Json Web Keys again

Matt Caswell matt at openssl.org
Wed Dec 4 12:04:23 UTC 2019

On 04/12/2019 11:22, Angus Robertson - Magenta Systems Ltd wrote:
>>> It seems the EVP_PKEY_RSA_PSS addition was only committed 28th 
>>> October 2019, so need to wait for 1.1.1e, hopefully real soon...
>> Ah, that explains it!
> Now tested with 1.1.1e-dev and I can generate a JWK from an RSA-PSS key.
> Since JWK is for signing, I also tried to support ED25519 private keys,
> but get:
> error:0D0A40A7:asn1 encoding routines:i2d_PublicKey:unsupported public
> key type
> A binary public key is all I need for JWK, simple format. A search of
> master suggests nothing yet.

i2d_PublicKey() serializes a public key using key specific (legacy)
formats where available. There isn't a key specific format for Ed25519.
It just uses the generic SubjectPublicKeyInfo format.

You need to use i2d_PUBKEY() for that.

Arguably we should make i2d_PublicKey() fallback to i2d_PUBKEY() where
no key specific format is available.


More information about the openssl-users mailing list