Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

invalid key input

See original GitHub issue

Describe the bug

I just try to reproduce the example of documentation JSON Web Tokens (JWT)Signing It returns TypeError: invalid key input

To Reproduce

Code to reproduce the behaviour:

const secret = 'bGoa+V7g/yqDXvKRqq+JTFn4uQZbPiQJo4pf9RzJ'

const accessToken = await new SignJWT({ 'urn:example:claim': true })
	.setProtectedHeader({ alg: 'ES256' })
	.setIssuedAt()
	.setIssuer('urn:example:issuer')
	.setAudience('urn:example:audience')
	.setExpirationTime('2h')
	.sign(secret)

Expected behaviour Create a simple JWT for authentification.

Environment:

jose version: 3.12.3
affected runtime is: Node.js 14.17.0,
[ X ] the bug is happening on latest jose too.
[ X ] i have searched invalid key input the issues tracker on github for similar issues and couldn’t find anything related.

Issue Analytics

State:
Created 2 years ago
Comments:5 (3 by maintainers)

Top GitHub Comments

1reaction

panvacommented, Jun 24, 2021

@jvanalst please update/remove those samples before anyone copy/pastes readFileSync to their code… you know that’s gonna happen.

0reactions

jvanalstcommented, Jun 23, 2021

To be honest, I also found these new crypto libraries confusing. While I agree that people should read the documentation, if you’ve never seen SubtleCrypto or crypto.createPublicKey before clicking into one of the links isn’t super helpful (especially for SubtleCrypto with all it’s numerous options that aren’t particularly well explained because you need to have a detailed knowledge of cryptography first).

It also doesn’t help the jsonwebtoken (the JWT library I’m trying to migrate from) just accepts a string with proper headers, so all you need to do is read your public key file into memory and away you go.

It would definitely be helpful to add a few more concrete examples somewhere… actually… maybe that’s exactly what we need? A migration guide from jsonwebtoken to jose?

jwt = require('jsonwebtoken');
qs = event.queryStringParameters;
const payload = jwt.verify(
  qs.jwt,
  fs.readFileSync('./mykey.pub'), //Standard PEM-format public key (see below)
  { algorithms: ['RS256'] },
);

vs.

const { jwtVerify } = require('jose/jwt/verify');
qs = event.queryStringParameters;
const { payload } = await jwtVerify(
  qs.jwt,
   crypto.createPublicKey(fs.readFileSync('./mykey.pub')),
   { algorithms: ['RS256'] },
 );

mykey.pub: