From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <caml-list-owner@inria.fr>
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83])
	by c5ff346549e7 (Postfix) with ESMTPS id 5038E5D5
	for <caml-list@inbox.ocaml.org>; Tue, 19 Feb 2019 09:41:00 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.58,387,1544482800"; 
   d="scan'208";a="369980656"
Received: from sympa.inria.fr ([193.51.193.213])
  by mail2-relais-roc.national.inria.fr with ESMTP; 19 Feb 2019 10:40:59 +0100
Received: by sympa.inria.fr (Postfix, from userid 20132)
	id 2B623825BD; Tue, 19 Feb 2019 10:40:59 +0100 (CET)
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83])
	by sympa.inria.fr (Postfix) with ESMTPS id 80B2C7F61F
	for <caml-list@sympa.inria.fr>; Tue, 19 Feb 2019 10:40:55 +0100 (CET)
Authentication-Results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=mmatalka@gmail.com; spf=Pass smtp.mailfrom=mmatalka@gmail.com; spf=None smtp.helo=postmaster@mail-lj1-f174.google.com
IronPort-PHdr: =?us-ascii?q?9a23=3Al5BUSxGJHKCzG9G8AFqsGp1GYnF86YWxBRYc798d?=
 =?us-ascii?q?s5kLTJ78o8qwAkXT6L1XgUPTWs2DsrQY07qQ6/iocFdDyK7JiGoFfp1IWk1Nou?=
 =?us-ascii?q?QttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZr?=
 =?us-ascii?q?KeTpAI7SiNm82/yv95HJbAhEmDmwbaluIBmqsA7cqtQYjYx+J6gr1xDHuGFIe+?=
 =?us-ascii?q?NYxWNpIVKcgRPx7dqu8ZBg7ipdpesv+9ZPXqvmcas4S6dYDCk9PGAu+MLrrxjD?=
 =?us-ascii?q?QhCR6XYaT24bjwBHAwnB7BH9Q5fxri73vfdz1SWGIcH7S60/VDK/5KlpVRDokj?=
 =?us-ascii?q?8KNzA3/2/XlMJ+kaBUrhyiqRNw34HZe52VOOZkc6/BYd8XX3ZNU8BMXCJBGIO8?=
 =?us-ascii?q?aI4PAvIGM+lCq4nyu1wOrR+7BQKxA+3g0CNIiWXy3a05yesqDAbL3AklH90UrH?=
 =?us-ascii?q?TbttH1NKQIXu2uw6nIyC/Mb/JS2Tvn9IfIdRUhrOiKULltcsTR0VEiGx3ZgliU?=
 =?us-ascii?q?s4DoPDOY2v4Tv2SH7OdsT/+jhmwopg1pvDSj28UhhpPXio4IxV3I7zh1zYkxKN?=
 =?us-ascii?q?GiTEN2YtipG4ZKuS6ALYt5WMYiTnlouCkkzr0Gvoa2fC0Qx5Qmwx7TcviHc4qV?=
 =?us-ascii?q?7h76WuadPDV1iX1/dLKwgBay9kegyuniWcWuzFlKqS9FnsHNtnALyRPT9tCKRu?=
 =?us-ascii?q?Vh8kqlwzqC1ADe5vtaLUwolqfXMYMtz7w/m5YLtETMBC72mEH4jK+McUUk//Cl?=
 =?us-ascii?q?6+HiYrr8up+TLYt0igLkPak1lcy/BP43MgkKX2SB5eu807jj8VXjQLpWlv02jr?=
 =?us-ascii?q?XZsJfCKMsHvKG5BgtV3p8n6xa+FDemzM8VnWIHLVJAYBKIlZLlO1DIIPDiDPew?=
 =?us-ascii?q?mU6gkDlxx6OOArq0CZzIKjDei7r7Zv4p4EdZzE83zMtDz5NSELAIZvzpDBzfrt?=
 =?us-ascii?q?vdWzowNwezx+OvLdxh34cdUCrbB6qQLKrWslag6ecmIu3Kb4gQ7mWuY8M57uLj?=
 =?us-ascii?q?2Cdq0WQWerOkiMNOOSKIW89+KkDcWkLCx9IIEGMEpA07FbW4h1iLUDoVbHG3Df?=
 =?us-ascii?q?tlumMLTbm+BIKGfbiDxaSb1X7iTJJTb2FCTFuLFCWwLtjWa7I3cCuXZ/RZvHkE?=
 =?us-ascii?q?WLymEdFz0BivsEr+yeMiILOLpmsXspXs0NUz7OrWx0k/?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A6AACPzmtchq7QVdFjHQEBBQEHBQGBU?=
 =?us-ascii?q?QgBCwGDO1mEaIc4X4sJgg2JPYVJiRWBewsBASyEQAKDZhoHAQQwCQ0BAwEBAgE?=
 =?us-ascii?q?BAQEBEwEBAQgLCwgbDiMMgjoigm8BAgIBQAEbHgMBCwYFCxYlDwERAhEBBQEcB?=
 =?us-ascii?q?hODIIFaAQMNCASgIjyMLQUBF4J5BYJGgXQKGScNX4E3AgYJAQiFaIUIgUIXgUA?=
 =?us-ascii?q?/hCOCV4gKAqMWMwmPHoM7GYpNiDeIA4k6iwYGAgkHDyGBJYIOMxoIGxVsgjuCH?=
 =?us-ascii?q?AsPCYNLilQ+M4ECJhOMKAEB?=
X-IPAS-Result: =?us-ascii?q?A0A6AACPzmtchq7QVdFjHQEBBQEHBQGBUQgBCwGDO1mEaIc?=
 =?us-ascii?q?4X4sJgg2JPYVJiRWBewsBASyEQAKDZhoHAQQwCQ0BAwEBAgEBAQEBEwEBAQgLC?=
 =?us-ascii?q?wgbDiMMgjoigm8BAgIBQAEbHgMBCwYFCxYlDwERAhEBBQEcBhODIIFaAQMNCAS?=
 =?us-ascii?q?gIjyMLQUBF4J5BYJGgXQKGScNX4E3AgYJAQiFaIUIgUIXgUA/hCOCV4gKAqMWM?=
 =?us-ascii?q?wmPHoM7GYpNiDeIA4k6iwYGAgkHDyGBJYIOMxoIGxVsgjuCHAsPCYNLilQ+M4E?=
 =?us-ascii?q?CJhOMKAEB?=
X-IronPort-AV: E=Sophos;i="5.58,387,1544482800"; 
   d="scan'208";a="369980645"
Received: from mail-lj1-f174.google.com ([209.85.208.174])
  by mail2-smtp-roc.national.inria.fr with ESMTP/TLS/AES128-GCM-SHA256; 19 Feb 2019 10:40:54 +0100
Received: by mail-lj1-f174.google.com with SMTP id z25so9001870ljk.8
        for <caml-list@inria.fr>; Tue, 19 Feb 2019 01:40:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=references:user-agent:from:to:subject:in-reply-to:date:message-id
         :mime-version;
        bh=P2Whf9ynTNahbt6DFngxtROSTMhnL7q7v/kw0hSilpg=;
        b=rjCbgSsRq+hqIFKmf0HZA0DQJGSVPIESbhLYt5Q1hIL2nkSxYx5jBD9qyJ+1X9lpCZ
         4b7WTONGP5NJhTJ+cyo/g+4rGVMXjGegf2W2KXImojVRsl0u9bq9la5m2cMw9X9iZYDt
         0qCWN9vm6ChwR0KgVjLZE0t/cQKBlDQaKviGhTtZPT1uDK3NekDzpt5jKI1EoTGtV5v/
         fhts6jQHDQvTfaL73S9eqsZ+2Rrt/yJMhveI7x7/7/QPGIUY/QP18YLlcpUmiLpZ7kEA
         oT84x61kHcfb1NN2WCbZG1/o2j+Tg1waET7SyLHjpYzCK+IsI+OqD+GkDiXuLnM893jk
         OLLA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:references:user-agent:from:to:subject
         :in-reply-to:date:message-id:mime-version;
        bh=P2Whf9ynTNahbt6DFngxtROSTMhnL7q7v/kw0hSilpg=;
        b=TLyHg2A9B0ciOwJfSlDS5nPnSSDNvgswVkXqjlqQPB7hqTMJmiHEZokL04rEp3qK6o
         FMSlHo0Cv4XjuPnEhlrUC6+YxiBmOEfKBJjNXIH8yzDVdFsVWQbrTRJYM52/W4xEyb9/
         2CtS6m0nPwEx+XTM+xdeDe2ad00XlGHR6AAswdg3dLYrpilNLzi/LjfmRbQVPVztD5/Z
         PtTXaB5wPEp/hJ3zDNtBsgCrqhXOR99oFiy94sNEDm3w1Fw4uupgUGNaRdSTy6+45fEN
         c1dn1Hnh6MeWjRY9iA1wHUOZHo6bGT/GQ2wyHdRDAxjHzCca7yZdyWXxVewjye69w885
         On3w==
X-Gm-Message-State: AHQUAubHhysZEL8EEaIlAQGMIE6IvpSANjWBQymd2L9IapBIDRi65+60
	xUZuwjgZHFbA6S3GA+abMef5TBrb
X-Google-Smtp-Source: AHgI3IYS9OHkm4YHjZDoDkx2GyXNkA33U9rAeOZ7n5citOPXnHH/TlkaNNLWX9QrYKT2tcmx5+o9Vw==
X-Received: by 2002:a2e:9c8e:: with SMTP id x14mr17531775lji.166.1550569253247;
        Tue, 19 Feb 2019 01:40:53 -0800 (PST)
Received: from localhost (host-217-214-149-98.mobileonline.telia.com. [217.214.149.98])
        by smtp.gmail.com with ESMTPSA id q1sm3770557lfb.86.2019.02.19.01.40.52
        for <caml-list@inria.fr>
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Tue, 19 Feb 2019 01:40:52 -0800 (PST)
References: <867edw49ug.fsf@gmail.com>
User-agent: mu4e 1.0; emacs 26.1
From: Malcolm Matalka <mmatalka@gmail.com>
To: caml users <caml-list@inria.fr>
In-reply-to: <867edw49ug.fsf@gmail.com>
Date: Tue, 19 Feb 2019 10:40:50 +0100
Message-ID: <865ztg3yl9.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain
Subject: Re: [Caml-list] Implementing JWT RS256 verification
Reply-To: Malcolm Matalka <mmatalka@gmail.com>
X-Loop: caml-list@inria.fr
X-Sequence: 17355
Errors-to: caml-list-owner@inria.fr
Precedence: list
Precedence: bulk
Sender: caml-list-request@inria.fr
X-no-archive: yes
List-Id: <caml-list.inria.fr>
List-Archive: <http://sympa.inria.fr/sympa/arc/caml-list>
List-Help: <mailto:sympa_inria@inria.fr?subject=help>
List-Owner: <mailto:caml-list-request@inria.fr>
List-Post: <mailto:caml-list@inria.fr>
List-Subscribe: <mailto:sympa_inria@inria.fr?subject=subscribe%20caml-list>
List-Unsubscribe: <mailto:sympa_inria@inria.fr?subject=unsubscribe%20caml-list>

Looking at the source code to Nocrypto, it looks like there is a verify
function but it is not exposed in the .mli for 0.5.4, anyone aware of
why this is the case?  Just an oversight?

Malcolm Matalka <mmatalka@gmail.com> writes:

> Hello,
>
> I'm trying to implement verification of JWT's signed with RS256 and
> having some trouble finding the crypto library I should use for this.
> Nocrypt and CryptoKit are the obvious choices by searching opam, however
> neither of them seem to quite have what I'm looking for.  RS256 is RSA
> with SHA256 and something called PKCS1v1.5 for padding.  I see both of
> these libraries have RSA options but it doesn't seem possible to specify
> the hashing algorithm.  Nocrypto has a PKCS1v1.5 module in the RSA
> module but no hash.  When I call [sig_decode] on my message I get back
> a message text but it also doesn't seem to match what I'm expecting.
>
> My input is the message, the signed signature, and the public key, and
> I'd like to know verify these match correctly.
>
> I really don't know much about crypto and am just trying to implement a
> spec.  Anyone have a suggestion for what library I should use?  Am I
> just missing something?
>
> Thanks,
> /Malcolm