why jws not allow RSA & ES256? about jwt-framework HOT 5 CLOSED

• RSA key type is for RSA algorithms (RSxxx or PSxxx).
• EC key type is for EC algorithms (ESxxx).

If you want to use the ES256 algorithm, then you have to use an EC key.

from jwt-framework.

@Spomky @timrourke @Oxmoze

We had solved the problem using jwt-framework in a very funny way. we guess there is a bug in it ,Otherwise we hold the wrong understanding.
we use AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256(java code) to generate public/private key in the following format. note, we use ECDSA not RSA.

import java.security.PrivateKey;
import org.jose4j.json.JsonUtil;
import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.jwk.RsaJwkGenerator;
import org.jose4j.jws.AlgorithmIdentifiers;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.NumericDate;
import org.jose4j.lang.JoseException;
String keyId = UUID.randomUUID().toString().replaceAll("-", "");
RsaJsonWebKey jwk = RsaJwkGenerator.generateJwk(2048);
jwk.setKeyId(keyId);
jwk.setAlgorithm(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
String publicKey = jwk.toJson(RsaJsonWebKey.OutputControlLevel.PUBLIC_ONLY);
String privateKey = jwk.toJson(RsaJsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);

public key(private key is similar format: RSA & ES256) {"kty":"RSA","kid":"***","alg":"ES256","n":"***","e":"AQAB"}
now is the miracle time:

1: we change the ES256 to RS256 in thre private key,

2: change algorithm from ES256 -> RS256 in the php code.
use Jose\Component\Signature\Algorithm\ES256;
->
use Jose\Component\Signature\Algorithm\RS256;

3. The generated token is verified true by the ES256 public key stored in the RS server.

this is interesting. Other develepers have the same expierence. and We agree this is a bug for jwt-framework.

ps: we use a third-party RS server(Aliyun Api Gate), we register keyid and publickey in RS (the public key is RSA & ES256)

from jwt-framework.

Hi,

That a good news. However I am still convinced there is a problem with the result of AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256(java code).

This lines clearly refers to an EC key on the P-256 curve, but the key you mention has RSA components (namely n, e and for your private key at least d and maybe p, q, dq, dp or qi).

EC key components are crv, x, y and for your private key d.

So for me lgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256(java code) produces RSA keys, not EC ones.
I can see the same confusion here.
In the given example {"kty":"RSA","kid":"88483727556929326703309904351185815489","alg":"ES256","n":"ie0IKv...8dYAFAVEFsvXCFvdaxQefwWFw","e":"AQAB"}
we can clearly see that the type is RSA (kty and presence of n and e parameters) but the associated algorithm is ES256 (an EC algorithm) which is technically impossible.
It would be interesting to contact the developer of that Java implementation to confirm or deny my assumption.

Anyway, I am happy to know that you solved that issue.
I now close it. Feel free to re-open it needed.

from jwt-framework.

Hi,

As I mentioned before, this is not a behavior of one library or the other, but the way the key is created that is not correct.

from jwt-framework.

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

from jwt-framework.