openssl_verify() error while decoding firebase custom token using php-jwt library

Question

I have generated firebase custom token using php-jwt library for custom authentication on Firebase as suggested here.

I was trying to decode the generated token using decode function of same library.

Here is my code.

I have defined private key in my configuration file using following line. define("FIREBASE_PRIVATE_KEY","-----BEGIN PRIVATE KEY-----\nMY_VERY_VERY_LONG_KEY\n-----END PRIVATE KEY-----\n");

Here is the code to decode token.

JWT::decode($token, FIREBASE_PRIVATE_KEY, array('RS256'));

This code throws following exception.

openssl_verify(): supplied key param cannot be coerced into a public key

When I am using HS256 for both decoding and encoding, everything works fine. But I have to use RS256 because, Firebase custom token needs to be signed with RS256 only.

Can anyone suggest a solution to this?

Answer 1

Disclaimer: untested, based on what I know (at the moment).

openssl_verify accepts public key as parameter, as per documentation. You are supplying private key.

I'd try to extract public key from the private key, and use that in the JWT::decode method.

How to extract the public from private? Quite easy:

define("FIREBASE_PRIVATE_KEY","-----BEGIN PRIVATE KEY-----\nMY_VERY_VERY_LONG_KEY\n-----END PRIVATE KEY-----\n");

$private = openssl_pkey_get_private(FIREBASE_PRIVATE_KEY);
$details = openssl_pkey_get_details($private);

// Here's your public key, it's presented as a string, not a resource
$public = $details['key'];