Solving buffer.readUIntBE is not a function reading a JWKS key with NodeRSA 

Recently while trying to read a public key in from a JWKS endpoint I was stumped by an error when importing the public key using [NodeRSA](https://github.com/rzcoder/node-rsa). My code looked like this:

```Typescript
  return rsa.importKey(
    {
      n: Buffer.from(jwksKey.n),
      e: jwksKey.e,
    },
    "components-public"
  );
```

The error was:

```bash
TypeError: buffer.readUIntBE is not a function
    at Object.module.exports.get32IntFromBuffer (C:\dev\jwttest\node_modules\node-rsa\src\utils.js:43:27)
    at RSAKey.module.exports.Key.RSAKey.setPublic (C:\dev\jwttest\node_modules\node-rsa\src\libs\rsa.js:172:48)
    at Object.publicImport (C:\dev\jwttest\node_modules\node-rsa\src\formats\components.js:44:17)
    at Object.detectAndImport (C:\dev\jwttest\node_modules\node-rsa\src\formats\formats.js:65:48)
    at NodeRSA.module.exports.NodeRSA.importKey (C:\dev\jwttest\node_modules\node-rsa\src\NodeRSA.js:183:22)
    at C:\dev\jwttest\dist\jwks.js:53:20
    at Generator.next ()
    at fulfilled (C:\dev\jwttest\dist\jwks.js:5:58)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
```

I couldn't see any issue with the way I was setting up the buffer. I was able to log the contents out. Everything looked correct. When I searched for `buffer.readUIntBE is not a function` I found nothing useful. It left my scratching my head and saying "What the damn hell!?".



Eventually I worked it out. The issue wasn't with th buffer I had so much as the one I didn't. I had been let down by own poor use of the Typescript type system. I had assumed that since the code was compiling that I was passing correct values and skipping reading the documentation. The mistake I had made was that the JWKS spec sets up the [`e` (Exponent) parameter](https://tools.ietf.org/html/rfc7518#section-6.3.1.2) as a Base64urlUInt-encoded string value and the `new NodeRSA().importKey({n,e}, "public-components")` api takes a `number`or a `Buffer` as the `n` parameter.  

In this case the error I was saying that `buffer.readUIntBE is not a function` where `buffer` is a `string` not a `Buffer`

Comments

Post a Comment

Popular posts from this blog

Testing functions that use local storage with Jest

Testing functions that use the browsers local storage API seems easy when you know how. Here's a quick run down on how to mock it out with Jest if, like me, you're not familiar with how to test it. In the end it's very little code. Consider the following TypeScript code. import { get, save, key } from "./storage"; describe(save, () => { let setItem: jest.Mock; beforeEach(() => { setItem = jest.fn(); Storage.prototype.setItem = setItem; }); it("should call set item with predefined key and json object", () => { const valueToStore = { value: "toStore" }; save(valueToStore); expect(setItem).toHaveBeenCalledWith(key, JSON.stringify(valueToStore)); }); }); The key lines are in the beforeEach call where the setItem function of the Storage prototype is assigned to an instance of jest.fn() . This allows us to make assertions on what is passed to the local storage setItem API.
Read more

Solving `Empty reply from server` in DotNet Core

tldr; If you’re getting  curl: (52) Empty reply from server  check that you’ve configured Kestrel correctly. Long version I’ve started playing with Dotnet Core and Docker and have had a few issues getting started. I’ve had a little bit of experience with Docker, though only a little. I’ve worked with DotNet previously but never with Core. Environment The setup I’m using is a Windows laptop running Vagrant. Via Vagrant I’m running an Ubuntu Virtual Machine with the Docker run time installed. Feels a litle like inception. Key Problem The key problem that I’ve had getting started was having my Docker container not responding correctly to my curl commands. I get this: curl: (56) Recv failure: Connection reset by peer curl: (52) Empty reply from server Given that I’m not all that familliar with Docker or Dotnet Core I decided to remove one of the variables and set up a simple Express app in a different docker container. This validated that the commmand I was usin...
Read more

Can't resolve DNS Aws

Image
I recently registered a domain for a joke website  saladsimulator.com .  I figured I could whip up the page in a couple of minutes and throw it up on AWS using S3 static site hosting.  All done in an hour or so. What I thought would take an hour ended up in a multi-day ordeal while I tried to get the DNS to resolve.  I went through what seem to be the typical problems. The bucket wasn't configured to be accessible as a website. My bucket wasn't named the same as the website; the bucket needed to be saladsimulator.com to match the domain saladsimulator.com . I got these fixed up and found that it still wasn't working.  I added extra routes in to see if I could Alias or CNAME to a known working site, but they didn't work either. So it seemed it was a problem with something to do with the DNS configuration. After searching around I found a mention in a thread that the name server records in the hosted zone needed to match those in the domain name registrat...
Read more