lolgear
commented
3 years ago @oyljerry oh no! You have external parameters in private key and parser doesn't parse this well... We need an update for a parser.
Open oyljerry opened 3 years ago
lolgear
commented
3 years ago @oyljerry oh no! You have external parameters in private key and parser doesn't parse this well... We need an update for a parser.
oyljerry
commented
3 years ago @oyljerry oh no! You have external parameters in private key and parser doesn't parse this well... We need an update for a parser.
@lolgear Thanks for your response. What do you mean "external parameters", you mean private key's password? If so, I used .privateKeyCertificatePassphrase(passPhrase) to pass "123456" which is not valid?
lolgear
commented
3 years ago @oyljerry Sorry, my bad. I mean "extra" parameters. You have correct key, but also key section contains
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,98F34D835B49818EA9C013E1F8A5D87DI assume that if you remove these parameters, JWT will work well. Could you check it?
oyljerry
commented
3 years ago @lolgear I have tried as your suggestion. It seems not work.
I generate private key with password 123456, Then, I remove encrypt section Proc-Type: 4,ENCRYPTED..., which will be looks like below. Then I use JWTAlgorithmRSFamilyDataHolder to encode it. however, it still failed as Code=-50 "RSA private key creation from data failed".
When I go back to readme for RS256 usage (https://github.com/yourkarma/JWT#rs256-usage), I think here privateKeyCertificatePassphrase is the passphrase of p12 file, however, in my testing, The password 123456 is the passphrase when generate private key. I think it can NOT work.
Once more, I think remove Proc-Type:... can NOT work, because, there is encryption information (DEK-Info: AES-256-CBC) in it, If remove it, parser should not know how to decrypt it.
DiAY3RWupDP0opkw6HRpr+B1oyXuJfmE7nfKDFBPBFVSApPQDCQLs7+ZyjtnjRgx
mFQYAnjvUuxfHhEplPAqfBE/FXCFyemnhe0uNSnQ0F3l6bRTZwzhKpg3XrnPs8be
Iw/p6AfHIPKsv+adA5kv2N+D7WK6Ls17a9skiQ8qx+CA4RsfmTQogmda/RrBMyR7
ZDmwx/s3Orcab02ug69SWRkhdjExqA+d7vi52qiigvm1VwPmdHXjttMnTRQ7FvwM
VzjkKhOQ9kUfn4A7tlvirGoKSqR0W3y8s7GR8BCCzHQ4J0v83hBWfkquPKG8Posa
OYABzsjwbr2Fs9cFOc1hph0qHdRAj1hV2pdqUPhHD4NUUliCTFbLRJQBZ58/+qEG
lhnapls0VyQggEE6E+74KeoEQKaDu3vFnRQQX2F+tSND8d+/zMRf3dS/Rmn0Ojet
+q/rURyqFgBtWN1+mQnD5vjPIVZR82xizSrqF4xoF5TP3veiGR3dugeY0ymumlF8
XDcpKrCYcYthlnjLCguaYYda3Ep4uRkjaJhcwKXxbCxd7Ux58a1nPcK+35Qz4hdM
XOqRW+FTDYZCh43dSQFVHaO1y3psU66yNfpiFL42Yel80XTwWqqsACUA6nesQflo
eK2zI/umZ99c0UYLiw64CJrGHwf+9y5iVCRgzV841vp/GaOq4RL4bon7VxyGvm4e
wVJkLgukf7rToWbLzfMrR6lqLNd4EOlDORXXF7O+L3lEBYymuBwHzXqgjZpPpH2S
brUaYuVyOdWGr1D4PbXaJP1KVezQOynJln7TVOu+j7Z6uniVo9O7R/BC3iDppduU
A3UyL54M1mwysRiqZvLHf/rooVm+MQnDz9iklbm/I/TgnzPXg6nTq8C9zAXlMIcO
0kCY1q/9hV9naJLbK++PQyFGAZvnasBm1LhPvteoJ7+dyFTvT0WOCu2JzN6DB5CP
p9u6ZRZ2kYVPmW4ZrDpU0KIqp6+/i7lCMAumijvubcgxDS11+WlF53TW5tszze0s
Pp82Z0H5UOeq1gHTKCcnYfBFlt0WWGaNAmrBKg4tQ2AKDAhH/V3hnXbDb70YUQHX
sPTqoh6E2FlCietetnH65ZgoFIm/jYeQ+fdLG2g487p6qdpBrmQWuUkbEAsj/wVt
g/VmszlOH9C7+OJ9F7mv6CySZumyHC7puKG0L8hNptrHcFhIu7fLuepcyTMq4l3m
WpOsjXzARLRVy4VulzzK1hBdqeU2d2HgiFvoJjvCJS4j84W5Q7nAYdo533LcW0Eg
RxV9yckH3rf51iPz6ZfCbMzARbrvIsC1BuY1ibNtK+UFuikOsmpRFzRmGmzWlmsD
Ud1n4XirDtSbcFIZGLFhmXpeNb3g5v6uV7AW27Eh5n+kvWiipW9G/KOsMZgvOoL9
/SJq3B/oXfvGyyIuyuKBO8zRIL8iIsr9s/TjpFW2EAI32Dn3OLgiB/P5HwZy+Jrh
tdvwc/jwnzQv3uQv1tjIVKil+tWKz8zomPw/IFGR9Eghp8ZDJoW58pZh2IwwvnUi
N4LICdtAQk1MAEPGsoLeCQ3ThtCB8lxmXqHqMJaD7pn3Qb4PUT5fwY1KN6UnwgFp
New Issue Checklist
Issue Info
Issue Description and Steps
I am use RS256 to encode token, when the private key generated without password, it works fine, however, when I set password, the code is not worked. It always failed with error:
error Domain=NSOSStatusErrorDomain Code=-50 "RSA private key creation from data failed" (paramErr: error in user parameter list) UserInfo={NSDescription=RSA private key creation from data failed}The privateKey is as below. and passPhrase is "123456"