Sample for PS384 #52
Comments
|
I hit into below error: from EVP_DigestVerifyFinal(md_ctx, in->sig.data, in->sig.len); this function in jws_evp_openssl.c file. |
|
Are you compiling against openssl 1.1.x or 3.x? |
|
The difference in the header saying it's an RSA key means it should be using that algorithm & not the EC algorithm. (Not a hard rule, it's a good clue.) |
|
I am using openssl 1.1.x |
Where do I need to make the change in the sample code? Could you please point out the exact change to be done? |
|
This works in my rocky 8 vm with OpenSSL 1.1.1k I need to update to use OpenSSL 3.x. I'm not sure if there is a good way to support both 1.x and 3.x. |
|
I don't think that this is openssl version dependency. We can go with 1.x itself. Could you please use "-----BEGIN RSA PUBLIC KEY-----" instead of "-----BEGIN PUBLIC KEY-----" in your example and try? and make sure you are using proper private key to sign before. I feel that this is the major difference between working and non-working scenarios. |
To read this key, you can use |
|
any further update? |
|
I have added openssl v3 support & added ubuntu runners that build and run both openssl 1.1.x and v3 successfully. |
Could you please provide me the sample for PS384 like,
https://github.com/xmidt-org/cjwt/blob/main/examples/basic/rs_example.c
I tried using this same code but made only one change,
My public key header is ""-----BEGIN RSA PUBLIC KEY-----" instead of "-----BEGIN PUBLIC KEY-----". So I made change in /src/jws_evp_openssl.c --> in verify_rsa() function, --> replaced PEM_read_bio_RSA_PUBKEY( ) with PEM_read_bio_RSAPublicKey( ).
now getting error in EVP_DigestVerifyFinal( ), this function returns 0 instead of 1.
Can you provide the sample for this?
The text was updated successfully, but these errors were encountered: