search

dgrijalva / jwt-go

ARCHIVE - Golang implementation of JSON Web Tokens (JWT). This project is now maintained at:
https://github.com/golang-jwt/jwt
MIT License
10.78k stars 996 forks source link

Do you have an example of creating keys in the correct format? #363

Open aboodman opened 5 years ago

aboodman commented 5 years ago

On OSX, I am generating my key file using:

ssh-keygen -t ecdsa -b 256 -m PEM

Then if I test it like this:

$ echo {\"foo\":\"bar\"} | jwt -key test_ecdsa -alg ES256 -sign - | jwt -key test_ecdsa.pub -verify -
Error: Couldn't parse token: key is of invalid type

Looking at the code, I believe this is because jwt-go is relying on pem.Decode, which is expecting header lines, and ssh-keygen -m PEM only includes those for the private key. However (a) I haven't had trouble manually adding these lines, and (b) I want something easy to tell my own users about how to generate these keys.

Do you have an example of how to property create the key pairs, for EC256?

t2wu commented 4 years ago

Any update on this?

t2wu commented 4 years ago

I end up using the following two commands:

openssl genrsa -des3 -out private.pem 4096
openssl rsa -in private.pem -outform PEM -pubout -out public.pem

This is according to this.

However his third command is not needed here.

Use jwt.ParseRSAPrivateKeyFromPEMWithPassword() and jwt.ParseRSAPublicKeyFromPEM()

Napas commented 4 years ago

I end up using the following two commands:

openssl genrsa -des3 -out private.pem 4096
openssl rsa -in private.pem -outform PEM -pubout -out public.pem

This is according to this.

However his third command is not needed here.

Use jwt.ParseRSAPrivateKeyFromPEMWithPassword() and jwt.ParseRSAPublicKeyFromPEM()

IMHO that should be in the documentation