You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The JwkEC class produces signatures using the SHA256withECDSA, SHA384withECDSA, and SHA512withECDSA algorithms which encode signatures in the ASN.1 DER format. This appears to violate RFC 7518 - JSON Web Algorithms (JWA) which states that a raw concatenation of the pair (R, S) should be used as encoding for the signature. Tokens produced by the current implementation will fail verification (unless the token consumer accepts the non-standard ASN.1 DER format for the signature).
Possibly relevant:
Support for verifying tokens whose signature uses the standard format was introduced in commit 40934aa using changeSignatureEncodingToDER.
For compliance with RFC 7518 it should be sufficient to populate JwkEC.ALG_MAP with SHA256withECDSAinP1363Format, SHA384withECDSAinP1363Format, and SHA512withECDSAinP1363Format instead. The changeSignatureEncodingToDER method could then be removed. This change would cause signature validation to fail for tokens signed with the current implementation.
Steps to reproduce
Build a Jwt and sign it using JwkEC
Pass SignedJwt.tokenContent() to an other JWT implementation (e.g., JOSE4j) for signature verification
The verification fails
The text was updated successfully, but these errors were encountered:
Environment Details
Problem Description
The
JwkEC
class produces signatures using theSHA256withECDSA
,SHA384withECDSA
, andSHA512withECDSA
algorithms which encode signatures in the ASN.1 DER format. This appears to violate RFC 7518 - JSON Web Algorithms (JWA) which states that a raw concatenation of the pair(R, S)
should be used as encoding for the signature. Tokens produced by the current implementation will fail verification (unless the token consumer accepts the non-standard ASN.1 DER format for the signature).Possibly relevant:
changeSignatureEncodingToDER
.JwkEC.ALG_MAP
withSHA256withECDSAinP1363Format
,SHA384withECDSAinP1363Format
, andSHA512withECDSAinP1363Format
instead. ThechangeSignatureEncodingToDER
method could then be removed. This change would cause signature validation to fail for tokens signed with the current implementation.Steps to reproduce
Jwt
and sign it usingJwkEC
SignedJwt.tokenContent()
to an other JWT implementation (e.g., JOSE4j) for signature verificationThe text was updated successfully, but these errors were encountered: