Transform public key from apple in openssl public key

Question

How can i use the public key from https://appleid.apple.com/auth/keys with openssl?

<?php
$key = '-----BEGIN PUBLIC KEY-----'. "\n".
chunk_split("1JiU4l3YCeT4o0gVmxGTEK1IXR-Ghdg5Bzka12tzmtdCxU00ChH66aV-4HRBjF1t95IsaeHeDFRgmF0lJbTDTqa6_VZo2hc0zTiUAsGLacN6slePvDcR1IMucQGtPP5tGhIbU-HKabsKOFdD4VQ5PCXifjpN9R-1qOR571BxCAl4u1kUUIePAAJcBcqGRFSI_I1j_jbN3gflK_8ZNmgnPrXA0kZXzj1I7ZHgekGbZoxmDrzYm2zmja1MsE5A_JX7itBYnlR41LOtvLRCNtw7K3EFlbfB6hkPL-Swk5XNGbWZdTROmaTNzJhV-lWT0gGm6V1qWAK2qOZoIDa_3Ud0Gw", 64).
'-----END PUBLIC KEY-----';

print_r($key);
$res = openssl_pkey_get_public($key);

print_r(openssl_pkey_get_details($res));



Fatal error: Uncaught TypeError: openssl_pkey_get_details(): Argument #1 ($key) must be of type OpenSSLAsymmetricKey

Answer 1

Your problem is the initial data from Apple (line 1). It isn't a public key, it's a JWKS, consisting of a modulus (n), exponent (e), and other useless stuff (in this case).

You need both the n value, which you have, and the e value, which is probably AQAB (65537).

Unfortunately, php openssl functions are a mess, so there's no builtin functionality for converting this.

Still, you can convert it to your initial $key value with some work.

• using a php function: https://www.identityblog.com/?p=389
  • recommended. simple. easy to see what is going on.
  • $key=kimssl_pkey_get_public($n,$e); #done
• using a php class: http://phpseclib.sourceforge.net/
  • use phpseclib\Crypt\RSA; $key=Crypt_RSA()::loadKey($e,$n); #you's use use???!
• using some openssl: https://baptistout.net/posts/convert-jwks-modulus-exponent-to-pem-or-ssh-public-key/
  • how the bash crowd does it. unnecessarily complex. asn1. useful for informational purposes.

The value of $key should now be what you expected.

References:

• JWKS: https://www.rfc-editor.org/rfc/rfc7517
• Convert using openssl asn1parse: https://baptistout.net/posts/convert-jwks-modulus-exponent-to-pem-or-ssh-public-key/
• convert: How to convert JWK to PEM
• build PEM from modulus and exponent: build public key PEM file with existing modulus and exponent in php with openssl library