key it is parsed as { type: "secret" }, and when passing a private key it is parsed as { type: "public" }

[pixtron]

This library internaly uses node's crypto.createPublicKey(). When you pass your privateKey createPublicKey derives the public key from the privateKey. Therefore {type: 'public'} is correct.

For the other case where you get {type: 'secret'}, i assume you stored your public key in PEM Format and either are missing -----BEGIN PUBLIC KEY----- / -----END PUBLIC KEY----- or there are whitespaces/indentations.

You can always re export the public key from your private key. You can store and pass the key in jwk or pem format.

const { createPublicKey } = require('node:crypto');

const publicKey = createPublicKey(privateKey);

const publicJwk = publicKey.export({type: 'spki', format: 'jwk'});
const publicPem = publicKey.export({type: 'spki', format: 'pem'});

console.log(publicJwk);
console.log(publicPem);

[zailaib]

// node 18

const crypto = require('crypto');
const jwt = require('jsonwebtoken');
const pem2jwk = require('pem-jwk').pem2jwk

const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
    modulusLength: 2048,
    privateKeyEncoding: {
        type: 'pkcs8',
        format: 'pem'
    },
    publicKeyEncoding: {
        type: 'spki',
        format: 'pem'
    },
});

const aTmpJwk = pem2jwk(publicKey);

module.exports = aTmpJwk;

const payload = { sub: 'user123', role: 'admin' };
const token = jwt.sign(payload, privateKey, { algorithm: 'RS256' });

console.log("token=", token);

jwt.verify(token, publicKey, function (err, user) {
    console.log("=====")
    console.log(err)
    console.log(user) // user info from the token
    console.log("=====")
});