Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

example for RS256 openssl #125

Merged
merged 1 commit into from
Jun 19, 2017
Merged

Conversation

HenryNe
Copy link

@HenryNe HenryNe commented Nov 21, 2016

An example with RS256 with encode and decode.
Keys are created by openssl and inline to make the example complete as single file.

openssl genrsa -out private.key 1024
openssl rsa -in private.key -pubout > pubkey.key

@googlebot
Copy link

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.


  • If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
  • If you signed the CLA as a corporation, please let us know the company's name.

1 similar comment
@googlebot
Copy link

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.


  • If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
  • If you signed the CLA as a corporation, please let us know the company's name.

@HenryNe
Copy link
Author

HenryNe commented Nov 21, 2016

I signed it!

@googlebot
Copy link

CLAs look good, thanks!

@robertdimarco
Copy link

Neat!

"nbf" => 1357000000
);

$jwt = JWT::encode($token, $privateKey, 'RS256');
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pardon my ignorance. I would have thought that we should encode with the public key and decode with the private one.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are wrong.
encode with private, so only you can sign the data.
JWT with public key is for checking signature, not for hiding information.
Information is base64 coded. See red header and payload on https://jwt.io/

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the explanation. Appreciated

@gbharath5182
Copy link

Hi, I am having the key like below
{
"keys":
[{"kty":"RSA",
"kid":"",
"use":"sig",
"n":"
",
"e":"AQAB",
"x5c":[""],
"x5t":"
"}]}
Need assistance in verifying the signature using Firbase.JWT library in php.

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants