Open ozomer opened 6 years ago
Please see: https://crypto.stackexchange.com/a/59168/11354
Sorry I haven't gotten a response to you yet. Saw it when you posted it, but my off-hours have been busier than usual. It's on my to-do list.
No worries. It's better that you take your time and fix this correctly than make changes in a rush and accidentally break over 1M projects that depend on this package :smiley: .
No mystery here then, just some Node.js code doing Node.js stuff (i.e. doing what it can instead of what you asked for, and hoping for the best
I appreciate the snark in that StackOverflow answser, perhaps it's deserved, perhaps it's not. Hopefully I can explain more of the details here though :).
Ref: https://github.com/brianloveswords/node-jwa/issues/8 Ref: https://github.com/nodejs/node/pull/15024
So, as in the two links above - OpenSSL never gave "SHA256 with ECDSA" and the like a name. There was RSA-SHA256 (and friends) and then later SHA256 (and friends) were added as a more generic name and RSA-SHA256 is there as an alias. https://github.com/nodejs/node/pull/15024 explains it better. A step forward here (and for https://github.com/brianloveswords/node-jwa/issues/8) is to switch to those generalized names, and is something I'll open a PR for and see what the test suite says right now. That's where that issue ended, but suggesting someone else open it. This will at least remove confusion of "why is my ecdsa going to rsa code?".
However, it still isn't going to address what you've noticed. Even though you explicitly specify the RSA algorithm ECDSA keys can be used and vice-versa (as long as you're using the same 256, 384 or *512). That isn't something I can immediately solve. Even after the former adjustment, we're still going into generic signer land (openssl dgst -sha256 -sign some.pem
being the equivalent cli).
So options forward to help address this confusion...
noVerify
option to skip this step?tl;dr;
I hope that was helpful, and hope to continue the discussion.
Hi, I'm not an expert in cryptography, but from the stackexchange comments I understand the following:
Check out my fork of jsonwebtoken: jsonwebtoken-ed25519.
Hi, Maybe this is something that I don't understand in cryptography, but I've stumbled upon a strange behaviour. I created a key pair for EC512 with the following commands:
Then, instead of using ECDSA as I should, I used RSA:
And the result was true! Is this an expected behaviour? Is it possible to use ECDSA keys for RSA and vice versa?
Thanks