Open nbeithalevi opened 8 years ago
@nbeithalevi could you post your code here with builder.jwtError
output?
Thanks for your quick reply,
Here's the error:
Error Domain=com.karma.jwt Code=-93 "It seems that signing output corrupted. Make sure signing worked (e.g. we may have issues extracting the key from the PKCS12 bundle if passphrase is incorrect)
On Thu, Jun 2, 2016 at 12:54 AM, Dmitry notifications@github.com wrote:
@nbeithalevi https://github.com/nbeithalevi could you post your code here with builder.jwtError output?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/yourkarma/JWT/issues/73#issuecomment-223136685, or mute the thread https://github.com/notifications/unsubscribe/ASTFxehMXghZvlqcdVwShOfRhSxOQUKAks5qHf-TgaJpZM4Irli5 .
[image: Ping Identity logo] https://www.pingidentity.com/ Nadav Beithalevi Mobile Developer Ping Identity @ nbeithalevi@pingidentity.com [image: phone] [Enter Number] [image: twitter] @pingidentity Connect with us!
[image: pingidentity.com] https://www.pingidentity.com/ [image: twitter logo] http://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm [image: twitter logo] https://twitter.com/pingidentity [image: youtube logo] https://www.youtube.com/user/PingIdentityTV [image: LinkedIn logo] https://www.linkedin.com/company/21870 [image: Facebook logo] https://www.facebook.com/pingidentitypage [image: Google+ logo] https://plus.google.com/u/0/114266977739397708540 [image: slideshare logo] http://www.slideshare.net/PingIdentity [image: rss feed icon]
[image: CIS 2016] https://www.cloudidentitysummit.com/en/index.html
Yes, it can not be done ( for now ) by raw privateKey
.
Only privateKey
in file with seal - passphrase.
If you could add PR with additional algorithm implementation or existing algorithm extension, it would be great!
@nbeithalevi Could you write tests with your desired functionality and disable them in pull request? It would be great if you can rewrite existing RS256 tests with Kiwi framework.
@nbeithalevi could you check latest master? It introduced keys PEM import.
Hi @lolgear , I've just started trying out your library and I'm looking as RS256 (I actually want RS512, but that's another matter). I ran your tests for 3.0.0 Beta 3 and while they don't fail, they actually return nil from the token. The tests are referring to a file that doesn't exist.
Replacing the file names with the rs256-private.p12 and rs256-public.pem, the encoding and decoding works with a caveat. Your keys require a certificate also within the pem and p12 files.
It's not uncommon that you'll want to decode a JWT with just the public key and no certificate. But currently you require the certificate so you can get to the public key (JWTCryptoSecurity.m : 191), I understand why you require this as iOS until iOS 10.0 didn't have the simple Mac OS method of creating the public key as a secKeyRef. You could however use SecKeyCreateWithData() but you'd have to drop 9.3 support as a result.
Hi. I am experiencing the same error. Does anyone knows how to fix this? I have a .p8
file generated for Sign in with Apple, so I don't know how to proceed with this.
"It seems that signing output corrupted. Make sure signing worked (e.g. we may have issues extracting the key from the PKCS12 bundle if passphrase is incorrect)." UserInfo={NSLocalizedDescription=It seems that signing output corrupted. Make sure signing worked (e.g. we may have issues extracting the key from the PKCS12 bundle if passphrase is incorrect).}"
This is my code:
let jwtBuilder: JWTBuilder = JWT.encode(claims)
let encodedResult = jwtBuilder.secret(SecretKey.siwa)?.algorithm(jwtAlgorithm)?.headers(headers)?.encode
if let error = jwtBuilder.jwtError {
print("Encode Failed: \(error)")
} else {
print("Encoded Result: \(encodedResult!)")
}
Edit: SecretKey.siwa
is just a raw string of my private key from the .p8
file.
Thank you.
Hi,
I'm trying to use rs256 algorithm with keys 1024 and 2048, but without success. I also tried to use it without passcode (empty string) - without success. I'm using raw private key, not a file like in the example.
Please help.