RSA private key creation from data failed

[emilwojtaszek]

I'm having a tough time using this lib. I'm trying to generate JWT using Google Private key.
My approach below:

let key = "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDSm9uzsHb4u257\n6GEiWntLseb9cgKYNujPt725YtGXQx7EtbD6L7/L6I/aTH1w1E1gZqK6XRzIkiZm\nPBxYoOuT9K89LUzmSGaIFqwUpqPMDrOssyKxNHCf9fRHNCREKyTWMHUZ/2Rt/cMd\nTniljA572KhenaY5C0sqhdTrEQnc8xKMKwInSoxI2wg4HwbBectMp/5L3B0wsGgH\nGkFunGFKjMkOQ4VUcv+7V9BHfJLcFaSKs+/q03RHJAxijP5joMnNBEWi9s/giCvr\npEdvgoMkt6NE+6am3yRFZTFYIf7/Z5nxSW4qKdhfSjIvDrcv3qo7aCgbf7wNiVxH\nPmE2Fo9XAgMBAAECggEBALFjAu5a4CnpvEny1PVZXmXIBrVLdLH99aMWsF7Xw45y\nwxSNr+1ZkGLPk3IbYMBKoI1khQUQ7fBlYKBVWs6vYxwwR/TwFcgUDP/skK2oGWgC\nrgT0sHCuqXmhcEkUusMLz6/0Cn2GJXGa/d7OPEG7MGvRdSaUA/Ah+gJrzITcygDk\n1rSbeHiiFjhPSsAZ5fYOE5j/GGML/efRDLSfDE7vtHWp42s0Oe9eLMMmgQbEW82z\nVhBqeOjQkHVxDhr3ag6MXy5n5MDrkMbh3HVyGeV64tpHXs4M5N1iL+e3YN9aMC07\nyuZuaLsjHC/Sglla1KtDR814wQ5174p/bowOB/GyHekCgYEA94yauOdIlFiv2A3b\n9VTvYgmlNFrmo5M3AeHRkhDjQdo0+JnzT1KLfdTQ7gTFCZ66xPbiK2UzmbXFNIDc\ngf25vQ5LxrKFRqjJcocg6KcpV3KCWkONB5Sh9+FvNFIO//6LCuYM2Hvfjv5degZH\nrWFtQTQV3XgHrECwgY1iprlD7S0CgYEA2cxsEvgZ55oj8sS+MPAU2G7sNK3Cs3Z+\ndzWiGMmHJihBskamyvJOmFYkizjwUXhjcL2ZOicldQ5xqSpQe+zYeXuq405UNUuZ\n2QVQ2EezzhPSoofzrxMrwKtng3SKdTVx1qny5i0M4ZEzWgu2N466yLdTolGzWdSw\njoCIaTim6RMCgYEAnwOwt6nJ05EMk6qDapo+kylC99iUYurD4O+f4UX71WdHs5Gg\n24lYlWHJO7vQnhdaPf+g1ONTPB+pJ8rG2rGTSEAQqPgv6G2vyWPH3erTAZtK5JST\n2RS+3i3vcxprDEIEKuIPylf4CTCX9zRlgpgcyE+e4/6gXyPGvdGGVzaWzZkCgYAE\noELrZDmooa2Byov/nhnTPwflVot8JFgrUAhRXnZwaQp8LuP8C4l/0tST4HG6SURT\ncLOAeLRi+BuR7EQpXa57ZhULHu7K8wAhi+tbrKo1BlbC/QBAB7g2L23TbPZD5w6z\n8IgoO2y6ncrpbrZAF9f/y2ULXZDhp5LYdAJxubJR4QKBgFoZYEzqiEYO/MwdzrVy\n11tWGzy6NsAEGv6EBg0cIsdyg2gbzuMBsKcIrwsT9v0BTl+H4gdDALvijQOPfyJM\nQJGXamigBDjvCfMluWHzbYH/YbyRjUklhJwGQIEu12uSK8tIGd9EvR1g4ZkR4h5x\nZowPmeBkmJMQvZc0OEiP4fJb\n-----END PRIVATE KEY-----\n"
  
let payload =  OAuthPayload(iss: Current.envVars.google.clientEmail, scope: "https://www.googleapis.com/auth/calendar.events", aud: "https://www.googleapis.com/oauth2/v4/token", iat: Date(), exp: Date().addingTimeInterval(3600))
  
var jwt = JWT<OAuthPayload>.init(claims: payload)
let signer = JWTSigner.rs256(privateKey: key.data(using: .utf8)!)
let jwtString = try! jwt.sign(using: signer)
  
print(jwtString)

I'm getting this error:

Error Domain=NSOSStatusErrorDomain Code=-50 "RSA private key creation from data failed" (paramErr: error in user parameter list) UserInfo={NSDescription=RSA private key creation from data failed}

Any idea what am I doing wrong?

[Andrew-Lees11]

@emilwojtaszek
So the problem is that your key is PKCS8 (-----BEGIN PRIVATE KEY-----).
Our repo for extracting keys seems to only take PKCS1 (-----BEGIN RSA PRIVATE KEY-----)
You can switch between the formats using openSSL:

openssl rsa -in server.key -out server_new.key

More information is this can be found in this stackoverflow post

You will have to save your key into the server.key file with the \n replaced with actual new lines and no quotes:

-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDSm9uzsHb4u257
6GEiWntLseb9cgKYNujPt725YtGXQx7EtbD6L7/L6I/aTH1w1E1gZqK6XRzIkiZm
PBxYoOuT9K89LUzmSGaIFqwUpqPMDrOssyKxNHCf9fRHNCREKyTWMHUZ/2Rt/cMd
TniljA572KhenaY5C0sqhdTrEQnc8xKMKwInSoxI2wg4HwbBectMp/5L3B0wsGgH
GkFunGFKjMkOQ4VUcv+7V9BHfJLcFaSKs+/q03RHJAxijP5joMnNBEWi9s/giCvr
pEdvgoMkt6NE+6am3yRFZTFYIf7/Z5nxSW4qKdhfSjIvDrcv3qo7aCgbf7wNiVxH
PmE2Fo9XAgMBAAECggEBALFjAu5a4CnpvEny1PVZXmXIBrVLdLH99aMWsF7Xw45y
wxSNr+1ZkGLPk3IbYMBKoI1khQUQ7fBlYKBVWs6vYxwwR/TwFcgUDP/skK2oGWgC
rgT0sHCuqXmhcEkUusMLz6/0Cn2GJXGa/d7OPEG7MGvRdSaUA/Ah+gJrzITcygDk
1rSbeHiiFjhPSsAZ5fYOE5j/GGML/efRDLSfDE7vtHWp42s0Oe9eLMMmgQbEW82z
VhBqeOjQkHVxDhr3ag6MXy5n5MDrkMbh3HVyGeV64tpHXs4M5N1iL+e3YN9aMC07
yuZuaLsjHC/Sglla1KtDR814wQ5174p/bowOB/GyHekCgYEA94yauOdIlFiv2A3b
9VTvYgmlNFrmo5M3AeHRkhDjQdo0+JnzT1KLfdTQ7gTFCZ66xPbiK2UzmbXFNIDc
gf25vQ5LxrKFRqjJcocg6KcpV3KCWkONB5Sh9+FvNFIO//6LCuYM2Hvfjv5degZH
rWFtQTQV3XgHrECwgY1iprlD7S0CgYEA2cxsEvgZ55oj8sS+MPAU2G7sNK3Cs3Z+
dzWiGMmHJihBskamyvJOmFYkizjwUXhjcL2ZOicldQ5xqSpQe+zYeXuq405UNUuZ
2QVQ2EezzhPSoofzrxMrwKtng3SKdTVx1qny5i0M4ZEzWgu2N466yLdTolGzWdSw
joCIaTim6RMCgYEAnwOwt6nJ05EMk6qDapo+kylC99iUYurD4O+f4UX71WdHs5Gg
24lYlWHJO7vQnhdaPf+g1ONTPB+pJ8rG2rGTSEAQqPgv6G2vyWPH3erTAZtK5JST
2RS+3i3vcxprDEIEKuIPylf4CTCX9zRlgpgcyE+e4/6gXyPGvdGGVzaWzZkCgYAE
oELrZDmooa2Byov/nhnTPwflVot8JFgrUAhRXnZwaQp8LuP8C4l/0tST4HG6SURT
cLOAeLRi+BuR7EQpXa57ZhULHu7K8wAhi+tbrKo1BlbC/QBAB7g2L23TbPZD5w6z
8IgoO2y6ncrpbrZAF9f/y2ULXZDhp5LYdAJxubJR4QKBgFoZYEzqiEYO/MwdzrVy
11tWGzy6NsAEGv6EBg0cIsdyg2gbzuMBsKcIrwsT9v0BTl+H4gdDALvijQOPfyJM
QJGXamigBDjvCfMluWHzbYH/YbyRjUklhJwGQIEu12uSK8tIGd9EvR1g4ZkR4h5x
ZowPmeBkmJMQvZc0OEiP4fJb
-----END PRIVATE KEY-----

And that should give you a private key as follows:

-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA0pvbs7B2+Ltue+hhIlp7S7Hm/XICmDboz7e9uWLRl0MexLWw
+i+/y+iP2kx9cNRNYGaiul0cyJImZjwcWKDrk/SvPS1M5khmiBasFKajzA6zrLMi
sTRwn/X0RzQkRCsk1jB1Gf9kbf3DHU54pYwOe9ioXp2mOQtLKoXU6xEJ3PMSjCsC
J0qMSNsIOB8GwXnLTKf+S9wdMLBoBxpBbpxhSozJDkOFVHL/u1fQR3yS3BWkirPv
6tN0RyQMYoz+Y6DJzQRFovbP4Igr66RHb4KDJLejRPumpt8kRWUxWCH+/2eZ8Ulu
KinYX0oyLw63L96qO2goG3+8DYlcRz5hNhaPVwIDAQABAoIBAQCxYwLuWuAp6bxJ
8tT1WV5lyAa1S3Sx/fWjFrBe18OOcsMUja/tWZBiz5NyG2DASqCNZIUFEO3wZWCg
VVrOr2McMEf08BXIFAz/7JCtqBloAq4E9LBwrql5oXBJFLrDC8+v9Ap9hiVxmv3e
zjxBuzBr0XUmlAPwIfoCa8yE3MoA5Na0m3h4ohY4T0rAGeX2DhOY/xhjC/3n0Qy0
nwxO77R1qeNrNDnvXizDJoEGxFvNs1YQanjo0JB1cQ4a92oOjF8uZ+TA65DG4dx1
chnleuLaR17ODOTdYi/nt2DfWjAtO8rmbmi7Ixwv0oJZWtSrQ0fNeMEOde+Kf26M
Dgfxsh3pAoGBAPeMmrjnSJRYr9gN2/VU72IJpTRa5qOTNwHh0ZIQ40HaNPiZ809S
i33U0O4ExQmeusT24itlM5m1xTSA3IH9ub0OS8ayhUaoyXKHIOinKVdyglpDjQeU
offhbzRSDv/+iwrmDNh7347+XXoGR61hbUE0Fd14B6xAsIGNYqa5Q+0tAoGBANnM
bBL4GeeaI/LEvjDwFNhu7DStwrN2fnc1ohjJhyYoQbJGpsryTphWJIs48FF4Y3C9
mTonJXUOcakqUHvs2Hl7quNOVDVLmdkFUNhHs84T0qKH868TK8CrZ4N0inU1cdap
8uYtDOGRM1oLtjeOusi3U6JRs1nUsI6AiGk4pukTAoGBAJ8DsLepydORDJOqg2qa
PpMpQvfYlGLqw+Dvn+FF+9VnR7ORoNuJWJVhyTu70J4XWj3/oNTjUzwfqSfKxtqx
k0hAEKj4L+htr8ljx93q0wGbSuSUk9kUvt4t73MaawxCBCriD8pX+Akwl/c0ZYKY
HMhPnuP+oF8jxr3Rhlc2ls2ZAoGABKBC62Q5qKGtgcqL/54Z0z8H5VaLfCRYK1AI
UV52cGkKfC7j/AuJf9LUk+BxuklEU3CzgHi0YvgbkexEKV2ue2YVCx7uyvMAIYvr
W6yqNQZWwv0AQAe4Ni9t02z2Q+cOs/CIKDtsup3K6W62QBfX/8tlC12Q4aeS2HQC
cbmyUeECgYBaGWBM6ohGDvzMHc61ctdbVhs8ujbABBr+hAYNHCLHcoNoG87jAbCn
CK8LE/b9AU5fh+IHQwC74o0Dj38iTECRl2pooAQ47wnzJblh822B/2G8kY1JJYSc
BkCBLtdrkivLSBnfRL0dYOGZEeIecWaMD5ngZJiTEL2XNDhIj+HyWw==
-----END RSA PRIVATE KEY-----

This new should be compatable with SwiftJWT.
I also will look into added PKCS8 support to BlueRSA which will make this simpler.

[emilwojtaszek]

made my day! thanks