search

dvsekhvalnov / jose-jwt

Ultimate Javascript Object Signing and Encryption (JOSE), JSON Web Token (JWT) and Json Web Keys (JWK) Implementation for .NET and .NET Core
MIT License
921 stars 183 forks source link

Jose.JoseException: Unable to sign content. #234

Closed binoypatel closed 8 months ago

binoypatel commented 8 months ago

Hi there,

After updating to .net 8.0, I am getting above error, I am using ES256 algorithm to sign the JWT, here is a full stack:

[17:12:14 ERR] HTTP POST /api/v1/auth/login responded 500 in 291.7296 ms Jose.JoseException: Unable to sign content. ---> Interop+AppleCrypto+AppleCFErrorCryptographicException: The operation couldn’t be completed. (OSStatus error 100000 - CSSM Exception: 100000 UNIX[Undefined error: 0]) at Interop.AppleCrypto.NativeCreateSignature(SafeSecKeyRefHandle privateKey, ReadOnlySpan1 dataHash, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm) at Interop.AppleCrypto.CreateSignature(SafeSecKeyRefHandle privateKey, ReadOnlySpan1 dataHash, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm) at System.Security.Cryptography.ECDsaImplementation.ECDsaSecurityTransforms.SignHash(Byte[] hash) at System.Security.Cryptography.ECDsa.SignData(Byte[] data, Int32 offset, Int32 count, HashAlgorithmName hashAlgorithm) at Jose.netstandard1_4.EcdsaUsingSha.Sign(ECDsa privateKey, Byte[] securedInput) at Jose.netstandard1_4.EcdsaUsingSha.Sign(Byte[] securedInput, Object key) --- End of inner exception stack trace --- at Jose.netstandard1_4.EcdsaUsingSha.Sign(Byte[] securedInput, Object key) at Jose.JWT.EncodeBytes(Byte[] payload, Object key, JwsAlgorithm algorithm, IDictionary2 extraHeaders, JwtSettings settings, JwtOptions options) at Jose.JWT.Encode(String payload, Object key, JwsAlgorithm algorithm, IDictionary2 extraHeaders, JwtSettings settings, JwtOptions options) at Jose.JWT.Encode(Object payload, Object key, JwsAlgorithm algorithm, IDictionary`2 extraHeaders, JwtSettings settings, JwtOptions options) at Servixcel.Desk.Infrastructure.Security.Services.JwtService.GenerateToken(Guid tenantId, Guid userId, String email, String displayName, String timezone, ProductKind productKind) in /Users/binoypatel/repos/servixcel/desk/server/src/Infrastructure/Security/Services/JwtService.cs:line 56

My environment is given below: Runtime Environment: OS Name: Mac OS X OS Version: 14.1 OS Platform: Darwin RID: osx-arm64 Base Path: /usr/local/share/dotnet/sdk/8.0.100/

.NET workloads installed: Workload version: 8.0.100-manifests.6c33ef20 There are no installed workloads to display.

Host: Version: 8.0.0 Architecture: arm64 Commit: 5535e31a71

.NET SDKs installed: 8.0.100 [/usr/local/share/dotnet/sdk]

.NET runtimes installed: Microsoft.AspNetCore.App 8.0.0 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App] Microsoft.NETCore.App 8.0.0 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]

Other architectures found: x64 [/usr/local/share/dotnet/x64] registered at [/etc/dotnet/install_location_x64]

Can anyone please help?

Kind regards, Binoy

binoypatel commented 8 months ago

Worked with the dotnet team and able to address this in: https://github.com/dotnet/runtime/issues/94959

Closing

dvsekhvalnov commented 8 months ago

Interesting hint with lifetimes of key vs certification, thanks for sharing @binoypatel .

Glad it worked out.