Hello, I'm trying to implement verification of JWT's signed with RS256 and having some trouble finding the crypto library I should use for this. Nocrypt and CryptoKit are the obvious choices by searching opam, however neither of them seem to quite have what I'm looking for. RS256 is RSA with SHA256 and something called PKCS1v1.5 for padding. I see both of these libraries have RSA options but it doesn't seem possible to specify the hashing algorithm. Nocrypto has a PKCS1v1.5 module in the RSA module but no hash. When I call [sig_decode] on my message I get back a message text but it also doesn't seem to match what I'm expecting. My input is the message, the signed signature, and the public key, and I'd like to know verify these match correctly. I really don't know much about crypto and am just trying to implement a spec. Anyone have a suggestion for what library I should use? Am I just missing something? Thanks, /Malcolm

[-- Attachment #1: Type: text/plain, Size: 1426 bytes --] I am hoping something already exists in Ocaml rather than create new bindings. Den tis 19 feb. 2019 06:50Robert Roessler <robertr@rftp.com> skrev: > Malcolm Matalka wrote: > > Hello, > > > > I'm trying to implement verification of JWT's signed with RS256 and > > having some trouble finding the crypto library I should use for this. > > Nocrypt and CryptoKit are the obvious choices by searching opam, however > > neither of them seem to quite have what I'm looking for. RS256 is RSA > > with SHA256 and something called PKCS1v1.5 for padding. I see both of > > these libraries have RSA options but it doesn't seem possible to specify > > the hashing algorithm. Nocrypto has a PKCS1v1.5 module in the RSA > > module but no hash. When I call [sig_decode] on my message I get back > > a message text but it also doesn't seem to match what I'm expecting. > > > > My input is the message, the signed signature, and the public key, and > > I'd like to know verify these match correctly. > > > > I really don't know much about crypto and am just trying to implement a > > spec. Anyone have a suggestion for what library I should use? Am I > > just missing something? > > > > Thanks, > > /Malcolm > > Have you looked at Crypto++ (aka CryptoPP)? It is a fairly complete > library with "lots" of users. > > https://www.cryptopp.com/wiki/Main_Page > > Regards, > -- > Robert Roessler > robertr@rftp.com > http://www.rftp.com > [-- Attachment #2: Type: text/html, Size: 2149 bytes --]

```
Looking at the source code to Nocrypto, it looks like there is a verify
function but it is not exposed in the .mli for 0.5.4, anyone aware of
why this is the case? Just an oversight?
Malcolm Matalka <mmatalka@gmail.com> writes:
> Hello,
>
> I'm trying to implement verification of JWT's signed with RS256 and
> having some trouble finding the crypto library I should use for this.
> Nocrypt and CryptoKit are the obvious choices by searching opam, however
> neither of them seem to quite have what I'm looking for. RS256 is RSA
> with SHA256 and something called PKCS1v1.5 for padding. I see both of
> these libraries have RSA options but it doesn't seem possible to specify
> the hashing algorithm. Nocrypto has a PKCS1v1.5 module in the RSA
> module but no hash. When I call [sig_decode] on my message I get back
> a message text but it also doesn't seem to match what I'm expecting.
>
> My input is the message, the signed signature, and the public key, and
> I'd like to know verify these match correctly.
>
> I really don't know much about crypto and am just trying to implement a
> spec. Anyone have a suggestion for what library I should use? Am I
> just missing something?
>
> Thanks,
> /Malcolm
```

```
Whoops, after looking around I see it's in master. I got confused in
the GitHub UI.
Malcolm Matalka <mmatalka@gmail.com> writes:
> Looking at the source code to Nocrypto, it looks like there is a verify
> function but it is not exposed in the .mli for 0.5.4, anyone aware of
> why this is the case? Just an oversight?
>
> Malcolm Matalka <mmatalka@gmail.com> writes:
>
>> Hello,
>>
>> I'm trying to implement verification of JWT's signed with RS256 and
>> having some trouble finding the crypto library I should use for this.
>> Nocrypt and CryptoKit are the obvious choices by searching opam, however
>> neither of them seem to quite have what I'm looking for. RS256 is RSA
>> with SHA256 and something called PKCS1v1.5 for padding. I see both of
>> these libraries have RSA options but it doesn't seem possible to specify
>> the hashing algorithm. Nocrypto has a PKCS1v1.5 module in the RSA
>> module but no hash. When I call [sig_decode] on my message I get back
>> a message text but it also doesn't seem to match what I'm expecting.
>>
>> My input is the message, the signed signature, and the public key, and
>> I'd like to know verify these match correctly.
>>
>> I really don't know much about crypto and am just trying to implement a
>> spec. Anyone have a suggestion for what library I should use? Am I
>> just missing something?
>>
>> Thanks,
>> /Malcolm
```