crypto openssl jwt rs256

Hello,
I am trying to create a signature for jwt object. I already have header, payload, and a private key, and I verified with https://jwt.io/ that I can generate the header and payload part correctly. I am trying for alg: rs256.

For signature, I am trying the following:
local data = header_base64 … “.” … payload_base64
local signature = crypto.hmac(crypto.sha256, data, private_key)

But the signature I get here does not match with https://jwt.io/

Anyone has any recent experience with this? Generating jwt with rs256 algorithm.

I also looked at openssl plugins, not sure if I could use anything from there to generate the siganture, any help is really appreciated, thank you.

I just figured it out, openssl pkey_read() and sign() did the job for me.

local openssl = require("plugin.openssl")

local pkey = openssl.pkey_read(private_key, false, "pem")
local signature = openssl.sign(data, pkey, 'sha256WithRSAEncryption')

Where private_key is a plain string variable in pem format.

Thank you for creating the openssl plugin.

1 Like