RS256 / SHA256withRSA
758 views
Skip to first unread message
Stephen Gray
Jun 29, 2016, 6:17:49 AM6/29/16
to Lucee
Hi all
I am attempting to populate a Google sheet from form submissions (on Mura CMS on Lucee 4.5.2.018 / Apache Tomcat 7.0.37). To do this I need to create a JWT and to do that I need to encrypt various bits of data using the SHA256withRSA algorithm. When I attempt this, however, I get this error:
Algorithm SHA256withRSA not available
Code:
0
Type:
java.security.NoSuchAlgorithmException
Many thanks.
I am attempting to populate a Google sheet from form submissions (on Mura CMS on Lucee 4.5.2.018 / Apache Tomcat 7.0.37). To do this I need to create a JWT and to do that I need to encrypt various bits of data using the SHA256withRSA algorithm. When I attempt this, however, I get this error:
Algorithm SHA256withRSA not available
Code:
0
Type:
java.security.NoSuchAlgorithmException
Algorithm SHA256withRSA not available at javax.crypto.Mac.getInstance(Mac.java:176):176I assume I can take this at face value and the algorithm is not available in Lucee? Is there a list somewhere of the algorithms that are available? Is there a plan to implement this algorithm? And, for now, what is the best way of achieving the encryption I need?
...
...
...
Many thanks.
--
The contents of this message are intended for the addressee only. The views expressed do not necessarily represent those of George Watson's College and the contents do not form a legal binding contract.
George Watson's College is an Edinburgh Merchant Company Education Board School (Scottish Charity No. SC009747).
Jedihomer Townend
Jun 29, 2016, 6:27:00 AM6/29/16
to lu...@googlegroups.com
You'll need to tap into the Java libraries, I have this function for signing bits on my system...
--
Win a ticket to dev.objective from Lucee via Twitter, see http://bit.ly/1UbTMWj for details, good luck and see you there...
---
You received this message because you are subscribed to the Google Groups "Lucee" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/91b92a2f-9733-4abd-8bf2-f709fb7b5856%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Denard Springle
Jun 30, 2016, 8:33:50 AM6/30/16
to Lucee
You can also do this with the bouncy castle JCE provider, see https://www.bouncycastle.org/specifications.html for the specs, http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation for install instructions (use the static method). I've not done this with Lucee, yet, but I've done it a hundred times with ACF. Once the provider is installed you should have access to SHA256withRSA through the native CF functions (e.g. hmac in this case).
HTH
-- Denny
Denard Springle
Jun 30, 2016, 8:45:17 AM6/30/16
to Lucee
Oh, and the list of algorithms available in Java is here: https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html - most of it is already implemented, some is not.
After looking at both BC docs, Java docs and what Jedihomer provided, his is probably the easier solution at the end of the day since it's already wrapped in a function for ya :) Nice work BTW Jedihomer.
-- Denny
Clayton Davis
Jul 1, 2016, 7:48:38 AM7/1/16
to Lucee
See also Ben Nadel's solution here:
https://github.com/bennadel/JSONWebTokens.cfc
https://github.com/bennadel/JSONWebTokens.cfc
Reply all
Reply to author
Forward
0 new messages