0

I'm attempting to authorize with the Google Data API as a service in a language for which there isn't any client library. The crux is in how to generate the signature. To do this I have to encode a string using "SHA256 with RSA".

I have it from here that it shouldn't be "terribly difficult" however I cannot find a description of the procedure? Anyone knows?

(The language does have a function to generate SHA256 hash codes.)

Improve this question
4
  • What language are you actually using? And, please also specify which auth procedure Google Data API uses. Commented Aug 31, 2013 at 16:41
  • Please provide a link to the spec of what you want to implement. RSA+SHA256 isn't enough to fully describe the scheme. Commented Aug 31, 2013 at 17:30
  • @CodesInChaos This is the description, is it enough? "Sign the UTF-8 representation of the input using SHA256withRSA (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA-256 hash function) with the private key obtained from the API console." (I mean that PKC... part) Commented Aug 31, 2013 at 17:39
  • @NickolayOlshevsky Mathematica. oAuth 2.0 with a service account: developers.google.com/accounts/docs/OAuth2ServiceAccount Commented Aug 31, 2013 at 17:40

1 Answer 1

Reset to default
2

OAuth 2.0 requires RSASSA-PKCS1-V1_5-SIGN, which is described in RFC 3447. Just check section 9.2 of this RFC - you need just add some formatting to the hash of your message.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.