caml-list - the Caml user's mailing list
 help / Atom feed
From: Malcolm Matalka <mmatalka@gmail.com>
To: caml users <caml-list@inria.fr>
Subject: [Caml-list] Implementing JWT RS256 verification
Date: Tue, 19 Feb 2019 06:37:43 +0100
Message-ID: <867edw49ug.fsf@gmail.com> (raw)

Hello,

I'm trying to implement verification of JWT's signed with RS256 and
having some trouble finding the crypto library I should use for this.
Nocrypt and CryptoKit are the obvious choices by searching opam, however
neither of them seem to quite have what I'm looking for.  RS256 is RSA
with SHA256 and something called PKCS1v1.5 for padding.  I see both of
these libraries have RSA options but it doesn't seem possible to specify
the hashing algorithm.  Nocrypto has a PKCS1v1.5 module in the RSA
module but no hash.  When I call [sig_decode] on my message I get back
a message text but it also doesn't seem to match what I'm expecting.

My input is the message, the signed signature, and the public key, and
I'd like to know verify these match correctly.

I really don't know much about crypto and am just trying to implement a
spec.  Anyone have a suggestion for what library I should use?  Am I
just missing something?

Thanks,
/Malcolm

             reply index

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-19  5:37 Malcolm Matalka [this message]
     [not found] ` <0e233aa3-d549-1391-9594-3dfaf6eead6a@rftp.com>
2019-02-19  6:31   ` Malcolm Matalka
2019-02-19  9:41 ` Malcolm Matalka
2019-02-19  9:53   ` Malcolm Matalka

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=867edw49ug.fsf@gmail.com \
    --to=mmatalka@gmail.com \
    --cc=caml-list@inria.fr \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

caml-list - the Caml user's mailing list

Archives are clonable: git clone --mirror https://inbox.ocaml.org/caml-list

AGPL code for this site: git clone https://public-inbox.org/ public-inbox