Error signing payload (JWT, jsrsasign)

I'm using jsrsasign to create JWT. Following the tutorial here I did the following:

// Header
var oHeader = {alg: 'RS256', typ: 'JWT'};
// Payload
var oPayload = {};
var tNow = KJUR.jws.IntDate.get('now');
var tEnd = KJUR.jws.IntDate.get('now + 1day');
oPayload.iss = "http://foo.com";
oPayload.sub = "mailto:mike@foo.com";
oPayload.nbf = tNow;
oPayload.iat = tNow;
oPayload.exp = tEnd;
oPayload.jti = "id123456";
oPayload.aud = "http://foo.com/employee";

var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);

var pbKey = KEYUTIL.getKey("-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bg0doaHG2Pg/WplPgc0\nstTEdPyuNqD6jhvCOLrnq01R1M8QoBgiOmKhYUJrti/hybXSqp9uTp61dGPQ4KUU\nP7r4vjwzBYXzSUiS7YfCdWbX6bY8MW7eFXf3EADgNCi6NUBsTpOwKVyJuHFMxWFy\nR2Z9Pdw4gUuCrIqWaoGARIJ0Tkf5zT99C8AuwcJ46fZqPs6cNHtUaNu/CdXcgtPA\n3iXIXBZqlBkKPaNE6ATjtIUHftZhOx0aQLUDm2skbDmDre78R7GKNXPUWknfw7xV\nMpa93zYckxjce2MYNDbvmsK4gbzwm8zxYp+o0eMobOq7xe5hy/sRFbbHOZTqQWtp\nrwIDAQAB\n-----END PUBLIC KEY-----\n");

var sJWT = KJUR.jws.JWS.sign("RS256", sHeader, sPayload, pbKey);

console.log(sJWT);

I generated the public key using the Ruby jwt gem as follows:

rsa_private = OpenSSL::PKey::RSA.generate 2048
rsa_public = rsa_private.public_key

public_key = rsa_public.to_pem 

I keep getting the following error while signing the payload:

"error"
"Uncaught Signature: unsupported public key alg: rsa (line 24)"

What am I doing wrong?

Here's the link to JS Bin: http://jsbin.com/yehiyo/edit?js,console

Answers


What you're doing wrong is simple. The code that you've written is correct. You cannot, however, sign a JWT with a public key. You'll need to use a private key for that. When you generated your key pair, you should have gotten a file that looks similar to the public key, but with BEGIN PRIVATE RSA KEY, etc.

That'll fix your issue. Best of luck.


Need Your Help

Pointing a subdomain to a subfolder using .htaccess

.htaccess mod-rewrite subdomain

My webhost automatically forwards all requests to *.mydomain.com to the toplevel domain mydomain.com.

method of iterating over sqlalchemy model's defined columns?

python sqlalchemy

I've been trying to figure out how to iterate over the list of columns defined in a SQLAlchemy model. I want it for writing some serialization and copy methods to a couple of models. I can't just i...