Comments (16)
ok with your workaround all test pass
E:\HAS\jose>npm run test
> @panva/[email protected] test E:\HAS\jose
> ava
1355 tests passed
from jose.
Are you saying this snippet does not work for you?
const { JWKS: { KeyStore } } = require('@panva/jose');
const keystore = new KeyStore();
keystore.generateSync('RSA', 2048, {
alg: 'RS256',
use: 'sig',
});
console.log(keystore.toJWKS())
from jose.
Yes and my version is
E:\HAS\OpenId>node -v
v11.11.0
from jose.
and package is
"dependencies": {
"@panva/jose": "^0.11.1",
"koa": "^2.7.0",
"koa-body": "^4.1.0",
"koa-ejs": "^4.2.0",
"koa-helmet": "^4.1.0",
"koa-mount": "^4.0.0",
"koa-router": "^7.4.0",
"lodash": "^4.17.11",
"nanoid": "^2.0.1"
}
from jose.
The only thing i can think of is that the keyobject export does not honour const EOL = require('os').EOL;
from jose.
can you try going to your node_modules/@trust/keyto/src/index.js
file and changing line 219 to let lines = key.split('\n')
? I don't have a windows machine available so this would help me out a lot to confirm.
from jose.
also run this for me and paste the output please
const { generateKeyPairSync } = require('crypto')
generateKeyPairSync('rsa', { modulusLength: 2048 }).privateKey.export({ format: 'pem', type: 'pkcs8' })
from jose.
It works when i change the line you gave me. I'll run the second command
from jose.
i ran this
const { generateKeyPairSync } = require('crypto')
let res = generateKeyPairSync('rsa', { modulusLength: 2048 }).privateKey.export({ format: 'pem', type: 'pkcs8' })
console.log(JSON.stringify(res))
Which gave me
"-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCzw77UxBXgwWov\nTFbjXmqWF33a9V0D4Vjk1YLarvSSEM07tzn1oe8WdZ+AnhRIgw1HSn+VK2RonZMV\nPQ+27n1FIgvtYyzN3Xg2TU5fN7KRF7WCs3CDkh+npHvCpJK6ssTccWTcwY4F9HGU\nbz9Ui/5o7Gbqvb6QKlr3sjOKj2BmyIsyA+ypU3mYexozr4uiS+OmMpc08ekZh5ew\nu3IsAoKmLw4OhW6JGpzYQ2aCX+9KR/56Z5OCbCgvunG33IKkogtqZm5cJC7dG/la\nkRi/andQHDBatuvoqUTRzX99siX/P2B8tuRyklpdVigNYXXi/JthRyEtJgt7HB9x\n4v00o2E7AgMBAAECggEAZHw0/gYmHJ7BVnMb1rj+Z6v2BCFHv1WGNVRMcyV9PPD7\naDgBxBai6TES2fiDag0nrQQt0RqSZBBBGYwqbp1dlPl1JVtcvi7gdao89ujRfl18\nbvUTHdjerP062RDZnFc1x+vy75uaYiXEH68X/ZDLw6bx2KH8FeY3N2J7gSaoQotD\nrJF9263Tg9V420aM2jrNgHESKg9DSzoRGoIT67YVYyRDoc6zqWwAqeUx8NJl5fg6\n5C0g6B+4M8/SQq197kHH9+VVK4Sxw0Xanw6Td3GQtjJKlhI8AYV/UJbP9RcOTtng\nysBfvJ5oaoNQ68l4g3ztuMJMvpIXfizlBSVuZfviQQKBgQDb1GbKtZXsfnkg/Ppu\ntZK94d5/ECOWWCQYdDSPvewosnHQ9PFTJYpSFrtdWF/J8x/+WExhznTRu2/pPhdJ\nUs4WzGifVa/+Km9GBXIrlNCGfNeKAHAjDkfgQAVJ5omxKehuSlnDRseLBzyUZnQi\nlKWD8GJ+nHhbj/NLC9wycHWkkQKBgQDRV7xWl4OyIGp0MrNSuikAAkCmOxLoj8rA\nAvcRSxdWBCnekK4wqN+XfERSouCcW7YoxdmVNDhoeQPQSARrZdDWWOJzNdkEzJ3t\ntEojB7W1yrxZe0vX6DE5tEYvnAAq4vN3fwrc56hkv40mJEad1XNwytQ+miJqPvUY\niBxuIwvfCwKBgAwiw7H5KFev+7voe2LVP06gQ4o8N9q67vMypxwwXfM5NrNUcmYm\nsmYpvxo+ILujYmbGNSFJJoXVlS4JMXvoyFvV2QjC0D511ULGVjE1u/VQuw1xTL+C\nsFEe96vGwF85cw1zqVTweV+hfKSsq0ilcCXChY170eEsJ0BDXVqjfrshAoGAafhG\nr3K9SLMeEDoGCm+QB6AcR8mJlc4MLUyS8t8XLgSniTGl653gqVdPYqFun9fRCyy0\nKtInZ8MyigGasx70Kz0NTJLKi6Jko4prKPZjJmY9F/LQ/rdcC8DU8o6+ivcdlbTq\ns85UsMNCWTdtw8HkUQlrjVEK8Mtz2Ho2Ig59mOcCgYBQ9zZu9XNYcUtwCRrta2wK\nGhOWKSl2z3yFVYfocKjsU8ILrPO9ui8tWGvldcsF64Ie7qi6i5Q9N8WlEo30ldDm\nCHg/VQ79bADb7qj12XRrfhWKtjAMGcyTHQqWdSuFQOEA7A0meCzxDW8ar6O7KTWb\nq2WlQN5l1Z/vejSd2tA+Lg==\n-----END PRIVATE KEY-----\n"
from jose.
ok, please revert everything and change lib/help/key_utils.js
to
const { EOL } = require('os')
const keyto = require('@trust/keyto')
const errors = require('../errors')
const SUPPORTED = new Set(['EC', 'RSA'])
module.exports.keyObjectToJWK = (keyObject) => {
const type = keyObject.type === 'private' ? 'pkcs8' : 'spki'
const format = 'pem'
const pem = keyObject.export({ type, format }).replace(/\n/g, EOL)
return keyto.from(pem, 'pem').toJwk(keyObject.type)
}
module.exports.jwkToPem = (jwk) => {
if (!SUPPORTED.has(jwk.kty)) {
throw new errors.JOSENotSupported(`unsupported key type: ${jwk.kty}`)
}
return keyto.from(jwk, 'jwk').toString('pem', jwk.d ? 'private_pkcs8' : 'public_pkcs8')
}
I think this might work as a temporary workaround to the @trust/keyto
implementation. Upon confirmation i'll work that one in.
from jose.
Your workaround works and when i check my JSON.stringify(require('os').EOL) i get a "\r\n" and i suppose the generation of the token is something made with just \n so its not based on the OS end of line but something like openssl? Maybe its something i should post on the @trust/keyto? If i can be of some help :x
from jose.
Yes, i think @trust/keyto
should not rely on os.EOL
, for one the key might be coming from a different system.
That being said i'll work around it for now and in the future the work being done the KeyObject API will remove the need to use the pem -> jwk
path in keyto.
from jose.
@DarkSorrow while we're at it and you're willing to help. Can you clone this repo, make the above change in your source and run
npm i
npm test
Maybe there are more windows specific bugs that we could uncover.
from jose.
Yes sure i'll do that and post something on their channel too later
from jose.
Thanks for your help @DarkSorrow, i'll get this sorted later today.
from jose.
Well thanks for being so reactive, i sent a PR to keyto as well
from jose.
Related Issues (20)
- Error: unsupported key management (decryption) alg: ECDH-ES+A256KW HOT 1
- Verifying JWT with symmetric key HOT 2
- Unable to build Angular project with Jose HOT 1
- SignJWT exp type error HOT 2
- Cannot verify id token using remote jwks HOT 3
- Can't verify azure token HOT 3
- Bun support ED25519 HOT 1
- Bun bun bun!! HOT 17
- Bun: SyntaxError: Import named 'KeyObject' not found in module 'crypto'. HOT 3
- Mocking URLs with msw/nock doesn't work with named imports. HOT 1
- [ES384] adding a single letter to the signature part causing a successful verification HOT 7
- Type "GetKeyFunction" is present in "types.d.ts" but not exported in "index.d.ts" HOT 1
- Check for `jwk.oth` should also check for `null` value HOT 2
- CryptoKey is not extractable HOT 1
- JWKS Timeout : request timed out HOT 1
- Cannot read properties of undefined (reading 'base64url') HOT 7
- Claims validation should not mutate incoming `requiredClaims` array HOT 6
- jose importSPKI error TypeError: "spki" must be SPKI formatted string HOT 2
- Bun: Export named 'diffieHellman' not found in module 'crypto'. HOT 1
- Maybe slightly tweak the exports? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jose.