Private keys without dp, dq, qi fields are ignored?

[heisters]

I have a private key with fields kty, e, n, d, p, q, kid. When trying to decrypt an incoming JWE, I get an error "REJECTED error: no key found". Debugging the issue, it appears that the call to algorithms("unwrap") (basekey.js:680) returns an empty array. Digging further, rsakey:88 looks for keys.private, but this is undefined because rsakey:61 counts any keys without the dp, dq, and qi fields as not private.

I couldn't find anything in RFC 7517 about dp, dq, and qi other than the examples, but other implementations seem to treat these fields as optional. Furthermore, the key generation tool I'm using, as well as this one do not include those fields.

My knowledge of the JWK spec is pretty limited, so I'm wondering if I'm misreading things. Is this a bug in node-jose, or an error in how I've generated my key?

[linuxwolf]

The private members for an RSA key are discussed in RFC 7518 § 6.3.2, where "d" is REQUIRED, and the others SHOULD be present.

This is probably a bug in node-jose, but one that's likely to be slow in fixing, given how prevalent support for optimized keys are.

[heisters]

ok, I worked around this by manually calculating the dp dq and qi fields in my key generation and adding them to the key. Thanks for the information.

[ashtmMSFT]

Thanks @heisters, I hit this too and you saved me some debugging time.

[MatthiasKunnen]

I created a library that computes p, q, dp, dq and qi from e, d and n. Perhaps this could be used in this library to deal with aforementioned issue or it could be mentioned in the documentation. npm: https://www.npmjs.com/package/jwk-rsa-compute-primes