aboutsummaryrefslogtreecommitdiffstats
path: root/posts
diff options
context:
space:
mode:
authorFran├žois Kooman <fkooman@tuxed.net>2018-08-22 14:02:59 +0200
committerFran├žois Kooman <fkooman@tuxed.net>2018-08-22 14:02:59 +0200
commite3795e6b427b5a4565b885670ab476d43aaa1a56 (patch)
treea7a2c92227cc56aee94221b0ea3506ea2c1f2dbb /posts
parent8f1fd9b091fa02aebd9babe7dcaae160c4d8cb44 (diff)
downloadwww.tuxed.net-e3795e6b427b5a4565b885670ab476d43aaa1a56.zip
www.tuxed.net-e3795e6b427b5a4565b885670ab476d43aaa1a56.tar.gz
www.tuxed.net-e3795e6b427b5a4565b885670ab476d43aaa1a56.tar.xz
add JSON Web Key Set post
Diffstat (limited to 'posts')
-rw-r--r--posts/json_web_key_set.md53
1 files changed, 53 insertions, 0 deletions
diff --git a/posts/json_web_key_set.md b/posts/json_web_key_set.md
new file mode 100644
index 0000000..8fb81d4
--- /dev/null
+++ b/posts/json_web_key_set.md
@@ -0,0 +1,53 @@
+---
+title: Generate a JSON Web Key Set from PHP for RSA Keys
+published: 2018-08-22
+---
+
+Using PHP it is quite easy to generate a
+[JSON Web Key](https://tools.ietf.org/html/rfc7517) (Set) from a PEM encoded
+(RSA) Public Key.
+
+Say, you have this public key:
+
+ -----BEGIN PUBLIC KEY-----
+ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWF+1o9XpJmqwHkBdqOe
+ ToHkPOsRW7JYkuEvjVLpRJLe6BKUh4tjABIaSbkvpQIudEXPmPwAbseSo5GZY9uQ
+ voVVmC0Fizu61ETcZyvYV+575+45A1Ua4zbrdOtHdgo4X529yYu43HQobPRX9514
+ FHE7DZA01Jal9rcwVQRefsbaa8i16WGVSc1tDa+/Qbb9UOXTHCM/2HK7lUH+5//6
+ 7syfE9qnLn8JjfhksJj62A9+RObW1aFWflOx7hkNhdh4YngeVxc+RT+uebVIS11b
+ zYKZflvTNf6fh4LsTUb1UamPDIRZmODz/q/zudZJ/6mrXgwvpVsfQQu8VEk5w6/Q
+ 5QIDAQAB
+ -----END PUBLIC KEY-----
+
+You can convert it using the following script:
+
+ <?php
+
+ $keyInfo = openssl_pkey_get_details(openssl_pkey_get_public(file_get_contents('jwt.pub')));
+
+ $jsonData = [
+ 'keys' => [
+ [
+ 'kty' => 'RSA',
+ 'n' => rtrim(str_replace(['+', '/'], ['-', '_'], base64_encode($keyInfo['rsa']['n'])), '='),
+ 'e' => rtrim(str_replace(['+', '/'], ['-', '_'], base64_encode($keyInfo['rsa']['e'])), '='),
+ ],
+ ],
+ ];
+
+ echo json_encode($jsonData, JSON_PRETTY_PRINT).PHP_EOL;
+
+This results in:
+
+ {
+ "keys": [
+ {
+ "kty": "RSA",
+ "n": "sWF-1o9XpJmqwHkBdqOeToHkPOsRW7JYkuEvjVLpRJLe6BKUh4tjABIaSbkvpQIudEXPmPwAbseSo5GZY9uQvoVVmC0Fizu61ETcZyvYV-575-45A1Ua4zbrdOtHdgo4X529yYu43HQobPRX9514FHE7DZA01Jal9rcwVQRefsbaa8i16WGVSc1tDa-_Qbb9UOXTHCM_2HK7lUH-5__67syfE9qnLn8JjfhksJj62A9-RObW1aFWflOx7hkNhdh4YngeVxc-RT-uebVIS11bzYKZflvTNf6fh4LsTUb1UamPDIRZmODz_q_zudZJ_6mrXgwvpVsfQQu8VEk5w6_Q5Q",
+ "e": "AQAB"
+ }
+ ]
+ }
+
+You can use this if you need to publish a JWK Set, e.g. when you want to run
+an OpenID Connect Provider.