Login/Register
Verifying jwt tokens [rsa]
Asked Answered
Solved cryptographyjwtdigital-signature
P

3

10

A collegue and myself have been trying to understand how jwt tokens verify tokens, but from our reading we seem to be confusing ourselves.

Please can someone help confirm whether my thinking is correct

  • Tokens are signed using the private key. The signature is a combination of the header and payload encrypted using the private key and added to the jwt as the last part, the signature.
  • In order to verify the token the receiver can replicate this process using the public key. They encrypt the header and payload to see if it the same as the signature. Note this is not decryption. The receiver is not decrypting the token (this is the main thing we are unsure of). -The receiver cannot issue new tokens as they do not have the private key to encrypt a new token with.

I have read the jwt documentation on both RS256 and HS256 and still struggling to confirm my thinking, hence the post.

Prier answered 7/3, 2017 at 9:41 Comment(0)
H
11

Tokens can be digitally signed using a key pair, private and public, or hashed using a secret key:

  • RS256 :RSA KeyPair with SHA256. Token is signed with private key and verified using the public

  • HS256: HMAC key with SHA256. The key is the same to sign and verify

A compact JWT looks like this hhhhh.ppppp.sssss

  • hhhhh: Header of JWT, includes the algorithm used to sign the token. e.g {"alg":"RS256","typ":"JWT"}. Encoded in base64url

  • ppppp: Payload of JWT, include some useful claims like sub, iss or exp. Encoded in base64url

  • sssss: Signature of JWT , performed on the concatenation of the base64 url encoding of header and payload using the specified algorithm and encoded in base64. E.g b64(signature(hhhhhh.pppppp))

Answering your question, you are refering to RS256 using a key pair where the client verifies the token using the public key (a verification with HMAC key would mean client and server share the key)

The token is signed (not encrypted) with the algorithm I wrote above. To verify, the client verifies that signature match with the first part of the token hhhhhh.pppppp using the provided public key. Digital signature verification is a standard operation supported in all modern languages. Note that is not the same as encryption/decryption

Hussite answered 7/3, 2017 at 10:50 Comment(5)
When you say To verify, the client verifies that signature match with the first part of the token b64u(hhhhhh).b64u(pppppp) using the provided public key. How does this part happen?Prier
I fixed error: hhhhh and ppppp are encoded in b64url in compact JWT. The text could confuse.Hussite
The client decodes the signature from base64 and verifies that it match with the provided public key (pseudocode verifies = verify (signedData, b64_decode(signature), publicKey), where signedData is equal to hhhhh.ppppp. A digital signature verification is supported natively by most programming languages. (Internally it will check using the publicKey that the hash contained in signature match with given signedData)Hussite
Ah ok so it doesn't encrypt any hhhhh.ppppp using the public key then compare it with the already signed data? This is where there is a difference between verify and encrypt like you mentioned at the end of your answer?Prier
Yes, the client does not need to encrypt anything. Verifying a digital signature should be a simple operation supported directly by the language.Hussite
L
12

I was dealing with the same question when I was learning about multiples signing algorithms. So, when we are singing and validating sings with RSASHA256 in JWT, this is the process:

  1. Sign = RSA(SHA256(base64(header) + "." + base64(payload)), private_key)
  2. Sign is valid, if RSA(Sign, public_key) equals to SHA256(base64(header) + "." + base64(payload))

For more information, visit this link: https://www.cs.cornell.edu/courses/cs5430/2015sp/notes/rsa_sign_vs_dec.php#:~:text=RSA%20Digital%20Signatures&text=To%20sign%20a%20message%20m,result%20equals%20the%20expected%20message.&text=That's%20the%20textbook%20description%20of%20RSA%20signatures.

Lithiasis answered 13/2, 2021 at 4:6 Comment(0)
H
11

Tokens can be digitally signed using a key pair, private and public, or hashed using a secret key:

  • RS256 :RSA KeyPair with SHA256. Token is signed with private key and verified using the public

  • HS256: HMAC key with SHA256. The key is the same to sign and verify

A compact JWT looks like this hhhhh.ppppp.sssss

  • hhhhh: Header of JWT, includes the algorithm used to sign the token. e.g {"alg":"RS256","typ":"JWT"}. Encoded in base64url

  • ppppp: Payload of JWT, include some useful claims like sub, iss or exp. Encoded in base64url

  • sssss: Signature of JWT , performed on the concatenation of the base64 url encoding of header and payload using the specified algorithm and encoded in base64. E.g b64(signature(hhhhhh.pppppp))

Answering your question, you are refering to RS256 using a key pair where the client verifies the token using the public key (a verification with HMAC key would mean client and server share the key)

The token is signed (not encrypted) with the algorithm I wrote above. To verify, the client verifies that signature match with the first part of the token hhhhhh.pppppp using the provided public key. Digital signature verification is a standard operation supported in all modern languages. Note that is not the same as encryption/decryption

Hussite answered 7/3, 2017 at 10:50 Comment(5)
When you say To verify, the client verifies that signature match with the first part of the token b64u(hhhhhh).b64u(pppppp) using the provided public key. How does this part happen?Prier
I fixed error: hhhhh and ppppp are encoded in b64url in compact JWT. The text could confuse.Hussite
The client decodes the signature from base64 and verifies that it match with the provided public key (pseudocode verifies = verify (signedData, b64_decode(signature), publicKey), where signedData is equal to hhhhh.ppppp. A digital signature verification is supported natively by most programming languages. (Internally it will check using the publicKey that the hash contained in signature match with given signedData)Hussite
Ah ok so it doesn't encrypt any hhhhh.ppppp using the public key then compare it with the already signed data? This is where there is a difference between verify and encrypt like you mentioned at the end of your answer?Prier
Yes, the client does not need to encrypt anything. Verifying a digital signature should be a simple operation supported directly by the language.Hussite
B
-3

you can get a detailed description of JWT auth tokens in official website https://jwt.io/introduction/

Buckeen answered 7/3, 2017 at 9:45 Comment(1)
I have already read that, but we are still confused. Hence the post.Prier

© 2022 - 2024 — McMap. All rights reserved.