I want to create a Dart version of creating an ES256/P-256 signed JWT as a client_secret for use with Signin with Apple. I've tried with the Dart Jose plugin to make this work in Dart. I can't even read the Apple secret key from a PEM file (the P8 file you get from apple when you create your private key)...

var key = JsonWebKey.fromPem(File('key.txt').readAsStringSync());

I get the error Unknown algoritmh ecPublicKey.

Without even being able to read the Apple PEM file, I can't really make a lot of progress. Is there something basic I'm missing to get this to work. It seems it shouldn't be that hard to generate a signed JWT????

Thanks!
Martin

The process from Apple is documented at the bottom of this link:
https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens

There is a Jose/PHP version of this process here:
https://gist.github.com/patrickbussmann/877008231ef082cc5dc4ee5ca661a641

There is a Ruby version using the JWT GEM of this process here:
https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

Here's the Ruby code for ease of reference since it's at the very bottom of that link:

require 'jwt'

key_file = 'key.txt'
team_id = ''
client_id = ''
key_id = ''

ecdsa_key = OpenSSL::PKey::EC.new IO.read key_file

headers = {
  'kid' => key_id
}

claims = {
	'iss' => team_id,
	'iat' => Time.now.to_i,
	'exp' => Time.now.to_i + 86400*180,
	'aud' => 'https://appleid.apple.com',
	'sub' => client_id,
}

token = JWT.encode claims, ecdsa_key, 'ES256', headers

puts token

The PEM file is parsed by the x509 package, so this issue actually belonged there. Anyway it should be fixed in version 0.2.0-nullsafety.2 of x509.

I can confirm that the null-safety versions of Jose/x509 fixed the issue and it all works.