Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EC private key creation from data failed #246

Open
3 tasks done
zhouhao27 opened this issue Mar 27, 2023 · 0 comments
Open
3 tasks done

EC private key creation from data failed #246

zhouhao27 opened this issue Mar 27, 2023 · 0 comments

Comments

@zhouhao27
Copy link

zhouhao27 commented Mar 27, 2023
edited
Loading

New Issue Checklist

Issue Info

Info Value
Platform Name ios
Platform Version 14.0
CocoaLumberjack Version e.g. 2.3.0
Integration Method cocoapods
Xcode Version Xcode 14.2
Repro rate all the time (100%)
JWT version 3.0.0-beta.14

Issue Description and Steps

My demo application is able to generate RS256 and ES256 JWT token. It works for RS256 but doesn't work for ES256. The error message is:

Error Domain=NSOSStatusErrorDomain Code=-50 "EC private key creation from data failed" UserInfo={numberOfErrorsDeep=0, NSDescription=EC private key creation from data failed}

Here is my code:

    NSDictionary *header = @{
        @"alg": self.segment.selectedSegmentIndex == 0 ? @"ES256" : @"RS256",
        @"kid": @"NMK2ABbpUmxEg2MC_w1v3CsmrDiww1hxRIxrWwrEjv8",
        @"typ": @"JWT" // specify the token type
    };
    
    time_t timestamp = time(NULL); // current Unix timestamp
    NSNumber *timestampNow = @(timestamp); // convert to NSNumber
    
    int intValue = [timestampNow intValue]; // get integer value
    NSNumber *timestampCurrent = [NSNumber numberWithInt: intValue];
    intValue += 180; // add 180seconds
    NSNumber *expiration = [NSNumber numberWithInt:intValue];
    
    NSUUID *uuid = [NSUUID UUID];
    NSString *nonce = [uuid UUIDString];
    
    NSLog(@"%@", nonce);
    
    NSDictionary *payLoad = @{
        @"iat": timestampCurrent,
        @"aud": @"https://google.com",
        @"sub": @"POST",
        @"jti": nonce,
        @"iss": @"08af8def-0f9a-4669-b64d-390f3470e80c",
        @"exp": expiration
    };
        
    // Load the private key from a file
    NSString* fileName = self.segment.selectedSegmentIndex == 0 ? @"ec_private" : @"rsa-private";
    NSString *privateKeyPath = [[NSBundle mainBundle] pathForResource:fileName ofType:@"pem"];
    NSString *privateKey = [NSString stringWithContentsOfFile:privateKeyPath encoding:NSUTF8StringEncoding error:nil];
        
    id <JWTAlgorithmDataHolderProtocol> signDataHolder = [JWTAlgorithmRSFamilyDataHolder new]
        .keyExtractorType([JWTCryptoKeyExtractor privateKeyWithPEMBase64].type)
        .algorithmName(self.segment.selectedSegmentIndex == 0 ? JWTAlgorithmNameES256 : JWTAlgorithmNameRS256).secret(privateKey);

    JWTCodingResultType *result = [JWTEncodingBuilder encodePayload:payLoad]
        .headers(header)
        .addHolder(signDataHolder)
        .result;
    
    if (result.successResult) {
        // handle encoded result
        NSLog(@"encoded token: %@", result.successResult.encoded);
        [self updateTokenText:result.successResult.encoded];
    }
    else {
        // handle error
        NSLog(@"encode failed, error: %@",
              result.errorResult.error);
        [self updateTokenText:result.errorResult.error.localizedDescription];
    }

Please refer to my example project.

JWTDemo.zip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zhouhao27