Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWS Signatures do not match #1

Closed
OR13 opened this issue Dec 4, 2019 · 3 comments
Closed

JWS Signatures do not match #1

OR13 opened this issue Dec 4, 2019 · 3 comments

Comments

@OR13
Copy link
Member

OR13 commented Dec 4, 2019

When making the following patch to @panva/jose, I can get the same sigantures

as the json-ld-sigantures repo for Ed25519.

https://github.com/panva/jose/blob/master/lib/jws/sign.js#L95

if (joseHeader.protected.crit && joseHeader.protected.crit.includes('b64')) {
      if (i(this).b64 !== undefined && i(this).b64 !== joseHeader.protected.b64) {
        throw new JWSInvalid('the "b64" Header Parameter value MUST be the same for all recipients')
      } else {
        i(this).b64 = joseHeader.protected.b64
      }
      if (!joseHeader.protected.b64) {
        i(this).payload = base64url.decodeToBuffer(i(this).payload)
        // i(this).payload = base64url.decode(i(this).payload)
      }
    }

    recipient.header = unprotectedHeader
    recipient.protected = Object.keys(joseHeader.protected).length ? base64url.JSON.encode(joseHeader.protected) : ''
    // const data = Buffer.from(`${recipient.protected}.${i(this).payload}`);
    const data = Buffer.concat([
      Buffer.from(recipient.protected),
      Buffer.from('.'),
      i(this).payload
    ])
    recipient.signature = base64url.encodeBuffer(sign(alg, key, data))
  }
@OR13 OR13 mentioned this issue Dec 4, 2019
Open
@OR13
Copy link
Member Author

OR13 commented Dec 5, 2019 

from jwcrypto import jwk
from jwcrypto import jws
from jwcrypto.common import json_decode, json_encode


keys = {
    "publicKeyJwk": {
        "crv": "Ed25519",
        "x": "h83ufcOAO9zVigHCgOOTp8waN_ycH4xnPRvn45yu6gw",
        "kty": "OKP",
        "kid": "8R_gUPjBoJ_nf39_G7VLGWNuhL5etuW7zvS46kwYN6Q"
    },
    "privateKeyJwk": {
        "crv": "Ed25519",
        "x": "h83ufcOAO9zVigHCgOOTp8waN_ycH4xnPRvn45yu6gw",
        "d": "Mqr_E4EQ51DxzVHh74HEy6F0JIykqDnrwgeJOxiLeTU",
        "kty": "OKP",
        "kid": "8R_gUPjBoJ_nf39_G7VLGWNuhL5etuW7zvS46kwYN6Q"
    }
}


header = {
    "alg": "EdDSA",
    "b64": False,
    "crit": ["b64"]
}


payload = bytes.fromhex('4a4b4c')
# # payload = 'test'
# payload = json_encode({"hello": 1})

s = jws.JWS(payload)
s.add_signature(jwk.JWK.from_json(json_encode(keys['privateKeyJwk'])),
                'EdDSA', json_encode(header))

jws = s.serialize(compact=True)


print(jws)

was able to prove that @panva/jose detached jws matches this python library... pretty sure its correct.

@OR13 OR13 closed this as completed Dec 14, 2019
@Taraawan
Copy link

Taraawan commented Oct 4, 2022

How to use jose libarary unencoded payload b64:false using nodejs any idea??

@OR13
Copy link
Member Author

OR13 commented Oct 4, 2022

hmm, maybe try:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@OR13 @Taraawan