Verifying the JWT Signature using the External Public key as String
Issue #161
resolved
Hi there,
I have problem of verifying the signature of jwt object. Really appreciate if you could help me on this how to resolve the issue.
1) Lets say I am using RSA 256 algorithm to generate the Encoded JWT Object. 2) i did SignedJWT signedJWT = SignedJWT.parse(s) --> where s is the encoded jwt object 3) i can print all the header with signedJWT.getHeader().toString() etc etc all the claim attributes -- no issues so far
issue: The problem is I am trying to verify the signature. i will be getting the certificate which i load from my local like the below one and its not the the complete one
String RSAcerifivcate = "-----BEGIN CERTIFICATE-----"+ "MIIC4jCCAcqgAwIBAgIQQNXrmzhLN4VGlUXDYCRT3z"+ ""-----END CERTIFICATE-----";
if you could help me how to verify the signature of jwt object if i have key like this in hand. signedJWT.verify(verifier)
how do i use the above certifcate string to verify the Jwt Object. i couldnt see any examples to figure this out. Thanks for the help
Comments (6)
-
reporter
-
reporter
i have just found that i am getting the X509Certificate. From this certication i need to extract the public key to verify the Jwt signature.Any help or sample code is really appreciated.
-
Use the
getPublicKey()method ofX509Certificate, then cast it toRSAPublicKey.With the
RSAPublicKeyyou can then construct anRSASSAVerifierfor the signed JWT. -
reporter
thanks for the suggestion and it works fine
-
- changed status to resolved
-
Added an example of how to parse an X.509 cert and extract its public RSA / EC key:
http://connect2id.com/products/nimbus-jose-jwt/examples/parse-x509-certificate-extract-keys
- Log in to comment
Hi there,
The certificate look like this as string
-----BEGIN CERTIFICATE----- MIIC4jCCAcqgAwIBAgIQQNXrmzhLN4VGlUXDYCRT3zANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDEyJhY2NvdW50cy5hY2Nlc3Njb250cm9sLndpbmRvd3MubmV0MB4XDTE0MTAyODAwMDAwMFoXDTE2MTAyNzAwMDAwMFowLTErMCkGA1UEAxMiYWNjb3VudHMuYWNjZXNzY29udHJvbC53aW5kb3dzLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALyKs/uPhEf7zVizjfcr/ISGFe9+yUOqwpel38zgutvLHmFD39E2hpPdQhcXn4c4dt1fU5KvkbcDdVbP8+e4TvNpJMy/nEB2V92zCQ/hhBjilwhF1ETe1TMmVjALs0KFvbxW9ZN3EdUVvxFvz/gvG29nQhl4QWKj3x8opr89lmq14Z7T0mzOV8kub+cgsOU/1bsKqrIqN1fMKKFhjKaetctdjYTfGzVQ0AJAzzbtg0/Q1wdYNAnhSDafygEv6kNiquk0r0RyasUUevEXs2LY3vSgKsKseI8ZZlQEMtE9/k/iAG7JNcEbVg53YTurNTrPnXJOU88mf3TToX14HpYsS1ECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAfolx45w0i8CdAUjjeAaYdhG9+NDHxop0UvNOqlGqYJexqPLuvX8iyUaYxNGzZxFgGI3GpKfmQP2JQWQ1E5JtY/n8iNLOKRMwqkuxSCKJxZJq4Sl/m/Yv7TS1P5LNgAj8QLCypxsWrTAmq2HSpkeSk4JBtsYxX6uhbGM/K1sEktKybVTHu22/7TmRqWTmOUy9wQvMjJb2IXdMGLG3hVntN/WWcs5w8vbt1i8Kk6o19W2MjZ95JaECKjBDYRlhG1KmSBtrsKsCBQoBzwH/rXfksTO9JoUYLXiW0IppB7DhNH4PJ5hZI91R8rR0H3/bKkLSuDaKLWSqMhozdhXsIIKvJQ== -----END CERTIFICATE-----
Thanks
Any help is really appreciated