[naviserver-devel] Verifying HMAC signature [ns_crypto::hmac ... ]

iuri Sat, 23 May 2020 20:35:31 -0700

Hi there,

How can I verify HMAC signatures, using [ns_crypto::hmac ...]?

For example, one has sent an encrypted message:

set secret_message [ns_crypto::hmac string -digest sha256 "Abracadabra" "What is the magic word?"]

... and another wants to verify integrity and authenticity of that message in the other side

CRYPTO library has crypto::verify, as in https://clouddocs.f5.com/api/irules/CRYPTO__verify.html

set secret_key "foobar1234" set data "This is my data" set signed_data [CRYPTO::sign -alg hmac-sha1 -key $secret_key $data] if { [CRYPTO::verify -alg hmac-sha1 -key $secret_key -signature $signed_data $data] } { log local0. "Data verified" }

Also, Chilkat example shows more sophisticated approaches to sign and verify. Nothing so complex. It's just using OO writing the code, to make it code readable and intuitive. https://www.example-code.com/tcl/jws_hmac_sha_256.asp

Thus, I was looking for something similar in the NS Library, such as the method [ns_crypto::md ...], which contains the parameter -verify, but it seems that's not the case of [ns_crypto::hmac ...]. At least it's not in the docs.

https://naviserver.sourceforge.io/n/naviserver/files/ns_crypto.html#8

How would I verify a message using NS library?

Best wishes,


_______________________________________________
naviserver-devel mailing list
naviserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/naviserver-devel

[naviserver-devel] Verifying HMAC signature [ns_crypto::hmac ... ]

Reply via email to