tedi

tedi

ES256 string encryption

Hello,

I’m working on a simple ES256 string encryption, however I’m hitting a wall using JOSE (also tried doing it using Joken). I am trying to sign a url string to send to Apple’s static map snapshot service (found here).

Here are my simplified steps:

    mapkitServer = "https://snapshot.apple-mapkit.com"
    snapshotPath = "/api/v1/snapshot?"
    query = "center=madison+square+garden"
    keys = "&teamId=#{@team_id}&keyId=#{@key_id}"
    
    completePath = "#{snapshotPath}#{query}#{keys}"
    privateKey = JOSE.JWK.from_pem_file("authkey.p8")
    {_, token} = JOSE.JWK.sign(completePath, privateKey) |> JOSE.JWS.compact()
    # also tried signed_payload = JOSE.JWS.sign(privateKey, completePath, %{ "alg" => "ES256" }) |> JOSE.JWS.compact |> elem(1)
    signature = token |> Base.url_encode64(padding: false)
    # also tried jose_signed = :jose_base64url.encode(token)
    
    finalUrl = "#{mapkitServer}#{completePath}&signature=#{signature}"

I’ve used JOSE in the past with different algorithms with no issues, however I can’t get a valid response going this route for the ES256 signing. To make sure I’m not going crazy I’ve got this working in both a NodeJS and C++ implementation.

Any help to make sure I’m not missing anything obvious is much appreciated.

Thanks.

Marked As Solved

voltone

voltone

I don’t see any mention of JWS in Apple’s documentation, I think they are looking for a raw ECDSA signature. What you want is probably:

:public_key.sign(completePath, :sha256, priv)
|> Base.url_encode64(padding: false)

Where priv is the raw private key in Erlang record format. If you want to keep using JOSE for reading the key you could use priv = JOSE.JWK.to_key(privateKey) |> elem(1). Or you could use x509 instead: priv = File.read!("authkey.p8") |> X509.PrivateKey.from_pem!().

Where Next?

Popular in Questions Top

sergio
In Ruby, I can go: User.find_by(email: "foobar@email.com").update(email: "hello@email.com") How can I do something similar in Elixir? ...
New
marius95
Hello everyone, I try to use an Javascript Event Handler in my root.html.leex file. Therefore I created a function in the app.js file: ...
New
mcarvalho
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
Fl4m3Ph03n1x
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: ) Hello all, this is ...
New
jerry
Good day to you all. I have been struggling to get a query involving like and ilike to work. Can anyone assist me on this, please? pro...
New
Lily
In templates/appointment/index.html.eex: <%= for appointment <- @appointments do %> <tr> <td><%= appoi...
New
ycv005
I have followed this StackOverflow post to install the specific version of Erlang. And When I am running mix ecto.setup then getting fol...
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
script
If I have a string “1000 cfu/ml” . I want to remove the characters and / and space . So the string is like this "1000" What is the ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New

Other popular topics Top

senggen
Erlang/OTP 25 [erts-13.2.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] 15:22:35.803 [error] gen_event {lager_file_backend...
New
siddhant3030
Hi, I have to write a raw query for one of my project. But till now I have used ecto queries and don’t have much experience writing raw ...
New
mcarvalho
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
greenz1
I have a phoenix application from which a user can download multiple(5-6) files of size 1MB. I couldn’t find anything related to sending ...
New
msaraiva
Surface is an experimental library built on top of Phoenix LiveView and its new LiveComponent API that aims to provide a more declarative...
564 43622 214
New
vegabook
I’m brand new to Phoenix and I have stripped one of the demo applications to the bone. I just want to get an svg up on the screen. Here i...
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New
nsuchy
Hi. I’ve noticed that Windows Powershell has it’s own IEX command and you cannot access Elixir’s IEX due to the conflict. This isn’t a cr...
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New

We're in Beta

About us Mission Statement