TOP(jsrsasign) | WIKI | DOWNLOADS | TUTORIALS | API REFERENCE | DEMOS
To use jsrsasign including jsjws on your browser, just include 'jsrsasign-latest-all-min.js' script as following:
PuTTYgen is an key generator tool for creating SSH keys for PuTTY. It is analogous to the ssh-keygen tool used in some other SSH implementations. The basic function is to create public and private key pairs. PuTTY stores keys in its own format in.ppk files. However, the tool can also convert keys to and from other formats. Nov 06, 2019 sh-4.4$ ssh-keygen -t rsa -b 4096 -f jwtRS256.key Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in jwtRS256.key. Your public key has been saved in jwtRS256.key.pub.
Private Key Definition
JSON Web Token(JWT) generation is very similar to JSON Web Signature(JWS) generation since those difference is just payload. JWS generation is to create header and payload JSON object with necessary claims and then sign it.
Time in JWS/JWT, integer value for UNIX origin time since 1970 Jan 1 will be used. To specify time value KJUR.jws.IntData.get method is very useful.
Here is a sample for a JWT generation with HS256 signature algorithm:
When you want to sign JWT by your private key of public key cryptography, KEYUTIL.getKey method can be used to load PKCS#1 or PKCS#8 PEM formatted encrypted or plain private key. Here is an example:
Please also see Online JWT generation/verification tool.
Jwt Generate Key
jwt.io site interoperability
jwt.io site can generate and verify HS256/384/512 JWT online and it uses old version of jsrsasign.However difference of way to specify password between jwt.io and jsrsasign may make some confusion.
jwt.io
- default password is an ascii string of 'secret'.
- it can accept password ascii string or Base64URL encoded data.
jsrsasign
- Password encoding is detected automatically by default. If is hexadecimal string, then decode it as hexadecimal.
- It supports many way of password encoding: raw string, utf8 string, hexadecimal string, base64 string, base64url string.
In order to verify jsrsasign generated HS* JWT by jwt.io site, specify password as one of follows: