How to use Cert files

[itohatweb]

I noticed djwt now wants a CryptoKey and not cert strings anymore. Since I'm pretty new to crypto I would love to have an example of how to use eg RSA key files.

[timonson]

Hi, to generate a CryptoKey or a CryptoKeyPair from existing keys you can use the importKey method from the Web Crypto API. You should be able to use your .pem files with this method.

Please take a look at this documentation and the containing examples and let me know if they helped: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey

If you just want to generate a CryptoKeyPair I added an example for the RS384 algorithm here.

Thanks!

[itohatweb]

Looks like pkcs8 is not available in deno 🤔

[koanzen]

@ts

Easiest way is to declare a Global var for your key and use it to create and verify your JWT.

Just put this code in your Starting Application

---

declare global {
var keys: any;
interface Window {
keys: any;
}
}

window.keys = await crypto.subtle.generateKey(
{
name: "RSASSA-PKCS1-v1_5",
modulusLength: 4096,
publicExponent: new Uint8Array([1, 0, 1]),
hash: "SHA-384",
},
true,
["verify", "sign"],
)

##to create JWT token:

const jwtpayload: Payload = {
sub: "1234567890",
name: "John Doe",
admin: true,
iat: 1516239022,
}

const jwtheader: Header = {
alg: "RS384",typ: "JWT"
}

const jwt = await create(jwtheader,jwtpayload,keys.privateKey)

##to verify:

await verify(jwt,keys.publicKey)

---

##I think this is not a good practice but it works, hope it will help.

##Edited: Derived from RSA of timonson.

[itohatweb]

For my application I need to use RSA and I need the tokens to be valid even after a restart.

[timonson]

Hi @itohatweb , pkcs8 has been implemented by the deno authors now.

I added an example for generating, exporting and importing a key in pkcs8 format here. Does it help?

[itohatweb]

Yes thank you.