Clarify the required RSA public key encoding format(s).

[feidtmb]

What Happened

1. Generated an RSA key pair.
2. Pasted the private key into the jwt.io debugger with the PS256 algorithm selected.
3. Pasted the PEM-format public key into the debugger and received a signature verification failed message.
   • Key encoded using ssh-keygen -f key.pub -e -m pem
4. Confused.
5. Realized key needed to be encoded in PKCS8.

Requested Changes

Clarify what format the public key needs to be in, either in the input field or in the signature verification failed message. As-is, I don't believe this information is conveyed anywhere, and the input field simply states to use "plain text".

[frazeradam]

I was working with @feidtmb on the project where we were using this for testing generated tokens, and I think I can add a bit more detail.

As I understand it there are multiple format for RSA Public/Private keys, with the typical PEM headers (RSA) PRIVATE/PUBLIC KEY.

RSA PRIVATE KEY: PKCS#1
PRIVATE KEY: PKCS#8
RSA PUBLIC KEY: PKCS#1
PUBLIC KEY: PKIX

At least for public keys, only the latter works, though there is no useful feedback or documentation on this. I haven't experimented enough with the private keys to know what is required there.

As background, we're generating the tokens from Go, and exporting keys using https://golang.org/pkg/crypto/x509/#MarshalPKCS1PrivateKey

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️

[DanOnCall]

I am reopening this issue as I think this is helpful guidance to add in the next version of jwt.io :)