Support for RS256 (RSA Signature with SHA-256)

Support for RS256 (RSA Signature with SHA-256) - Printable Version

+- Logic Machine Forum (https://forum.logicmachine.net)
+-- Forum: LogicMachine eco-system (https://forum.logicmachine.net/forumdisplay.php?fid=1)
+--- Forum: Scripting (https://forum.logicmachine.net/forumdisplay.php?fid=8)
+--- Thread: Support for RS256 (RSA Signature with SHA-256) (/showthread.php?tid=2429)

Support for RS256 (RSA Signature with SHA-256) - spyder - 17.01.2020

Hi,

Does encdec support rsa with sha256? I would like to generate a JWT token.

Thanks

RE: Support for RS256 (RSA Signature with SHA-256) - spyder - 20.01.2020

I found this library https://github.com/spacewander/lua-resty-rsa/blob/master/lib/resty/rsa.lua, which seems to use openssl. I believe this is installed and should work?

Would the usage then be similar as described in this post?
https://forum.logicmachine.net/showthread.php?tid=1643&pid=10237#pid10237

Do I need to do anything special to use the bitops?
http://bitop.luajit.org/

Thanks

RE: Support for RS256 (RSA Signature with SHA-256) - admin - 20.01.2020

See this: https://forum.logicmachine.net/showthread.php?tid=232&pid=15322#pid15322

RE: Support for RS256 (RSA Signature with SHA-256) - spyder - 21.01.2020

(20.01.2020, 13:09)admin Wrote: See this: https://forum.logicmachine.net/showthread.php?tid=232&pid=15322#pid15322

Hi, I am not sure if the encdec or AES implementation are the same as the RSA encryption, in the JWT spec https://tools.ietf.org/html/rfc7518#section-3 I read RS256 is equal to RSASSA-PKCS1-v1_5 using SHA-256. Are you suggesting to calculate the signature myself using the hmacsha256 of encdec instead of using the openssl implementation?

RE: Support for RS256 (RSA Signature with SHA-256) - admin - 27.01.2020

Here are JWT libraries from https://github.com/cdbattags/lua-resty-jwt with some minor changes to work on LM. Create a use library with the same name for each attached file.

Code:
jwt = require "user.jwt"

jwt_token = jwt:sign(

  "my-secrect-key",

  {

    header={typ="JWT", alg="HS256"},

    payload={foo="bar"}

  }

)

log(jwt_token)

RE: Support for RS256 (RSA Signature with SHA-256) - spyder - 31.01.2020

(27.01.2020, 07:40)admin Wrote: Here are JWT libraries from https://github.com/cdbattags/lua-resty-jwt with some minor changes to work on LM. Create a use library with the same name for each attached file.

Code:
jwt = require "user.jwt" jwt_token = jwt:sign( "my-secrect-key", { header={typ="JWT", alg="HS256"}, payload={foo="bar"} } ) log(jwt_token)

I get

Quote:User library hmac:85: Symbol not found: EVP_md5
stack traceback:
[C]: in function '__index'
User library hmac:85: in main chunk
[C]: in function 'require'
Library user-autoload:5: in main chunk

Tried to upgrade to the latest firmware, but that did not resolve the issue. I am using a LM3 Reactor v2.

RE: Support for RS256 (RSA Signature with SHA-256) - admin - 01.02.2020

You need to disable auto-load for this library. user.aes must be loaded first because it loads ssl library, otherwise you will get this error.