Skip to content

Importing JWK then exporting results in different kid #313

New issue
New issue
Closed
Closed
Importing JWK then exporting results in different kid#313
Labels
possible bugreview requiredsecurity
Milestone
Version 2.3.0
@xcskier56

Description

@xcskier56
xcskier56
opened on May 21, 2019

If you import a JWK from json and then export it back to JSON, it is exported with a changed kid. This means that the JWKs loader is failing to find the key by its id.

Gem Version: 2.2.0.pre.beta.0
Ruby Version: 2.6.3

    key_hash = {
      kty: "RSA",
      kid: "xQbOc1Ydqq3vemT9WN4GWuOZKOFSPXq1xzXxON_yWFg",
      e: "AQAB",
      n: "unkoQzE-VJwehDczS5o5ijyaAH2JyzhdLd7oSndnS63gzFRXS_LpDq62JLGHMFCYo11VYRb9kn2cdlfG0IANqTt9SWJ-iSKmdRnZIm-q5XCJGmW7C1Gazh9kgmMeWq3Zq5cv83r0e-KkcmWiT_XMrXutTTtUAVms1bCoGCEq7NBb5mnGeFxK51yxlNTnSMk0SJBuYvJ_13XISUQE-hwCdtd9LyDVFcggJcDejWlO3EIAtsWS4aPBt-ln9y9wIVpmsmjmsRTmXtS8B3KH6f6qAPuxzTmCNWLp_jh-W60o3lmgkMaqwdc0OjUpc6Lhn9E9LzqftXKpV3H6QRQgicQmyQ",
      use: "sig",
      alg: "RS256"
    }

    jwk = JWT::JWK.import(key_hash)

    export = jwk.export

    key_hash[:kid] == export[:kid] # FALSE

    key_hash[:kid] # => "xQbOc1Ydqq3vemT9WN4GWuOZKOFSPXq1xzXxON_yWFg"
    export[:kid] # => "68945d6bbec4cf6e228c3675671dbd39b5686425bb075285dd2d19593c48000a"

Metadata

Metadata

Assignees

No one assigned

    Labels

    possible bugreview requiredsecurity

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions