TLS signature with opam:tls

mro · February 27, 2022, 10:56am

thank you @hannes - that got me over the hill to a final

let test_sign_sha256 () =
  let open Lwt in
  let p =
    (*
$ openssl genrsa -out private.pem 2048
$ openssl rsa -in private.pem -outform PEM -pubout -out public.pem
    *)
    (* https://mirleft.github.io/ocaml-tls/doc/tls/X509_lwt/#val-private_of_pems *)
    X509_lwt.private_of_pems ~cert:"public.pem" ~priv_key:"private.pem"
    >>= fun (_, priv) ->
    let data : string = "to-be-signed-data" in
    let signature : string =
      (*
    https://mirleft.github.io/ocaml-x509/doc/x509/X509/Private_key/#cryptographic-sign-operation
    *)
      X509.Private_key.sign `SHA256 ~scheme:`RSA_PKCS1 priv
        (`Message (Cstruct.of_string data))
      |> Result.get_ok |> Cstruct.to_string |> Base64.encode_exn
    in
    signature
    |> Assert2.equals_string "sig 256"
         "TVMQvS8OZ94BFvMn8ToL0jG01L1T3Dww4o7R6NwcJd7KsOmZtUKzzCezbnY5gjSECj/cfXxs2mrZlk9xGntTKqhJ6YIZmM3BBdXuPl8IyWms/ qtqZ4d+NVfMVDhYeGm43+j2HTegpcH2px9auXSThd2WcJmc7J98g9hx5+pEr6hA2UjawzOPYxIyyhNHzX9L1hTu6Xyjq6OkPWgqK9aHnAnGG1f3LgH+     YTR0T/l5ODPCyKboFMfvmnQ2PDNRPgsz82j9YuMVF2sE/TCdpTg+T6dX99Hmp35lomXnf1GSTrVAWBcx6mFEOABMrFSRRcMzGo9zCWPb/               y8V3xWaSpjroQ==";
    return ()
  in
  Lwt_main.run p

Feels good.

Topic		Replies	Views
[ANN] elliptic curves - maintainable and verified (full stack, from primitives to TLS) Community mirageos , announce , encryption , cryptography , network	2	1097	August 24, 2021
Interest in a Http_sig library? Ecosystem	4	1138	September 24, 2022
[ANN] mirage-crypto 0.11.3 (with more speed for elliptic curves) -- and the future roadmap of mirage-crypto Ecosystem announce , cryptography	7	294	February 28, 2024
[ANN] First release of awa-ssh Community mirageos , announce , cryptography	0	1501	January 7, 2021
[ann] jose 0.2.0 Community opam , announce	0	931	March 16, 2020

TLS signature with opam:tls

Related Topics