|
On Aug 3, 2018, at 11:29 AM, Bak, Doug (LMF) <Doug.Bak@xxxxxxxxxxxxxx> wrote:
I'd like to be able to natively verify a JWT signature using the Crypto APIs, and after reading the API doc for Qc3VerifySignature, I'm not sure how to implement it. According to the doc, parm 1 is the signature, parm 3, I believe is the Base64URL encoded header and payload of the JWT. I'm at the point of receiving CPF9DDB - The key string or Diffie-Hellman parameter string is not valid.
Could someone familiar verify my understanding of the API doc please? Since the tokens are constructed in ASCII, I'm half thinking it's an encoding issue, but before I make too many assumptions, I wanted get other opinions.
Parms:
Signature - Base64Url decoded bytes of the JWT Signature. (Should be
Ascii?) Length of Signature - Length of the Signature string Input
Data - Base64URL encoded string of the JWT header and Payload
(Ascii?/Ebcdic?) Length of Input data - string length of Input data
Input Data Format - 'DATA0100'
Algorithm Description - DataStructure (ALGD0400)
PK Cipher Alg - 50 (RSA)
PKA Block Fmt - '1' (PKCS #1 Block type 1)
Reserved - x'000000'
Signing Hash - 3 (SHA-256)
Algorithm desc Format - 'ALGD0400'
Key desc - Data Structure (KEYD0200)
Key Type - 50 (RSA public)
Key String Len - Length of KeyString
Key Format - '1' (BER string) - Ascii?/Ebcdic?
Reserved - x'000000'
KeyString - BER
encoded x.509 certificate (I think this is the x5c value from the OpenID Connect JWKS info) Key desc Format - 'KEYD0200'
Crypto Provider '0'
Crypto Device Name - *null
Error Code
Thanks,
Doug
--
This is the RPG programming on the IBM i (AS/400 and iSeries)
(RPG400-L) mailing list To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.midrange.co
m_mailman_listinfo_rpg400-2Dl&d=DwICAg&c=TRM22a2q2ENZDxdZ_Nz-0OCGEspXT
WPuaB6Jil0RfKE&r=o-YzpsmRCPgZlWO4EB4wsOj50O0KPLUTK9BP-UzK-UQ&m=WKzmEnO
Q8Iy3E088u3-CBsyXGLnSlYN5xDvpts05i-4&s=OdgJgGIyX2u5Q06gRDZI-N7CRNEfiMe
LqswOFyXgiyk&e= or email: RPG400-L-request@xxxxxxxxxxxx Before
posting, please take a moment to review the archives at
https://urldefense.proofpoint.com/v2/url?u=https-3A__archive.midrange.com_rpg400-2Dl&d=DwICAg&c=TRM22a2q2ENZDxdZ_Nz-0OCGEspXTWPuaB6Jil0RfKE&r=o-YzpsmRCPgZlWO4EB4wsOj50O0KPLUTK9BP-UzK-UQ&m=WKzmEnOQ8Iy3E088u3-CBsyXGLnSlYN5xDvpts05i-4&s=GHsi9cxBOcskrXsqKpQe-ISop2chO5jqDog6tN91nhk&e= .
Please contact support@xxxxxxxxxxxx for any subscription related questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link:
https://urldefense.proofpoint.com/v2/url?u=http-3A__amzn.to_2dEadiD&d=
DwICAg&c=TRM22a2q2ENZDxdZ_Nz-0OCGEspXTWPuaB6Jil0RfKE&r=o-YzpsmRCPgZlWO
4EB4wsOj50O0KPLUTK9BP-UzK-UQ&m=WKzmEnOQ8Iy3E088u3-CBsyXGLnSlYN5xDvpts0
5i-4&s=kcaXqGMBlNNsRgOJ5toMyiOnjziIdowkO-yPor74eBo&e=
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.