compare JWK and key in PEM format
Hubert Kario
hkario at redhat.com
Thu Apr 18 11:38:49 UTC 2024
$ openssl pkey -in key.pem -pubin -text
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDpcd3iZJvK3tqZ79mCux4seWvcLW
nES6ddbwKkFpKsncG6knxkS5RN+yvyA/4U8Tl7bkLQXVk7Pd8G40e6V4EQ==
-----END PUBLIC KEY-----
Public-Key: (256 bit)
pub:
04:0e:97:1d:de:26:49:bc:ad:ed:a9:9e:fd:98:2b:
b1:e2:c7:96:bd:c2:d6:9c:44:ba:75:d6:f0:2a:41:
69:2a:c9:dc:1b:a9:27:c6:44:b9:44:df:b2:bf:20:
3f:e1:4f:13:97:b6:e4:2d:05:d5:93:b3:dd:f0:6e:
34:7b:a5:78:11
ASN1 OID: prime256v1
NIST CURVE: P-256
$ echo Dpcd3iZJvK3tqZ79mCux4seWvcLWnES6ddbwKkFpKsk= | openssl base64 -d |
hexdump -C
00000000 0e 97 1d de 26 49 bc ad ed a9 9e fd 98 2b b1 e2
|....&I.......+..|
00000010 c7 96 bd c2 d6 9c 44 ba 75 d6 f0 2a 41 69 2a c9
|......D.u..*Ai*.|
00000020
the y coordinate doesn't seem to match, but I think it may have been
mangled
because of email:
$ echo 3BupJ8ZEuUTfsr8gPFPE5e25C0F1ZOz3fBuNHuleBE== | openssl base64 -d |
hexdump -C
00000000 dc 1b a9 27 c6 44 b9 44 df b2 bf 20 3c 53 c4 e5 |...'.D.D...
<S..|
00000010 ed b9 0b 41 75 64 ec f7 7c 1b 8d 1e e9 5e 04
|...Aud..|....^.|
0000001f
(normally the public key is a concatenation of 04, to indicate uncompressed
point encoding, and then concatenated x and y coordinates;
If you see one starting with 02 or 03 that means it's compressed, so just
the x coordinate is sent)
On Thursday, 18 April 2024 13:24:49 CEST, Andrej Doba wrote:
> Dear SSL Users –
>
> Is there a way compare JWK and key in PEM format using C++ JWT-CPP lib?
>
> JWK sample:
> {"crv":"P-256","kty":"EC","use":"sig","x":"Dpcd3iZJvK3tqZ79mCux4seWvcLWnES6ddbwKkFpKsk","y":"3BupJ8ZEuUTfsr8gP-FPE5e25C0F1ZOz3fBuNHuleBE"}
>
> PEM sample:
> -----BEGIN PUBLIC KEY-----
> MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDpcd3iZJvK3tqZ79mCux4seWvcLW
> nES6ddbwKkFpKsncG6knxkS5RN+yvyA/4U8Tl7bkLQXVk7Pd8G40e6V4EQ==
> -----END PUBLIC KEY-----
>
> Thanks for responses.
> -ad
>
> _____________________________ Andrej Doba
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic
More information about the openssl-users
mailing list