Mirror of forum.nim-lang.org

6628 :: Which version of OpenSSL to get QuickJWT linking?

[2020-08-01T09:28:16+02:00]

jasonfi (orginal) [2020-08-01T09:28:16+02:00] view original

I'm using QuickJWT: https://github.com/treeform/quickjwt

Using the latest stable OpenSSL (v1.1.1g) I have missing symbols:

_EVP_MD_CTX_create _EVP_MD_CTX_destroy

Is the problem that QuickJWT needs to be updated to work with the latest stable version of OpenSSL? If I have to downgrade OpenSSL, then to which version?

treeform (orginal) [2020-08-01T14:59:56+02:00] view original

Make sure you are linking to the most recent version. Are you on Windows, Linux or Mac? Can you list openssl versions you have installed?

treeform (orginal) [2020-08-01T15:08:17+02:00] view original

Can you get it to work if you mess with this line? https://github.com/nim-lang/Nim/blob/bf320ed172f74f60fd274338e82bdc9ce3520dd9/lib/wrappers/openssl.nim#L624

jasonfi (orginal) [2020-08-01T15:14:01+02:00] view original

I'm on a Mac OS X trying to use OpenSSL v1.1.1g.

jasonfi (orginal) [2020-08-01T15:15:26+02:00] view original

That worked! I changed that line to:
when defined(windows):

Now it links ok.

jasonfi (orginal) [2020-08-01T15:18:12+02:00] view original

I was just curious, why not wrap libjwt instead? https://github.com/benmcollins/libjwt

treeform (orginal) [2020-08-01T19:12:28+02:00] view original

Why wrap a whole library when 200 lines is enough? QuickJWT is a pretty small library.

Most of the issues are with openSSL, not the JWT stuff. JWT stuff is pretty easy. Libjwt still links with openSSL so that does not solve my main problem.

jasonfi (orginal) [2020-08-01T20:42:10+02:00] view original

Thanks for the cool library!

timothee (orginal) [2020-09-17T04:44:28+02:00] view original

Why wrap a whole library when 200 lines is enough? QuickJWT is a pretty small library.
but functionality is incomplete, eg I can't use it to verify the jwt with aws, see verifySignature doesn't work with AWS cognito / oauth2 which uses ES256 · Issue #11 · yglukhov/nim-jwt

treeform (orginal) [2020-09-17T23:19:49+02:00] view original

Thats true, I don't support ES256. I had no need to.

I don't think supporting ES256 would be that complex. Probably another 70 lines or so.

I