David Kierans rondomondo
rondomondo
/ rsa_sig_check.py
Last active
December 22, 2022 14:40
Sign and Verify signature using a SSL certificate. I've been wanting to play around with various RSA signing methods. Particularly around JWT RSA signed tokens and verifying a sig using the public key extracted from a website certificate. Some of the nuances of it all can be a bit tricky. As part of my effort to get my head around it I cobbled t…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import argparse | |
| import sys | |
| import os | |
| from datetime import datetime | |
| from os import path | |
| import pprint | |
| from urllib3 import connection |
rondomondo
/ check_jwt_sig.py
Last active
February 21, 2024 14:55
Two methods/examples of how to decode and verify the signature of AWS cognito JWT web tokens externally. This uses RSA key pair and alternatively PKCS1_v1_5. See https://gist.github.com/rondomondo/efff911f2c41c295e23415e94e12b8d3 for example of signing and verification by downloading an ISSUERS PKI SSL certificate from the signers website, and h…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| import time | |
| import json | |
| import base64 | |
| import requests | |
| import argparse | |
| from base64 import urlsafe_b64decode, b64decode | |
| from Crypto.Hash import SHA256, SHA512 |