search

auth0 / node-jwa

JSON Web Algorithms
http://tools.ietf.org/id/draft-ietf-jose-json-web-algorithms-08.html
MIT License
98 stars 42 forks source link

PS*: fix PS* signatures #34

Closed omsmith closed 5 years ago

omsmith commented 5 years ago

https://tools.ietf.org/html/rfc7518#section-3.5 describes "The size of the salt value is the same size as the hash function output.".

Fixes: https://github.com/brianloveswords/node-jws/issues/85 PR-URL: https://github.com/brianloveswords/node-jwa/pull/34

omsmith commented 5 years ago

@panva is this the fix you expected? Seems like jwt.io still isn't verifying... hmmph

panva commented 5 years ago

is this the fix?

Yes.

Seems like jwt.io still isn't verifying

It is for me.

🤔

omsmith commented 5 years ago

This is what I'm trying. Yours both work, but PS256 still fails for jws/jwa

'use strict';

const { generateKeyPair } = require('crypto');
const { promisify } = require('util');

const base64url = require('base64url');

const { JWK, JWS } = require('@panva/jose');
const jws = require('.');

const ALGS = ['RS256', 'PS256'];
const PAYLOAD = JSON.stringify({ foo: 'bar' });

promisify(generateKeyPair)('rsa', {
    modulusLength: 2048
}).then(async keys => {

    process._rawDebug('pubkey\n', keys.publicKey.export({ type: 'spki', format: 'pem' }));

    for (const alg of ALGS) {
        process._rawDebug(`${alg} signature (jwa)\n`, jws.sign({
            header: { alg },
            payload: PAYLOAD,
            privateKey: keys.privateKey
        }));

        process._rawDebug(`${alg} signature (@panva/jose)\n`, JWS.sign(PAYLOAD, JWK.importKey(keys.privateKey), { alg }));
    }
});
omsmith commented 5 years ago

Oh. derp

panva commented 5 years ago

What is it? :-)

omsmith commented 5 years ago 
diff --git a/index.js b/index.js
index 8def0ec..e71e6d1 100644
--- a/index.js
+++ b/index.js
@@ -173,7 +173,7 @@ function createPSSKeySigner(bits) {
     var sig = (signer.update(thing), signer.sign({
       key: privateKey,
       padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
-      salt: crypto.constants.RSA_PSS_SALTLEN_DIGEST
+      saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
     }, 'base64'));
     return fromBase64(sig);
   }
@@ -189,7 +189,7 @@ function createPSSKeyVerifier(bits) {
     return verifier.verify({
       key: publicKey,
       padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
-      salt: crypto.constants.RSA_PSS_SALTLEN_DIGEST
+      saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
     }, signature, 'base64');
   }