Error "Failed to decode JWT: Unsupported algorithm or incorrect key" when I'm trying to decode my token

[aluco100]

I have the following code:

if let user = response.result.value{
                    do {
                        let claims: ClaimSet = try JWT.decode(user.access_token, algorithm: .hs256(self.jwtSecret.data(using: .utf8)!))
                        user.id = claims["sub"] as! Int
                        user.iss = claims["iss"] as! String
                        print(claims)
                     } catch {
                        print("Failed to decode JWT: \(error)")
                        reject(error)
                    }
}

But I have that error. Now when I'm validating on jwt.io I had a valid decodification. There's a picture of that validation:

So i dont understand what am I doing wrong. Any suggestion?

Best Regards

[kylef]

This library only supports the HS* algorithms listed at https://github.com/kylef/JSONWebToken.swift#algorithms. You are using the RS256 algorithm which is not supported by this library.

[aluco100]

Well, What can I do ?

[loukrieg]

Hi Kyle,

There is a pending pull request from Anders Melen for adding RS256 and RS512 support… could you please take a look at that, as it would help us too!

Thanks, —Lou

---

Lou Krieg, President Green Mountain Software 802.865.2728 (office) 802.355.8355 (cell) www.GreenMountainSoftware.comhttp://www.greenmountainsoftware.com [https://greenmountainsoftware.com/wp-content/uploads/2017/09/GMS-LOGO-COLOR.png] http://www.greenmountainsoftware.com

On Oct 5, 2017, at 12:14 PM, Kyle Fuller notifications@github.com<mailto:notifications@github.com> wrote:

This library only supports the HS* algorithms listed at https://github.com/kylef/JSONWebToken.swift#algorithms. You are using the RS256 algorithm which is not supported by this library.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/kylef/JSONWebToken.swift/issues/90#issuecomment-334515428, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AD7cZf1bZNrAUaWBys5bzZgm2_JqvqCGks5spQBjgaJpZM4PvUsj.

[georgeathanasopoulositt]

We do need that RS512 pull request to be handled...

[caffieneToCode]

Hi @kylef This error is quite recurring even with HS256 algorithm, while debugging the library, I found that the algorithm passed to decode is being filtered out from the below method.

func verifySignature(_ algorithms: [Algorithm], header: JOSEHeader, signingInput: String, signature: Data) throws {
  guard let alg = header.algorithm else {
    throw InvalidToken.decodeError("Missing Algorithm")
  }

  let verifiedAlgorithms = algorithms
    .filter { algorithm in algorithm.description == alg }
    .filter { algorithm in algorithm.verify(signingInput, signature: signature) }

  if verifiedAlgorithms.isEmpty {
    throw InvalidToken.invalidAlgorithm
  }
}

/// Verify a signature for a message using the algorithm

  func verify(_ message: String, signature: Data) -> Bool {
    return sign(message) == base64encode(signature)        // Because this returns false
  }

Any Idea what went wrong here? Because this works with other libraries..