I have converted a test_priv.ppk file to a test_priv.pem file using below:
- Start PuTTYgen. For Actions, choose Load, and then navigate to your .ppk file.
- Choose the .ppk file, and then choose Open.
- From the menu at the top of the PuTTY Key Generator, choose Conversions, Export OpenSSH Key. Note: If you didn’t enter a passphrase, you receive a PuTTYgen warning. Choose Yes.
- Name the file and add the .pem extension.
- Choose Save.
$private_key = file_get_contents(storage_path('test/test_priv.pem'));
// $private_key in xdebugger
"""
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAz3SbOsx5EAUe/dbiSLoAhH6smgcPalGpcKIHNOoJ3h9JTP9a
59mwUZy86G5KQ6wQEhPQzKydlhlruAMTZIrjU1vvDtejWy7pMJObhxXBi2+kiO5U
9nWUw7OXuajxb4ss3JCKC4Iv9uQWBkm1Ulepw7S9Xuh3bKnRyVX1MH/igIhLAV54
fEO/ocz3ZZKN0INhOlz0GCGvgdToMMEMUq9Jd+5GpPM6EuNMGObHCselpLxodM6A
qhv/FvMD5C1NYDzV7EZbOJ7xE1zEtfKaCKZoQV9S5LR/UeR40A7s/j5RmA6tp8En
Wz0oGbtFrXADAjYvRBH4LEyeXwk18YJI165ZcQIBJQKCAQBk7J6LTrdvk8njRfGL
Kg4W8YRmm6aibOqlf0HGtwu4KuVjun9AXBCWZ+0yzd7wfThAJVDSRiMmbTtSmbZo
Q5EveNUp0LBV33hc0i/8hx/i+Ara1M9jJHHiqmV86meeDFsDhJYvHL1jWjQ6aQwa
OHwaBOaBMtJQifdbBzkC1m4wsCDUl/waHzcwfhAO58UjxlktoSgJy+r+5NQVxvtm
yU4bfo/HIdjsseYKqELdghHvoi/Vn/rdZDXvLf5b1Nk6fniH0LpbOQFs1GaEbzdS
Y76rb0REJ/oKIBipC9+nx6l3X4w4GgFBuNQkfA6iux9NrCffiK35pdhbq88bHmzY
W/aVAoGBAPtGpDSW+gAZiGQBBoWW9aPdkWpffpzc1BX0MghjcBQeiaTN+fhLtqEZ
ikawRv0n7TJlPGyPwXniKg5D7UedXz3HcAOEIVHdh7MQt7ACb4seJEH7c1o0FPmT
MJxms3n/ObAKA9Fj4e0EzOnHDbBEPoFmfqMCsp3ZrXXV/sayPteHAoGBANNbEBME
7SNrszl+zA9wBD7wx2IWRwTuY1csPRub9r92Nc+hM66LTTWwkNp2vGcsrH5mrMlT
RWussYc40ZyRvS6b4i34+ji5rrCxcr9rFH/fSCEH0oazqfc2t6+FxcJcV7K4pFNi
CfjJ71pCjFmB3OogT7aob8PI7F2ANr7aeZVHAoGBALCSgTm2MyKqKH2f2xHEBo7T
DDzpKInnSOzVHD0+9M/eG4iQvX4LsMQ7dex73ttoKiNpu8Hoeh5L5jOJrafyC5My
MwljxGMKX1s8Lgz6yuwjBLi+iGjmU+2ls3TSi/Tc3G3dhiRvs4P1iRL6k/9SjMmh
+B+FWut2XjcgwN6mxGAZAoGAHI/D5uT9c31Bu6lZ2JKYyjw2no1jiwt1NUsq2jer
uQIi8otn2VEYRYaQHYWqwdWaxPkeRLg50EfE9pj5uzZJ/2EsZxPOyWUzSE9UshVj
opPLehXQV2RjE5HFy5x0q4/wLOiE6KxiNmB6SneyGe70Vv1yjk4c8PGjZpTJILW9
ZzMCgYEA8IfYvijvOgqwGV9ALwkmJy8RBI6g0VuTZlGxC/L/Le18RGsmEM1JARPc
b+EuxTrje4suLSzv6WvD7ivhjGvBJVLTDGsbly50g0DU6nloWUQfj3XXXCQXAmz6
taQ3bgJ+YV+NSQ0vUyOsN8RztbkOH3t3JrLYPTNEgYiY4+uccSk=
-----END RSA PRIVATE KEY-----
"""
And generated public key test_pub From Actions Save Public Key button
$public_key = [file_get_contents][1](storage_path('test/test_pub'));
// $public_key in xdebugger
"""
-----BEGIN RSA PUBLIC KEY-----
MIIBCAKCAQEAz3SbOsx5EAUe/dbiSLoAhH6smgcPalGpcKIHNOoJ3h9JTP9a59mw
UZy86G5KQ6wQEhPQzKydlhlruAMTZIrjU1vvDtejWy7pMJObhxXBi2+kiO5U9nWU
w7OXuajxb4ss3JCKC4Iv9uQWBkm1Ulepw7S9Xuh3bKnRyVX1MH/igIhLAV54fEO/
ocz3ZZKN0INhOlz0GCGvgdToMMEMUq9Jd+5GpPM6EuNMGObHCselpLxodM6Aqhv/
FvMD5C1NYDzV7EZbOJ7xE1zEtfKaCKZoQV9S5LR/UeR40A7s/j5RmA6tp8EnWz0o
GbtFrXADAjYvRBH4LEyeXwk18YJI165ZcQIBJQ==
-----END RSA PUBLIC KEY-----
"""
However, while using PHP-JWT to encode and decode the payload.
use FirebaseJWTJWT;
$jwt = JWT::encode($payload, $private_key , 'RS256');
$decoded = JWT::decode($jwt, $public_key , array('RS256')); // ErrorException: openssl_verify(): supplied key param cannot be coerced into a public key
What could be causing this error?
Advertisement
Answer
You are using a RSA Privat Key and a RSA Public Key that are in the encoding “PKCS1” which is not usable in PHP OpenSSL:
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PUBLIC KEY-----
see information on PHP’s OpenSSL man page: https://www.php.net/manual/en/function.openssl-pkey-get-public.php#101513
To use these keys in your program you need to convert them to “PKCS8” encoded Private/Public Keys that will start with
-----BEGIN PRIVATE KEY----- -----BEGIN PUBLIC KEY-----
For conversion you can use online services (but only for a Public Key, never ever for a Private Key).
If you want to do it local I recommend the OpenSSL command line tool (yes, it works with these “traditional” PKCS1 keys …). Just use this command lines:
openssl pkcs8 -topk8 -nocrypt -in rsaprivatekeypkcs1.pem -out rsaprivatekeypkcs8.pem openssl rsa -RSAPublicKey_in -in rsapublickeypkcs1.pem -pubout -out rsapublickeypkcs8.pem
and you receive these keys (converted from your demo keys in your question):
-----BEGIN PRIVATE KEY----- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDPdJs6zHkQBR79 1uJIugCEfqyaBw9qUalwogc06gneH0lM/1rn2bBRnLzobkpDrBASE9DMrJ2WGWu4 AxNkiuNTW+8O16NbLukwk5uHFcGLb6SI7lT2dZTDs5e5qPFviyzckIoLgi/25BYG SbVSV6nDtL1e6HdsqdHJVfUwf+KAiEsBXnh8Q7+hzPdlko3Qg2E6XPQYIa+B1Ogw wQxSr0l37kak8zoS40wY5scKx6WkvGh0zoCqG/8W8wPkLU1gPNXsRls4nvETXMS1 8poIpmhBX1LktH9R5HjQDuz+PlGYDq2nwSdbPSgZu0WtcAMCNi9EEfgsTJ5fCTXx gkjXrllxAgElAoIBAGTsnotOt2+TyeNF8YsqDhbxhGabpqJs6qV/Qca3C7gq5WO6 f0BcEJZn7TLN3vB9OEAlUNJGIyZtO1KZtmhDkS941SnQsFXfeFzSL/yHH+L4CtrU z2MkceKqZXzqZ54MWwOEli8cvWNaNDppDBo4fBoE5oEy0lCJ91sHOQLWbjCwINSX /BofNzB+EA7nxSPGWS2hKAnL6v7k1BXG+2bJTht+j8ch2Oyx5gqoQt2CEe+iL9Wf +t1kNe8t/lvU2Tp+eIfQuls5AWzUZoRvN1JjvqtvREQn+gogGKkL36fHqXdfjDga AUG41CR8DqK7H02sJ9+Irfml2FurzxsebNhb9pUCgYEA+0akNJb6ABmIZAEGhZb1 o92Ral9+nNzUFfQyCGNwFB6JpM35+Eu2oRmKRrBG/SftMmU8bI/BeeIqDkPtR51f PcdwA4QhUd2HsxC3sAJvix4kQftzWjQU+ZMwnGazef85sAoD0WPh7QTM6ccNsEQ+ gWZ+owKyndmtddX+xrI+14cCgYEA01sQEwTtI2uzOX7MD3AEPvDHYhZHBO5jVyw9 G5v2v3Y1z6EzrotNNbCQ2na8ZyysfmasyVNFa6yxhzjRnJG9LpviLfj6OLmusLFy v2sUf99IIQfShrOp9za3r4XFwlxXsrikU2IJ+MnvWkKMWYHc6iBPtqhvw8jsXYA2 vtp5lUcCgYEAsJKBObYzIqoofZ/bEcQGjtMMPOkoiedI7NUcPT70z94biJC9fguw xDt17Hve22gqI2m7weh6HkvmM4mtp/ILkzIzCWPEYwpfWzwuDPrK7CMEuL6IaOZT 7aWzdNKL9Nzcbd2GJG+zg/WJEvqT/1KMyaH4H4Va63ZeNyDA3qbEYBkCgYAcj8Pm 5P1zfUG7qVnYkpjKPDaejWOLC3U1SyraN6u5AiLyi2fZURhFhpAdharB1ZrE+R5E uDnQR8T2mPm7Nkn/YSxnE87JZTNIT1SyFWOik8t6FdBXZGMTkcXLnHSrj/As6ITo rGI2YHpKd7IZ7vRW/XKOThzw8aNmlMkgtb1nMwKBgQDwh9i+KO86CrAZX0AvCSYn LxEEjqDRW5NmUbEL8v8t7XxEayYQzUkBE9xv4S7FOuN7iy4tLO/pa8PuK+GMa8El UtMMaxuXLnSDQNTqeWhZRB+PdddcJBcCbPq1pDduAn5hX41JDS9TI6w3xHO1uQ4f e3cmstg9M0SBiJjj65xxKQ== -----END PRIVATE KEY----- -----BEGIN PUBLIC KEY----- MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAz3SbOsx5EAUe/dbiSLoA hH6smgcPalGpcKIHNOoJ3h9JTP9a59mwUZy86G5KQ6wQEhPQzKydlhlruAMTZIrj U1vvDtejWy7pMJObhxXBi2+kiO5U9nWUw7OXuajxb4ss3JCKC4Iv9uQWBkm1Ulep w7S9Xuh3bKnRyVX1MH/igIhLAV54fEO/ocz3ZZKN0INhOlz0GCGvgdToMMEMUq9J d+5GpPM6EuNMGObHCselpLxodM6Aqhv/FvMD5C1NYDzV7EZbOJ7xE1zEtfKaCKZo QV9S5LR/UeR40A7s/j5RmA6tp8EnWz0oGbtFrXADAjYvRBH4LEyeXwk18YJI165Z cQIBJQ== -----END PUBLIC KEY-----
With these keys the verification (just the Public Key is needed) should work.