Since updating PyJWT to v4.1 (from v3.2) we are no longer able to verify RS256 signed messages.
I now get a "Could not unserialize key data" ValueError exception. This stack trace shows the relevant place that the error occurs:
Traceback (most recent call last):
File "/Users/username/Projects/platform-api/flaskapp/api_v1/views.py", line 247, in verify_LCD_token_internal
jwt.verify_signature(token, signing, header, signature, subjectPublicKeyInfo)
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/jwt/__init__.py", line 365, in verify_signature
key = prepare_key_methods[algorithm](key)
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/jwt/__init__.py", line 156, in prepare_RS_key
key = load_pem_public_key(key, backend=default_backend())
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/cryptography/hazmat/primitives/serialization.py", line 48, in load_pem_public_key
return backend.load_pem_public_key(data)
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/cryptography/hazmat/backends/multibackend.py", line 325, in load_pem_public_key
return b.load_pem_public_key(data)
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 699, in load_pem_public_key
None,
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 761, in _load_key
self._handle_key_loading_error()
File "/Users/username/.virtualenvs/api-test/lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 833, in _handle_key_loading_error
raise ValueError("Could not unserialize key data.")
I'm not sure exactly which version this stopped working, but I assume it was when the crypto library dependancy switched from PyCrypto to cryptography
If there's anything else relevant that I can provide, then please ask.
Cheers
Buzzrick