Ready to implement JWT signature

esp32_device/main/crypto.c

@@ -224,4 +224,10 @@ char *crypto_encode_base64_safe_url(const char *src, size_t srclen)
         out[olen - 2] = '\0';
 
     return out;
+}
+
+char *crypto_sign_sha256_payload(const char *src, const size_t src_len, size_t *srclen)
+{
+    *srclen = 10;
+    return calloc(1, 10);
 }

esp32_device/main/crypto.h

@@ -39,6 +39,11 @@ extern "C"
      */
     char *crypto_encode_base64_safe_url(const char *src, size_t srclen);
 
+    /**
+     * Sign some data using sha256
+     */
+    char *crypto_sign_sha256_payload(const char *src, const size_t src_len, size_t *srclen);
+
 #ifdef __cplusplus
 }
 #endif

esp32_device/main/jwt.c

@@ -77,10 +77,39 @@ char *jwt_gen(cJSON *payload)
     free(header_b64);
     free(body_b64);
 
-    // TODO : wip
+    size_t sig_len = 0;
-    printf("unsigned = %s\n", unsigned_jwt);
+    char *sig = crypto_sign_sha256_payload(unsigned_jwt, strlen(unsigned_jwt), &sig_len);
-    free(unsigned_jwt);
 
-    // TODO : continue
+    if (!sig || sig_len == 0)
-    return strdup("TODO:)");
+    {
+        ESP_LOGE(TAG, "Failed to sign JWT!");
+        if (sig)
+            free(sig);
+        free(unsigned_jwt);
+        return NULL;
+    }
+
+    char *sig_b64 = crypto_encode_base64_safe_url(sig, sig_len);
+    free(sig);
+    if (!sig_b64)
+    {
+        ESP_LOGE(TAG, "Failed to encode base64 signature to base64!");
+        free(unsigned_jwt);
+        return NULL;
+    }
+
+    char *jwt = calloc(1, 1 + strlen(unsigned_jwt) + 1 + strlen(sig_b64));
+    if (!jwt)
+    {
+        ESP_LOGE(TAG, "Failed to allocate memory to store final JWT!");
+        free(unsigned_jwt);
+        free(sig_b64);
+        return NULL;
+    }
+    sprintf(jwt, "%s.%s", unsigned_jwt, sig_b64);
+
+    free(unsigned_jwt);
+    free(sig_b64);
+
+    return jwt;
 }