juanifioren - 1 month ago 17

Python Question

Based on this post: How to return RSA key in jwks_uri endpoint for OpenID Connect Discovery

I need to **base64url-encode** the **octet value** of this two numbers:

`n = 124692971944797177402996703053303877641609106436730124136075828918287037758927191447826707233876916396730936365584704201525802806009892366608834910101419219957891196104538322266555160652329444921468362525907130134965311064068870381940624996449410632960760491317833379253431879193412822078872504618021680609253`

e = 65537

The "n" (modulus) parameter contains the modulus value for the RSA public key. It is represented as a Base64urlUInt-encoded value.

Note that implementers have found that some cryptographic libraries

prefix an extra zero-valued octet to the modulus representations they

return, for instance, returning 257 octets for a 2048-bit key, rather

than 256. Implementations using such libraries will need to take

care to omit the extra octet from the base64url-encoded

representation.

The "e" (exponent) parameter contains the exponent value for the RSA

public key. It is represented as a Base64urlUInt-encoded value.

For instance, when representing the value 65537, the octet sequence

to be base64url-encoded MUST consist of the three octets [1, 0, 1];

the resulting representation for this value is "AQAB".

For example, a valid encode should look like this: https://www.googleapis.com/oauth2/v3/certs

¿How could I do this in Python?

Answer

After searching the best way to tackle this problem, using pyjwkest seems to be a good one instead of creating my own function.

```
pip install pyjwkest
```

Then we use `long_to_base64`

function for this

```
>>> from jwkest import long_to_base64
>>> long_to_base64(65537)
'AQAB'
```