Can't generate valid jwt signature with google kms

I am using Google KMS (https://cloud.google.com/kms/) with an asymmetric signing key to sign JSON Web tokens (jwt) in a node.js application.

I am able to create header and payload and with the Google KMS nodejs library (https://github.com/googleapis/nodejs-kms) I can sign the token.

But it seems that the generated token is not valid.

In fact I am doing the following steps to generate a token:

define jwt-header as object
jwt-header object to string
base64url encode jwt-header-string
define jwt-payload as object
jwt-payload object to string
base64url encode jwt-payload-string
concatenate (header.payload)
decode string to base64 byte array
create sha256 hash on byte array
select asymmetric key from google kms
use asymmetric key to get the signature byte array
use base64url encoding on the signature
build token (header.payload.signature)

This token alway brings the error (invalid signature). See https://jwt.io/

The public key to verify the token:

The code to build the jwt:

const kms = require('@google-cloud/kms');
const crypto = require('crypto');
const base64url = require('base64url');

async function main() {
    const client = new kms.KeyManagementServiceClient({
        keyFilename: "./googleCloudKey.json"
    });

    const projectId = '...';
    const locationId = 'europe';
    const keyRingId = '...';
    const cryptoKeyId = '...';
    const cryptoKeyVersion = '1';

    const header = base64url(JSON.stringify({
        "alg": "RS256",
        "typ": "JWT",
        "issuer": "login.myapp.com",
        "audience": "*.myapp.com"
    }));
    const payload = base64url(JSON.stringify({
        "userId": "1234567890",
        "userName": "John Doe"
    }));

    const digest = crypto.createHash("sha256").update(Buffer.from(`${header}.${payload}`, "base64")).digest("base64");
    const name = client.cryptoKeyVersionPath(
        projectId,
        locationId,
        keyRingId,
        cryptoKeyId,
        cryptoKeyVersion
    );

    try {
        const result = await client.asymmetricSign({
            name: name, 
            digest: {
                sha256: digest
            }
        });

        const signature = base64url.fromBase64(result[0].signature.toString("base64"));

        console.log("====== HEADER =====");
        console.log(header);
        console.log();
        console.log("====== PAYLOAD =====");
        console.log(payload);
        console.log();
        console.log("====== SIGNATURE =====");
        console.log(signature);
        console.log();
        console.log();
        console.log("===== JWT =====");
        console.log(`${header}.${payload}.${signature}`);
    } catch(e) {
        console.error(e);
    }
}


main().catch(console.error);

The generated token looks like the following (= output of the last console.log):

eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImlzc3VlciI6ImxvZ2luLm15YXBwLmNvbSIsImF1ZGllbmNlIjoiKi5teWFwcC5jb20ifQ.eyJ1c2VySWQiOiIxMjM0NTY3ODkwIiwidXNlck5hbWUiOiJKb2huIERvZSJ9.WVdM2NT5IGYKuCMV393yD7grA4GyVIrorL2OF-MHcRZESwPC3bOZIsx254IkMDInFyui74N6qEpHIe6UpR1JeuojMaGEANvSE0TtFpYgykU7xORmVEsjuZSYyKeEaTPAMwmXVPEKi5gQA9qlfQjTXE-h1xWYt2N3-pj2IHcgpgC-tarN1_TLNxZ5it2TrfpfGztI13L5WHYEFidExde9sxasvJsHZR3ax0wnoPn9V9rfqdXrEtG6-cdi9PAQprQClVOETtvpZNcCZpIlciHsaYBla5JjowbUmecSjQ54F-CuOggxvGvy16uG9p93ETlUyAknPTCGaMf9URyKkssYaw

Solution

In this snippet:

Buffer.from(`${header}.${payload}`, "base64")

You're base64-decoding the concatenation of header and payload. But the JWS spec doesn't call for that. https://www.rfc-editor.org/rfc/rfc7515#section-5.1