0

I am using Scala to generate JWT using RS256 algorithm and private keys:

val jwtPayload = s"""{
                        |    "exp": $time,
                        |    "iss": "$orgId",
                        |    "sub": "$technicalAccountId",
                        |    "aud": "${imsExp}/c/${clientId}",
                        |    "${imsExp}/s/${metaScope}": true
                        |}""".stripMargin
    println(jwtPayload)
    val token = Jwts.builder()
      .setPayload(jwtPayload)
      .signWith(SignatureAlgorithm.RS256,privateKey.getBytes("UTF-8"))

But this fails with the error:

Key bytes may only be specified for HMAC signatures.  If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.
    at io.jsonwebtoken.lang.Assert.isTrue(Assert.java:38)

But the same code works well in javascript:

const jwtPayload = {
        exp: Math.round(300 + Date.now() / 1000),
        iss: secrets.org,
        sub: secrets.id,
        aud: `${secrets.imsEndpoint}/c/${secrets.technicalAccount.clientId}`,
        [`${secrets.imsEndpoint}/s/${secrets.metascopes}`]: true
    };

    let token;
    try {
        token = jwt.sign(
            jwtPayload,
            { key: secrets.privateKey},
            { algorithm: 'RS256' }
        );
        console.log(token);
    } catch (tokenError) {
        return Promise.reject(tokenError);
    }

I am unable to identify two things:

  1. How to pass passphrase?
  2. How to get rid of below error:
Key bytes may only be specified for HMAC signatures.  If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.
    at io.jsonwebtoken.lang.Assert.isTrue(Assert.java:38)

When I remove .getBytes method, I recieve a new error:

Exception in thread "main" java.lang.IllegalArgumentException: Base64-encoded key bytes may only be specified for HMAC signatures.  If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.

Shivam Sahil
  • 4,055
  • 3
  • 31
  • 62
  • Did you try removing the `.getBytes("UTF-8"))`? The error message seems to recommend this: *If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead.* – jps Oct 26 '22 at 07:10
  • I did try to remove `.getBytes` but then I recieve a new error: `Exception in thread "main" java.lang.IllegalArgumentException: Base64-encoded key bytes may only be specified for HMAC signatures. If using RSA or Elliptic Curve, use the signWith(SignatureAlgorithm, Key) method instead. ` – Shivam Sahil Oct 26 '22 at 07:16

0 Answers0