RS256 failed when private key has passphrase

[oyljerry]

New Issue Checklist

• I have read and understood the CONTRIBUTING guide
• I have read the Documentation
• I have searched for a similar issue in the project and found none

Issue Info

Info	Value
Platform Name	osx
Platform Version	10.14.6
CocoaLumberjack Version	e.g. 2.3.0
Integration Method	carthage
Xcode Version	Xcode 11.3
Repro rate	all the time (100%)
Demo project link

Issue Description and Steps

I am use RS256 to encode token, when the private key generated without password, it works fine, however, when I set password, the code is not worked. It always failed with error: error Domain=NSOSStatusErrorDomain Code=-50 "RSA private key creation from data failed" (paramErr: error in user parameter list) UserInfo={NSDescription=RSA private key creation from data failed}

id <JWTAlgorithmDataHolderProtocol> signDataHolder = [JWTAlgorithmRSFamilyDataHolder new]
        .keyExtractorType([JWTCryptoKeyExtractor privateKeyWithPEMBase64].type)
        .privateKeyCertificatePassphrase(passPhrase)
        .algorithmName(algName).secret(privateKey);

    JWTCodingResultType *result = [JWTEncodingBuilder encodePayload:payload]
        .addHolder(signDataHolder)
        .result;

The privateKey is as below. and passPhrase is "123456"

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,98F34D835B49818EA9C013E1F8A5D87D

MBsKuDXTLnW7mE3/vH9LQIx1vm3+/eGvs6Uzqv4MRRH4RHVJA8Y/AnW6x2UH7ye0
GToIjlBl+RoGfdU5uWKTpqYmTgqB3aG6P7gJebC+minxohQLByUQ+IDylP/+t96H
t0BXN0/Ic/IEjummGPW/bkO39b1mxm7LoW409UjvrPg6NtsvLtQvn9xraRUvcO06
j4WL9YWy1lGCPmXkFp6/7xHJivVBQgdDlmcFiJkIawLzi1xtbe0omadbb+JPAiis
9JSIx1PTpMKfIJPna5CoFueU+j7tq3dCLvQfNSc1EIcBq04ybcc3TwMwxIi6J0YU
DPa23VSCz3aUbxrE5/RYouyy6bIcPVXDAV0ZVxgUmCEST+w+YcXShfp6ngxIca8i
yyvV3nFYo18/6R+uU5mKsJFphsrUIJv3F/I2Q0Rh5ZlF4hvsQGphTx9FpOeq9W/d
2ibeYGsf03JSi06fARd2bUZewWtKN8LpNdMkN4/A2MzFE2gqIyyIhVCsZ1FlhWft
BnDEImcPyfpPHVfDCfGEVGnplEFcxjT7Z45sEVoJKzownyI5MHdwdwxO4gQMMWSD
k/z207+44JE4EZ6Ib7bQH13OywPGtVXiVCtY//vZZfNLVZT8eNRfh9W4h0g0fBRH
4MmSOXwzp6V+lzKEo+IzYRcHmYRATLN9GPlB6AYz3Av+2+xrauj4csZdHQJLzefP
5KG70Bjr1S3it+vwPsuKtG/zKQrjL8T0gq+DU9AZmDGUOGoT0wXv3l2siYLOJDM1
Mw3s7zZ+RIVxvIx7q8SnphLVegfJHf8RcOXw1bV1/kPmLaqF+Nv5Br9yXc9HGFEA
IcqbCe8HkQox6p5o+4vmHbqnSV7yQqjrVfdNKI0JAVmacahxENYAb8fTRytQvTeB
GpKwUaAWniD8VXWN1oNFB4MHjvFV6S3hkw2fOWkKIm/+8ySdRoCwaFSZ8k3fsSg2
schpHNqmEnWGzLxhaPXGe2IFqY6WQP4RLdT2mulqFiW/9ZLF9PoyaomiP5NFHWN0
Zb8XIVpFI7cUmxctv7R+ahvt10krgS9wKT4H4TWlILxXU5XtCCiMtEzneTaNEhQp
on0UhJng4+YY4SJfTo70DIgFmYcowsaDxJJfCRzyNTV82SI4n0J99VU5XPdX3xuL
yJdIc7nJW+QhW9MslniqpZh4Q09Mt58K2LaIDPL+HNvQmcMuMmMDoAOLZpw+ZzAU
Lq0JgKP/ziNpUFR/cJqu294jpKs3E50FM54Ig/p4CfhnG62Z45damVwjsm1BCpbE
Tu2aYkX6Po9f/jeDQe4u3OFBwl4xH5h4qz0d1i2IQs12X8jgDKzeuoC/BQeSiIu1
cyhFTY2mnzaRvAZgj1qjgpDxCSsOgvbRrwxnQa7OvEVBXJMQO/H329NENuJbfTHz
+OyRUuH0Zjc3elr1BEtcAP/kRUH29AtflBOhQ5vLHoGG+2QGvBOxL0AWV1TkugWQ
TNt/PmKTxD4PJm95vXffopVgStnKm/8tnYV8P8FQeUoLogy+rY5zE7gaBN347Wmm
8CjW5+O1K27/LM6JarC/G+a0Zjlt2v2pWgGbxhScVicVc6S8dVLtHdhJlhhqu54+
-----END RSA PRIVATE KEY-----

[lolgear]

@oyljerry oh no!
You have external parameters in private key and parser doesn't parse this well...
We need an update for a parser.

[oyljerry]

@oyljerry oh no!
You have external parameters in private key and parser doesn't parse this well...
We need an update for a parser.

@lolgear Thanks for your response.
What do you mean "external parameters", you mean private key's password?
If so, I used .privateKeyCertificatePassphrase(passPhrase) to pass "123456" which is not valid?

[lolgear]

@oyljerry
Sorry, my bad.
I mean "extra" parameters.
You have correct key, but also key section contains

Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,98F34D835B49818EA9C013E1F8A5D87D

I assume that if you remove these parameters, JWT will work well.
Could you check it?

[oyljerry]

@lolgear
I have tried as your suggestion. It seems not work.

I generate private key with password 123456, Then, I remove encrypt section Proc-Type: 4,ENCRYPTED..., which will be looks like below. Then I use JWTAlgorithmRSFamilyDataHolder to encode it. however, it still failed as Code=-50 "RSA private key creation from data failed".
When I go back to readme for RS256 usage (https://github.com/yourkarma/JWT#rs256-usage), I think here privateKeyCertificatePassphrase is the passphrase of p12 file, however, in my testing, The password 123456 is the passphrase when generate private key. I think it can NOT work.
Once more, I think remove Proc-Type:... can NOT work, because, there is encryption information (DEK-Info: AES-256-CBC) in it, If remove it, parser should not know how to decrypt it.

DiAY3RWupDP0opkw6HRpr+B1oyXuJfmE7nfKDFBPBFVSApPQDCQLs7+ZyjtnjRgx
mFQYAnjvUuxfHhEplPAqfBE/FXCFyemnhe0uNSnQ0F3l6bRTZwzhKpg3XrnPs8be
Iw/p6AfHIPKsv+adA5kv2N+D7WK6Ls17a9skiQ8qx+CA4RsfmTQogmda/RrBMyR7
ZDmwx/s3Orcab02ug69SWRkhdjExqA+d7vi52qiigvm1VwPmdHXjttMnTRQ7FvwM
VzjkKhOQ9kUfn4A7tlvirGoKSqR0W3y8s7GR8BCCzHQ4J0v83hBWfkquPKG8Posa
OYABzsjwbr2Fs9cFOc1hph0qHdRAj1hV2pdqUPhHD4NUUliCTFbLRJQBZ58/+qEG
lhnapls0VyQggEE6E+74KeoEQKaDu3vFnRQQX2F+tSND8d+/zMRf3dS/Rmn0Ojet
+q/rURyqFgBtWN1+mQnD5vjPIVZR82xizSrqF4xoF5TP3veiGR3dugeY0ymumlF8
XDcpKrCYcYthlnjLCguaYYda3Ep4uRkjaJhcwKXxbCxd7Ux58a1nPcK+35Qz4hdM
XOqRW+FTDYZCh43dSQFVHaO1y3psU66yNfpiFL42Yel80XTwWqqsACUA6nesQflo
eK2zI/umZ99c0UYLiw64CJrGHwf+9y5iVCRgzV841vp/GaOq4RL4bon7VxyGvm4e
wVJkLgukf7rToWbLzfMrR6lqLNd4EOlDORXXF7O+L3lEBYymuBwHzXqgjZpPpH2S
brUaYuVyOdWGr1D4PbXaJP1KVezQOynJln7TVOu+j7Z6uniVo9O7R/BC3iDppduU
A3UyL54M1mwysRiqZvLHf/rooVm+MQnDz9iklbm/I/TgnzPXg6nTq8C9zAXlMIcO
0kCY1q/9hV9naJLbK++PQyFGAZvnasBm1LhPvteoJ7+dyFTvT0WOCu2JzN6DB5CP
p9u6ZRZ2kYVPmW4ZrDpU0KIqp6+/i7lCMAumijvubcgxDS11+WlF53TW5tszze0s
Pp82Z0H5UOeq1gHTKCcnYfBFlt0WWGaNAmrBKg4tQ2AKDAhH/V3hnXbDb70YUQHX
sPTqoh6E2FlCietetnH65ZgoFIm/jYeQ+fdLG2g487p6qdpBrmQWuUkbEAsj/wVt
g/VmszlOH9C7+OJ9F7mv6CySZumyHC7puKG0L8hNptrHcFhIu7fLuepcyTMq4l3m
WpOsjXzARLRVy4VulzzK1hBdqeU2d2HgiFvoJjvCJS4j84W5Q7nAYdo533LcW0Eg
RxV9yckH3rf51iPz6ZfCbMzARbrvIsC1BuY1ibNtK+UFuikOsmpRFzRmGmzWlmsD
Ud1n4XirDtSbcFIZGLFhmXpeNb3g5v6uV7AW27Eh5n+kvWiipW9G/KOsMZgvOoL9
/SJq3B/oXfvGyyIuyuKBO8zRIL8iIsr9s/TjpFW2EAI32Dn3OLgiB/P5HwZy+Jrh
tdvwc/jwnzQv3uQv1tjIVKil+tWKz8zomPw/IFGR9Eghp8ZDJoW58pZh2IwwvnUi
N4LICdtAQk1MAEPGsoLeCQ3ThtCB8lxmXqHqMJaD7pn3Qb4PUT5fwY1KN6UnwgFp