I have converted a test_priv.ppk
file to a test_priv.pem
file using below:
- Start PuTTYgen. For Actions, choose Load, and then navigate to your .ppk file.
- Choose the .ppk file, and then choose Open.
- From the menu at the top of the PuTTY Key Generator, choose Conversions, Export OpenSSH Key. Note: If you didn’t enter a passphrase, you receive a PuTTYgen warning. Choose Yes.
- Name the file and add the .pem extension.
- Choose Save.
$private_key = file_get_contents(storage_path('test/test_priv.pem')); // $private_key in xdebugger """ -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAz3SbOsx5EAUe/dbiSLoAhH6smgcPalGpcKIHNOoJ3h9JTP9a 59mwUZy86G5KQ6wQEhPQzKydlhlruAMTZIrjU1vvDtejWy7pMJObhxXBi2+kiO5U 9nWUw7OXuajxb4ss3JCKC4Iv9uQWBkm1Ulepw7S9Xuh3bKnRyVX1MH/igIhLAV54 fEO/ocz3ZZKN0INhOlz0GCGvgdToMMEMUq9Jd+5GpPM6EuNMGObHCselpLxodM6A qhv/FvMD5C1NYDzV7EZbOJ7xE1zEtfKaCKZoQV9S5LR/UeR40A7s/j5RmA6tp8En Wz0oGbtFrXADAjYvRBH4LEyeXwk18YJI165ZcQIBJQKCAQBk7J6LTrdvk8njRfGL Kg4W8YRmm6aibOqlf0HGtwu4KuVjun9AXBCWZ+0yzd7wfThAJVDSRiMmbTtSmbZo Q5EveNUp0LBV33hc0i/8hx/i+Ara1M9jJHHiqmV86meeDFsDhJYvHL1jWjQ6aQwa OHwaBOaBMtJQifdbBzkC1m4wsCDUl/waHzcwfhAO58UjxlktoSgJy+r+5NQVxvtm yU4bfo/HIdjsseYKqELdghHvoi/Vn/rdZDXvLf5b1Nk6fniH0LpbOQFs1GaEbzdS Y76rb0REJ/oKIBipC9+nx6l3X4w4GgFBuNQkfA6iux9NrCffiK35pdhbq88bHmzY W/aVAoGBAPtGpDSW+gAZiGQBBoWW9aPdkWpffpzc1BX0MghjcBQeiaTN+fhLtqEZ ikawRv0n7TJlPGyPwXniKg5D7UedXz3HcAOEIVHdh7MQt7ACb4seJEH7c1o0FPmT MJxms3n/ObAKA9Fj4e0EzOnHDbBEPoFmfqMCsp3ZrXXV/sayPteHAoGBANNbEBME 7SNrszl+zA9wBD7wx2IWRwTuY1csPRub9r92Nc+hM66LTTWwkNp2vGcsrH5mrMlT RWussYc40ZyRvS6b4i34+ji5rrCxcr9rFH/fSCEH0oazqfc2t6+FxcJcV7K4pFNi CfjJ71pCjFmB3OogT7aob8PI7F2ANr7aeZVHAoGBALCSgTm2MyKqKH2f2xHEBo7T DDzpKInnSOzVHD0+9M/eG4iQvX4LsMQ7dex73ttoKiNpu8Hoeh5L5jOJrafyC5My MwljxGMKX1s8Lgz6yuwjBLi+iGjmU+2ls3TSi/Tc3G3dhiRvs4P1iRL6k/9SjMmh +B+FWut2XjcgwN6mxGAZAoGAHI/D5uT9c31Bu6lZ2JKYyjw2no1jiwt1NUsq2jer uQIi8otn2VEYRYaQHYWqwdWaxPkeRLg50EfE9pj5uzZJ/2EsZxPOyWUzSE9UshVj opPLehXQV2RjE5HFy5x0q4/wLOiE6KxiNmB6SneyGe70Vv1yjk4c8PGjZpTJILW9 ZzMCgYEA8IfYvijvOgqwGV9ALwkmJy8RBI6g0VuTZlGxC/L/Le18RGsmEM1JARPc b+EuxTrje4suLSzv6WvD7ivhjGvBJVLTDGsbly50g0DU6nloWUQfj3XXXCQXAmz6 taQ3bgJ+YV+NSQ0vUyOsN8RztbkOH3t3JrLYPTNEgYiY4+uccSk= -----END RSA PRIVATE KEY----- """
And generated public key test_pub
From Actions Save Public Key button
$public_key = [file_get_contents][1](storage_path('test/test_pub')); // $public_key in xdebugger """ -----BEGIN RSA PUBLIC KEY----- MIIBCAKCAQEAz3SbOsx5EAUe/dbiSLoAhH6smgcPalGpcKIHNOoJ3h9JTP9a59mw UZy86G5KQ6wQEhPQzKydlhlruAMTZIrjU1vvDtejWy7pMJObhxXBi2+kiO5U9nWU w7OXuajxb4ss3JCKC4Iv9uQWBkm1Ulepw7S9Xuh3bKnRyVX1MH/igIhLAV54fEO/ ocz3ZZKN0INhOlz0GCGvgdToMMEMUq9Jd+5GpPM6EuNMGObHCselpLxodM6Aqhv/ FvMD5C1NYDzV7EZbOJ7xE1zEtfKaCKZoQV9S5LR/UeR40A7s/j5RmA6tp8EnWz0o GbtFrXADAjYvRBH4LEyeXwk18YJI165ZcQIBJQ== -----END RSA PUBLIC KEY----- """
However, while using PHP-JWT to encode and decode the payload.
use FirebaseJWTJWT; $jwt = JWT::encode($payload, $private_key , 'RS256'); $decoded = JWT::decode($jwt, $public_key , array('RS256')); // ErrorException: openssl_verify(): supplied key param cannot be coerced into a public key
What could be causing this error?
Advertisement
Answer
You are using a RSA Privat Key and a RSA Public Key that are in the encoding “PKCS1” which is not usable in PHP OpenSSL:
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PUBLIC KEY-----
see information on PHP’s OpenSSL man page: https://www.php.net/manual/en/function.openssl-pkey-get-public.php#101513
To use these keys in your program you need to convert them to “PKCS8” encoded Private/Public Keys that will start with
-----BEGIN PRIVATE KEY----- -----BEGIN PUBLIC KEY-----
For conversion you can use online services (but only for a Public Key, never ever for a Private Key).
If you want to do it local I recommend the OpenSSL command line tool (yes, it works with these “traditional” PKCS1 keys …). Just use this command lines:
openssl pkcs8 -topk8 -nocrypt -in rsaprivatekeypkcs1.pem -out rsaprivatekeypkcs8.pem openssl rsa -RSAPublicKey_in -in rsapublickeypkcs1.pem -pubout -out rsapublickeypkcs8.pem
and you receive these keys (converted from your demo keys in your question):
-----BEGIN PRIVATE KEY----- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDPdJs6zHkQBR79 1uJIugCEfqyaBw9qUalwogc06gneH0lM/1rn2bBRnLzobkpDrBASE9DMrJ2WGWu4 AxNkiuNTW+8O16NbLukwk5uHFcGLb6SI7lT2dZTDs5e5qPFviyzckIoLgi/25BYG SbVSV6nDtL1e6HdsqdHJVfUwf+KAiEsBXnh8Q7+hzPdlko3Qg2E6XPQYIa+B1Ogw wQxSr0l37kak8zoS40wY5scKx6WkvGh0zoCqG/8W8wPkLU1gPNXsRls4nvETXMS1 8poIpmhBX1LktH9R5HjQDuz+PlGYDq2nwSdbPSgZu0WtcAMCNi9EEfgsTJ5fCTXx gkjXrllxAgElAoIBAGTsnotOt2+TyeNF8YsqDhbxhGabpqJs6qV/Qca3C7gq5WO6 f0BcEJZn7TLN3vB9OEAlUNJGIyZtO1KZtmhDkS941SnQsFXfeFzSL/yHH+L4CtrU z2MkceKqZXzqZ54MWwOEli8cvWNaNDppDBo4fBoE5oEy0lCJ91sHOQLWbjCwINSX /BofNzB+EA7nxSPGWS2hKAnL6v7k1BXG+2bJTht+j8ch2Oyx5gqoQt2CEe+iL9Wf +t1kNe8t/lvU2Tp+eIfQuls5AWzUZoRvN1JjvqtvREQn+gogGKkL36fHqXdfjDga AUG41CR8DqK7H02sJ9+Irfml2FurzxsebNhb9pUCgYEA+0akNJb6ABmIZAEGhZb1 o92Ral9+nNzUFfQyCGNwFB6JpM35+Eu2oRmKRrBG/SftMmU8bI/BeeIqDkPtR51f PcdwA4QhUd2HsxC3sAJvix4kQftzWjQU+ZMwnGazef85sAoD0WPh7QTM6ccNsEQ+ gWZ+owKyndmtddX+xrI+14cCgYEA01sQEwTtI2uzOX7MD3AEPvDHYhZHBO5jVyw9 G5v2v3Y1z6EzrotNNbCQ2na8ZyysfmasyVNFa6yxhzjRnJG9LpviLfj6OLmusLFy v2sUf99IIQfShrOp9za3r4XFwlxXsrikU2IJ+MnvWkKMWYHc6iBPtqhvw8jsXYA2 vtp5lUcCgYEAsJKBObYzIqoofZ/bEcQGjtMMPOkoiedI7NUcPT70z94biJC9fguw xDt17Hve22gqI2m7weh6HkvmM4mtp/ILkzIzCWPEYwpfWzwuDPrK7CMEuL6IaOZT 7aWzdNKL9Nzcbd2GJG+zg/WJEvqT/1KMyaH4H4Va63ZeNyDA3qbEYBkCgYAcj8Pm 5P1zfUG7qVnYkpjKPDaejWOLC3U1SyraN6u5AiLyi2fZURhFhpAdharB1ZrE+R5E uDnQR8T2mPm7Nkn/YSxnE87JZTNIT1SyFWOik8t6FdBXZGMTkcXLnHSrj/As6ITo rGI2YHpKd7IZ7vRW/XKOThzw8aNmlMkgtb1nMwKBgQDwh9i+KO86CrAZX0AvCSYn LxEEjqDRW5NmUbEL8v8t7XxEayYQzUkBE9xv4S7FOuN7iy4tLO/pa8PuK+GMa8El UtMMaxuXLnSDQNTqeWhZRB+PdddcJBcCbPq1pDduAn5hX41JDS9TI6w3xHO1uQ4f e3cmstg9M0SBiJjj65xxKQ== -----END PRIVATE KEY----- -----BEGIN PUBLIC KEY----- MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAz3SbOsx5EAUe/dbiSLoA hH6smgcPalGpcKIHNOoJ3h9JTP9a59mwUZy86G5KQ6wQEhPQzKydlhlruAMTZIrj U1vvDtejWy7pMJObhxXBi2+kiO5U9nWUw7OXuajxb4ss3JCKC4Iv9uQWBkm1Ulep w7S9Xuh3bKnRyVX1MH/igIhLAV54fEO/ocz3ZZKN0INhOlz0GCGvgdToMMEMUq9J d+5GpPM6EuNMGObHCselpLxodM6Aqhv/FvMD5C1NYDzV7EZbOJ7xE1zEtfKaCKZo QV9S5LR/UeR40A7s/j5RmA6tp8EnWz0oGbtFrXADAjYvRBH4LEyeXwk18YJI165Z cQIBJQ== -----END PUBLIC KEY-----
With these keys the verification (just the Public Key is needed) should work.