From ad5ac9ce3052e51df55da04fe28ec91ecc107cc3 Mon Sep 17 00:00:00 2001 From: Alex Layton Date: Sat, 2 Apr 2022 01:14:18 -0400 Subject: [PATCH] Fix bug with certain PEM keys --- package.json | 2 +- src/jwks-utils.ts | 2 +- src/sign.ts | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index f65fb64..4a5612a 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "certs": "./dist/cli.mjs", "oada-certs": "./dist/cli.mjs" }, - "version": "4.1.0", + "version": "4.1.1", "description": "Generate and verify JWT signatures (OAuth dynamic client registration certificates and Trellis document integrity signatures) in the Open Ag Data Alliance (OADA) and Trellis ecosystems", "main": "dist/index.js", "files": [ diff --git a/src/jwks-utils.ts b/src/jwks-utils.ts index 92f4e29..10de9cd 100644 --- a/src/jwks-utils.ts +++ b/src/jwks-utils.ts @@ -32,7 +32,7 @@ const warn = debug('oada-certs:jwks-utils:warn'); /** * @todo Better discriminated union of JWK types? */ -export type JWK = BaseJWK | JWKpem | JWKrsa; +export type JWK = JWKpem | JWKrsa; export interface BaseJWK extends Partial { /** * Must have "kty" to be a JWK diff --git a/src/sign.ts b/src/sign.ts index d20aa61..c88ca02 100644 --- a/src/sign.ts +++ b/src/sign.ts @@ -56,6 +56,8 @@ export async function sign( // AsKey needs the key to be just the pem string if it's a pem let privatejwk = await (typeof key === 'string' ? jose_JWK.asKey(key, 'pem') + : key.kty === 'PEM' + ? jose_JWK.asKey(key.pem, 'pem') : jose_JWK.asKey(key)); // If (key.kid) privatejwk.kid = key.kid; // maintain kid from original if passed // options.header.kid can override the one in the private key: