Error using RS256 - openssl_sign(): supplied key param cannot be coerced into a private key

[safizn]

Using HS256 works and produces the token key. but using RS256 throws the below error.
I'm using Google Cloud Compute servers if it makes any difference.

PHP Warning: openssl_sign(): supplied key param cannot be coerced into a private key in /firebase/php-jwt/src/JWT.php on line 183
PHP Fatal error: Uncaught exception 'DomainException' with message 'OpenSSL unable to sign data' in /firebase/php-jwt/src/JWT.php:185\nStack trace:\n#0 /firebase/php-jwt/src/JWT.php(154): Firebase\JWT\JWT::sign('XXX...', 'XXX...', 'RS256')\n#1 /firebase.token.php(56): Firebase\JWT\JWT::encode(Array, 'XXX...', 'RS256')\n#2 /firebase.token.php(58): create_custom_token('MYUSER', false)\n#3 {main}\n thrown in /firebase/php-jwt/src/JWT.php on line 185

Thanks !

[safizn]

SOLUTION
http://stackoverflow.com/questions/37801444/setting-up-firebase-v3-custom-auth-with-php/38002277#38002277

[parthjdabhi]

@myuseringithub couldn't work for me :(

[safizn]

@parthjdabhi You are probably missing something out, ya hard to debug sometimes, just check carefully. and check the solution in the provided link.

[kiwo12345]

@myuseringithub are you using RS256? I only get it to work with HS256 I have setup everything, service email, key etc

And what function is create_custom_token() ? I am using $token = JWT::encode($payload, $key, 'RS256');

[Nayir]

Do you try using double quote instead of single quote ? I managed to solve it with double quote.

I mean, if you write $token = JWT::encode($payload, "YourGiantKey", 'RS256'); instead of $token = JWT::encode($payload, 'YourGiantKey', 'RS256');

I dont know how to solve the problem with the var $key by the way. If you manage to do it, please let me know :)

[Frug]

I ran into this issue and resolved it by changing how I was generating the key pairs. I'm not using google cloud compute for any of this.

If you're using ssh-keygen to give you your key pairs, try openssl instead.

$ openssl genrsa -out id_rsa_jwt.pem 2048
$ openssl rsa -in id_rsa_jwt.pem -pubout > id_rsa_jwt.pub

Where .pem is your private key and .pub is your public one.
This should work with RS256 if you read those files however you like, ( ie file_get_contents('id_rsa_jwt.pub') )

I realize this probably comes down to not providing the proper arguments to ssh-keygen, but this was an easier solution for me.

[markokhman]

WTF
Also solved it with replacing single quotes to double quotes

[lindelius]

The reason is because the key contains new-line characters (\n) which are incorrectly handled when used within single-quotes, i.e. they are treated as the characters "\n" rather than actual new lines.

[rcosgrave]

The reason is because the key contains new-line characters (\n) which are incorrectly handled when used within single-quotes, i.e. they are treated as the characters "\n" rather than actual new lines.

On a similar note; if your RSA Private Key has ANY indentation then it will be invalid so be sure there's no indentation. Weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

(Fake Private Key BTW)

define('MY_PRIVATE_KEY',
		"-----BEGIN RSA PRIVATE KEY-----
		MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
		kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
		7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
		AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
		bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
		031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
		auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
		QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
		riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
		iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
		d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
		bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
		a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
		-----END RSA PRIVATE KEY-----"
);

is invalid and NOT the same as:

define('MY_PRIVATE_KEY',
"-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
-----END RSA PRIVATE KEY-----"
);

[bijancot]

The reason is because the key contains new-line characters (\n) which are incorrectly handled when used within single-quotes, i.e. they are treated as the characters "\n" rather than actual new lines.

On a similar note; if your RSA Private Key has ANY indentation then it will be invalid so be sure there's no indentation. Weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

(Fake Private Key BTW)

define('MY_PRIVATE_KEY',
		"-----BEGIN RSA PRIVATE KEY-----
		MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
		kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
		7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
		AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
		bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
		031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
		auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
		QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
		riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
		iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
		d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
		bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
		a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
		-----END RSA PRIVATE KEY-----"
);

is invalid and NOT the same as:

define('MY_PRIVATE_KEY',
"-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
-----END RSA PRIVATE KEY-----"
);

this one is really helping. Thank's for the answer