Comments (3)
venantius
commented on August 20, 2024
Perhaps somewhat explicitly, trying to use a key generated either by:
openssl ecparam -name secp521r1 -genkey -noout
or:
ssh-keygen -t ecdsa -b 521
Gets me the following exception:
user=> (clj-jwt.key/private-key "common/resources/security/ec512-key")
java.security.NoSuchAlgorithmException: ECDSA KeyFactory not available
org.bouncycastle.openssl.PEMException: unable to convert key pair: ECDSA KeyFactory not available
user=> (pst)
clojure.core/eval core.clj: 3105
...
user/eval8551 REPL Input
...
clj-jwt.key/private-key key.clj: 84
clj-jwt.key/private-key key.clj: 87
clj-jwt.key/pem->private-key key.clj: 82
clj-jwt.key/eval8129/fn/G key.clj: 12
clj-jwt.key/eval8189/fn key.clj: 44
org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter.getKeyPair
org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter.getKeyFactory
org.bouncycastle.jcajce.util.DefaultJcaJceHelper.createKeyFactory
java.security.KeyFactory.getInstance KeyFactory.java: 172
java.security.KeyFactory.<init> KeyFactory.java: 138
java.security.NoSuchAlgorithmException: ECDSA KeyFactory not available
org.bouncycastle.openssl.PEMException: unable to convert key pair: ECDSA KeyFactory not available
nil```from clj-jwt.
venantius
commented on August 20, 2024
So, the problem here turns out not to have been an issue with my generation of ECDSA keys, but rather the fact that the BouncyCastle Provider hadn't been configured (refer to JIRA issue on BouncyCastle here: http://www.bouncycastle.org/jira/browse/BJA-625)
To get this working, you just need to add the BouncyCastle Provider to the java.security.Security class as follows:
(. java.security.Security addProvider (org.bouncycastle.jce.provider.BouncyCastleProvider.))from clj-jwt.
venantius
commented on August 20, 2024
Ah, I just saw e13b665. So really all you need to do is to update the README to make clear that the process for ingesting a ECDSA key is different than how it used to be.
from clj-jwt.
Related Issues (18)
- Support X.509 public key
- `public-key-from-string` throws NullPointerException on invalid key HOT 1
- No implementation of method :init for class JWT HOT 2
- Critical vulnerabilities in JSON Web Token libraries HOT 4
- Support for decoding tokens HOT 2
- exception using cipher - please check password and data HOT 3
- decode HMAC256 signed token HOT 2
- Handling of Clojure maps in JWT claims
- str->jwt throws exceptions HOT 1
- Problem `NoClassDefFoundError` for class `Encodable` from bouncycastle.
- IllegalArgumentException No matching method found: initVerify for class java.security.Signature$Delegate clojure.lang.Reflector.invokeMatchingMethod (Reflector.java:80)
- JWT key names an clj-jwt
- Same iat for multiple requests
- date values for :exp :nbf and :iat are divided by 1000? HOT 3
- Claims containing URI String keys cannot be verified. HOT 5
- Use constant time comparison when verifying signatures HOT 1
- Using a secret key to verify an unsigned token returns true, probable security issue HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clj-jwt.