search

w3c / webpayments-methods-tokenization

https://w3c.github.io/webpayments-methods-tokenization/index.html
Other
15 stars 15 forks source link

Proposal for dealing with Signed and Unsigned data #23

Closed cyberphone closed 6 years ago

cyberphone commented 6 years ago

This is actually an attempt getting feedback on a generic proposal I'm working on. I believe that it could be used in your application as well...

The current scheme called JCS offers clear text JSON signatures like this:

{
    "merchantId": "m678",
    "amount": "23.45",
    "signature": {
        "algorithm": "ES256",
        "publicKey": {
            "kty": "EC",
            "crv": "P-256",
            "x": "PxlJQu9Q6dOvM4LKoZUh2XIe9-pdcLkvKfBfQk11Sb0",
            "y": "6IDquxrbdq5ABe4-HQ78_dhM6eEBUbvDtdqK31YfRP8"
        },
        "value": "i_7gV4ohCuhyXnWelbWgbqidJwvVUipnkL8Fc6JdqeLsUuo4Go9Ho-E3aS7EjQNoOYjOBo2SMpaTRjms3iPSUw"
    }
}

where "merchantId" and "amount" are signed.

The proposal for adding support for unsigned data (without forcing the signed data to move one level down to a separate object), is introducing an "excluded" property holding an array of properties that should be excluded in the signature process:

{
    "merchantId": "m678",
    "amount": "23.45",
    "someOtherData": "whatever",
    "signature": {
        "excluded": ["someOtherData"],
        "algorithm": "ES256",
        "publicKey": {
            "kty": "EC",
            "crv": "P-256",
            "x": "PxlJQu9Q6dOvM4LKoZUh2XIe9-pdcLkvKfBfQk11Sb0",
            "y": "6IDquxrbdq5ABe4-HQ78_dhM6eEBUbvDtdqK31YfRP8"
        },
        "value": "3WoTsrMNAyf3ayfHoE-H_W334Ef0N9lASbK_2IOiQVqRPAe0Ff0ibVJGHq37386sG8bDkS5E0pOhD7NaIKSegw"
    }
}

That is, the "excluded" property itself as well as the properties it refers to (here "someOtherData") would be excluded from the signature canonicalization/normalization process. You can safely delete them from the JSON object after consumption and the signature should validate anyway.

adrianhopebailie commented 6 years ago

without forcing the signed data to move one level down to a separate object

Is this a critical requirement? It seems like if it is not then JCS doesn't add much to JWS or am I missing something?

cyberphone commented 6 years ago

@adrianhopebailie This issue only describes a possible extension to JCS, enabling a straightforward way dealing with Signed and Unsigned JSON data.

How you would do that using JWS is hard to tell without having a specification.

cyberphone commented 6 years ago

@mattsaxon Here is the same thing in a JCS version in preparation which adopts the JWS attributes, JWK, and JWA:

{
  "aSignedProperty": "something",
  "anUnsignedProperty": "something else",
  "signature": {
    "alg": "ES256",
    "jwk": {
      "kty": "EC",
      "crv": "P-256",
      "x": "_gow8fcS3Dx9z6j57U5q8tunnRBdrgLU9A7CZTYCnqU",
      "y": "bdfJGraBVL5aPj38TG4tHwxpU2VKwG1XBp0wQfCLOFQ"
    },
    "excl": ["anUnsignedProperty"],
    "val": "nVnZtJUdUktFRdDLEchf .... tfe7j-jhirzZ9t50qSvLudpo2pw"
  }
}

Compared to the original JWS, both the Data and the Header (keys, algorithms) are in clear.

ianbjacobs commented 6 years ago

@cyberphone,

I'm closing this issue here since the signature work in the task force has moved to another repo and feedback here has slowed.