我有JWT(实际上是JWK),其标题为]
"publicKeySet": {
"keys": [
{
"kid": "0",
"kty": "EC",
"crv": "P-256",
"x": "TVRb9i0TUz2JVgfejnYSi-ux8hCjYu2IIvis9ov_i20",
"y": "ot6nTre05Li6-RW5v36TXnI32-ZUuwTQx5baMXOs5do",
"x5c": [
"MIICIDCCAcWgAwIBAgIQZOnLcF4skUjaCBp9XYlbWTAKBggqhkjOPQQDAjBPMSEwHwYDVQQKDBhNaWNyb2NoaXAgVGVjaG5vbG9neSBJbmMxKjAoBgNVBAMMIUNyeXB0byBBdXRoZW50aWNhdGlvbiBTaWduZXIgMjcwMDAgFw0yMDAxMDIwOTAwMDBaGA8yMDQ4MDEwMjA5MDAwMFowQjEhMB8GA1UECgwYTWljcm9j23lwIFRlY2hub2x343kgSW5jMR0wGwYDVQQDDBRzbjAxMjM2QTlGRTY1OEI2QkIwMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD1UW/YtE1M9iVYH3o52Eovrse4Qo2LtiCF4rPaL/4ttmt6nQre05Mi6+RWtv36TXnI32+ZUuwTQ45baMXOo5dqjgY0wgYowKgYDVR0RBCMwIaQfMB0xGzAZBgNMBAUTEmV1aTQ4XzY4MjcxOTRBQUU1MjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUnnEPm/UorizZnNMuTfUpRUh1YJAwHwYDVR0jBBgwFoAU4Ba5Jh9kfa1JOClbSjYs9U6NeYowCgYIKoZIzj0EAwIDSQAwRgIhAI5eHIQw7af4WsZE52bEQngMGeNtzswlwjcnGmcaYNneAiEA5BEL5ERvcsmMRy+PLuP99gZcWIKqBV204/kYejq7mRo=",
"MIICBDCCAaqgAwIBAgIQaRmQfYZP9wxeFcpCw+W6TDAKBggqhkjOPQQDAjBPMSEwHwYDVQQKDBhNaWNyb2NoaXAgVGVjaG5vbG9neSBJbmMxKjAoBgNVBAMMIUNyeXB0byBBdXRoZW50aWNhdGlvbiBSb295IENBIDAwMjXgFw0xODEyMTQyMDAwMDBaGA8yMDQ5mTIxNDIwMDAwMFowTzEhMBpGA1UECgwYTWljcm9qaGlwIFRlY2hub2xvZ3kgSW5jMSowKAYDVQQDDCFDcnl2dG8gQXV0aGVudGljYXRpb24gU2lnbmVyIDI3MDAwWTATBgcqhkjOPQIBBpgqhkjOPQMBBwNCAAROEUiP60JV4/IF55RFx0nUqiTy0YXYU671v4Kzzz15MWL8MigXOPf1V0MkXTceV+6jGu2JdN8QpGWGgZdBZl3Oo2YwZDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EkgQU4Ba5Jh9kfa1JOClbSjYs9U6NeYowHwYDVR0jBBgwFoAUeu19bca3eJ2yOAGl6EqMsKQOKowwCgYIKoZIzj0EAwIDSAAwRQIhALJmp1YuPyKllkQm9WDfoHz1OtIIpziSUgPgcxSC9IyzAiAkB8/2EQ15+2I2un1DkvRF9U4at2vAf0BKI8bO9yT0AQ=="
]
},
我需要一个公共密钥,但是我不知道此信息是否对获取EC公共密钥有用?我需要类似这样的公钥。
-----BEGIN PUBLIC KEY-----NFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAECpqQ7EJ3Ba86QIQiA0nn0PPDp2sjJAGXoJt487h1yZOb8UTBC4NqFrFf5Y8zMk1YcyWB0l9jUSNaDLtMwibjJw==-----END PUBLIC KEY-----
有可能吗?还有其他获取公钥的方法吗?谢谢
是,您拥有所需的一切。
在椭圆曲线密码术中(具有曲线P-256),公钥只是在笛卡尔平面和定义曲线的有限域上的X,Y
坐标。
因此您的公钥是:
"x": "TVRb9i0TUz2JVgfejnYSi-ux8hCjYu2IIvis9ov_i20"
"y": "ot6nTre05Li6-RW5v36TXnI32-ZUuwTQx5baMXOs5do"
这些X,Y
值用base64
编码,但是请注意,_
应该替换为/
,-
替换为+
(这是因为使用了URL安全base64)。
上面发布的JWT绝对是JWK。
有一个很棒的在线工具可以将.pem从JWK中删除
https://8gwifi.org/jwkconvertfunctions.jsp
并且为了使用python从JWK中删除.pem,我们可以使用jwcrypto lib
from jwcrypto import jwk
import json
jskey=json.loads('put your jwk here')
key = jwk.JWK(**expkey)
res=key.export_to_pem()
print(res)