A collegue and myself have been trying to understand how jwt tokens verify tokens, but from our reading we seem to be confusing ourselves. Please can someone help confirm whether my thinking is correct Tokens are signed using the private key. The signature is a combination of the header and payload encrypted using the private key and added to the jwt as the last part, the signature. In order to verify the token the receiver can replicate this process using the public key. They encrypt the header and payload to see if it the same as the signature. Note this is not decryption. The receiver is not decrypting the token (this is the main thing we are unsure of). -The receiver cannot issue new tokens as they do not have the private key to encrypt a new token with. I have read the jwt documentation on both RS256 and HS256 and still struggling to confirm my thinking, hence the post.

Tokens can be digitally signed using a key pair, private and public, or hashed using a secret key: RS256 :RSA KeyPair with SHA256. Token is signed with private key and verified using the public HS256 : HMAC key with SHA256. The key is the same to sign and verify A compact JWT looks like this hhhhh.ppppp.sssss hhhhh : Header of JWT, includes the algorithm used to sign the token. e.g {"alg":"RS256","typ":"JWT"} . Encoded in base64url ppppp : Payload of JWT, include some useful claims like sub , iss or exp . Encoded in base64url sssss : Signature of JWT , performed on the concatenation of the base64 url encoding of header and payload using the specified algorithm and encoded in base64. E.g b64(signature(hhhhhh.pppppp)) Answering your question, you are refering to RS256 using a key pair where the client verifies the token using the public key (a verification with HMAC key would mean client and server share the key) The token is signed (not encrypted) with the algorithm I wrote above. To verify, the client verifies that signature match with the first part of the token hhhhhh.pppppp using the provided public key. Digital signature verification is a standard operation supported in all modern languages. Note that is not the same as encryption/decryption

cryptographyjwtdigital-signature

Ryan-Neal Mes

Reputation: 6263

Verifying jwt tokens [rsa]

A collegue and myself have been trying to understand how jwt tokens verify tokens, but from our reading we seem to be confusing ourselves.

Please can someone help confirm whether my thinking is correct

Tokens are signed using the private key. The signature is a combination of the header and payload encrypted using the private key and added to the jwt as the last part, the signature.
In order to verify the token the receiver can replicate this process using the public key. They encrypt the header and payload to see if it the same as the signature. Note this is not decryption. The receiver is not decrypting the token (this is the main thing we are unsure of). -The receiver cannot issue new tokens as they do not have the private key to encrypt a new token with.

I have read the jwt documentation on both RS256 and HS256 and still struggling to confirm my thinking, hence the post.

Upvotes: 10

Answers (3)

Andres Rodriguez

Reputation: 221

I was dealing with the same question when I was learning about multiples signing algorithms. So, when we are singing and validating sings with RSASHA256 in JWT, this is the process:

Sign = RSA(SHA256(base64(header) + "." + base64(payload)), private_key)
Sign is valid, if RSA(Sign, public_key) equals to SHA256(base64(header) + "." + base64(payload))

For more information, visit this link: https://www.cs.cornell.edu/courses/cs5430/2015sp/notes/rsa_sign_vs_dec.php#:~:text=RSA%20Digital%20Signatures&text=To%20sign%20a%20message%20m,result%20equals%20the%20expected%20message.&text=That's%20the%20textbook%20description%20of%20RSA%20signatures.

Upvotes: 13

pedrofb

Reputation: 39311

Tokens can be digitally signed using a key pair, private and public, or hashed using a secret key:

RS256 :RSA KeyPair with SHA256. Token is signed with private key and verified using the public
HS256: HMAC key with SHA256. The key is the same to sign and verify

A compact JWT looks like this hhhhh.ppppp.sssss

hhhhh: Header of JWT, includes the algorithm used to sign the token. e.g {"alg":"RS256","typ":"JWT"}. Encoded in base64url
ppppp: Payload of JWT, include some useful claims like sub, iss or exp. Encoded in base64url
sssss: Signature of JWT , performed on the concatenation of the base64 url encoding of header and payload using the specified algorithm and encoded in base64. E.g b64(signature(hhhhhh.pppppp))

Answering your question, you are refering to RS256 using a key pair where the client verifies the token using the public key (a verification with HMAC key would mean client and server share the key)

The token is signed (not encrypted) with the algorithm I wrote above. To verify, the client verifies that signature match with the first part of the token hhhhhh.pppppp using the provided public key. Digital signature verification is a standard operation supported in all modern languages. Note that is not the same as encryption/decryption

Upvotes: 11

Affan Ahmed

Reputation: 1

you can get a detailed description of JWT auth tokens in official website https://jwt.io/introduction/

Upvotes: -3

Verifying jwt tokens [rsa]

Answers (3)

Related Questions