DEVHIDE
Login Or Sign up

JSON Web Key (JWK) for IRS E-services account

1.2k Views Asked by At

I need a JSON Web Key for my client to access the IRS E-services system.

The following fields are required in the JWK: kid, kty, use, n, e, x5t, x5c.
The kty field should be equal to "RSA".

I want to do self-signed. I get an error exception with everything I have tried.

IRS E-Services API Client Add Information

json encryption jwk irs
Original Q&A
1

There are 1 best solutions below

0
Anthony Dewstow On

I was in the same boat but I got it working now.

Go to https://mkjwk.org/ make an RSA key with

Size: 2048,

Key Use: Signature

Algorithm: RS256: RSA

Key ID: Specify : 20190607

Show X.509 : Yes

Hit generate.

Take the "Public and Private Keypair Set" json remove all but kty, kid, use, n, e

Take contents of "Self-Signed Certificate"

Remove -----BEGIN CERTIFICATE-----

Remove -----END CERTIFICATE-----

Remove all Whitespace

add this to the json as x5c:["cert_code_here"]

add the sha1("cert_code_here") to the json as x5t (Note this is NOT base 64 encoded like it should be according to other JWK consumers)

Should end up with something like this

{
    "keys": [
        {
            "kty": "RSA",
            "kid": "20190607",
            "use": "sig",
            "n": "z2f8T5IoWF9g5PjitDKswQy6o4ohIWspl_dO6iRNBl4MHxBetqBdkRDGJJjcLHzbPj5pOh_-WMo3r3P8kuTrc0dZLzqWhgCx7TCyvQKTDJuwV_lgrGAlO47OrnZgkhJpgRmZTXxfszmtRjKhkGJh4hPU7v-EamVABt7MuAWPkkuEl2hoZKY8z_NwMQgMj6hDcvTNYDp7v3KLwoZO9w_VzWp02RnEkeX7P3yVnXlHntenQsaEDFW20GjU4bsCqAlkA-QRQA9ZrUKABspG6yVvWoulimqdCoqb0msEPeOm9qfseFRK9cqh3_TxTbb63zOiwYD0Hjp3meaC9GqLEjpAVw",
            "e": "AQAB",
            "x5c": [
                "MIICpDCCAYygAwIBAgIGAX3oe21MMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCDIwMTkwNjA3MB4XDTIxMTIyMzE4MDkwMloXDTIyMTAxOTE4MDkwMlowEzERMA8GA1UEAwwIMjAxOTA2MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPZ\/xPkihYX2Dk+OK0MqzBDLqjiiEhaymX907qJE0GXgwfEF62oF2REMYkmNwsfNs+Pmk6H\/5Yyjevc\/yS5OtzR1kvOpaGALHtMLK9ApMMm7BX+WCsYCU7js6udmCSEmmBGZlNfF+zOa1GMqGQYmHiE9Tu\/4RqZUAG3sy4BY+SS4SXaGhkpjzP83AxCAyPqENy9M1gOnu\/covChk73D9XNanTZGcSR5fs\/fJWdeUee16dCxoQMVbbQaNThuwKoCWQD5BFAD1mtQoAGykbrJW9ai6WKap0KipvSawQ946b2p+x4VEr1yqHf9PFNtvrfM6LBgPQeOneZ5oL0aosSOkBXAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGJ6NAfjvRxg58KOKzMWZGEWi0F16EsnYhKyCQ3ntzQc5iiviUxigwT0C3TJQDtk6CJJKNEpK2cw4KuB2pQfMEWrxAKssNMwNZ0XOO+mvlEYQU8tKfWOQ7YYw1xlgc5lGVKS1cHeC7caXFr0eGaklLENp59k34pnQXyD\/IZBUjjaxcJlvmJ35\/Y+JoeSYx\/AJAcxEYqUEetqkcLyrZjd+dkQjH8Zk9LEOrrPTLdNe\/IlrGkJXmquRe0smBtsAkHiSe0RNgUOf\/jQbgliSfd80cV50r+dgJuv1FcrCEH+RzbVYWp7aV\/ilxWEJ2F3Ma8MHR3Zw4DQraZKixHji9uZGYk="
            ],
            "x5t": "e692b7ac2080e0ec363aa83aa8f6e2c7e164b985"
        }
    ]
}

OR use this PHP I wrote

<?php
    if ( isset( $_POST[ 'ppk' ] ) ) {
        $ppk = $_POST[ 'ppk' ];
    } else {
        $ppk = '';
    }
    if ( isset( $_POST[ 'ssc' ] ) ) {
        $ssc = $_POST[ 'ssc' ];
    } else {
        $ssc = '';
    }
    echo "<form method='post'>";
    echo "Public and Private Keypair<br>";
    echo "<textarea cols=90 rows=10 id='ppk' name='ppk'>" . $ppk . '</textarea>';
    echo "<hr>";
    echo "Self-Signed Certificate<br>";
    echo "<textarea cols=90 rows=10 id='ssc' name='ssc'>" . $ssc . '</textarea>';
    echo "<br><button type='submit' />Go</button>";
    echo "</form>";
    if ( isset( $_POST[ 'ppk' ] ) && isset( $_POST[ 'ssc' ] ) ) {
        $ja                      = json_decode( $ppk, true );
        $ssc                     = str_replace( "-----BEGIN CERTIFICATE-----", '', $ssc );
        $ssc                     = str_replace( "-----END CERTIFICATE-----", '', $ssc );
        $ssc                     = str_replace( "\n", '', $ssc );
        $ssc                     = str_replace( "\r", '', $ssc );
        $ssc                     = trim( $ssc );
        $jaoo                    = array( );
        $jaoo[ 'keys' ]          = array( );
        $jaoo[ 'keys' ][ 'kty' ] = $ja[ 'kty' ];
        $jaoo[ 'keys' ][ 'kid' ] = $ja[ 'kid' ];
        $jaoo[ 'keys' ][ 'use' ] = $ja[ 'use' ];
        $jaoo[ 'keys' ][ 'n' ]   = $ja[ 'n' ];
        $jaoo[ 'keys' ][ 'e' ]   = $ja[ 'e' ];
        $jaoo[ 'keys' ][ 'x5c' ] = array(
             $ssc 
        );
        $jaoo[ 'keys' ][ 'x5t' ] = sha1( $ssc );
        $jaoo[ 'keys' ]          = array(
             $jaoo[ 'keys' ] 
        );
        $rawo                    = json_encode( $jaoo, JSON_PRETTY_PRINT );
        echo "<textarea cols=250 rows=20>";
        echo print_r( $rawo, true );
        echo "</textarea>";
    }

Related Questions in JSON

Related Questions in ENCRYPTION

Related Questions in JWK

Related Questions in IRS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.