Forum Discussion
Rene_C_
Nimbostratus
Jan 04, 2021JWT verify signature with CRYPTO::verify fails
Hi,
preface: i dont have APM available for this specific issue.
I get a JWT sent in the Auth header, and i can just parse it fine from within an irule. the part that i just cannot get to work is to verify the signature.
It always fails, no matter what i try and if i try to do a CRYPTO::sign with the same data/alg/key, i always get different results from i.e. jwt.io.
log local0.debug [b64encode [CRYPTO::sign -alg hmac-sha512 -key "test1234" "{\"alg\":\"HS512\",\"typ\": \"JWT\"}.{\"sub\":\"indy\",\"iat\":1609754374,\"exp\":1609754434}"]]
this gives a completely different result than on jwt.io (apart from the signature on jwt.io being b64url-encoded).
Any idea why?
Thanks,
Rene
No RepliesBe the first to reply
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects