-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid Signature #58
Comments
The problem is that the dart library for PSS uses a fixed salt length of 32 bytes (s. here), while RFC 7518, sec. 3.5 defines that the salt length must correspond to the digest output size, i.e. 32 bytes for PS256, 48 bytes for PS384 and 64 bytes for PS512. Therefore, the current implementation only generates RFC7518 compliant signatures for PS256, but neither for PS384 nor for PS512. |
Thanks for your response. I have just confirmed this is the issue. I updated the following from 32 > 64 and it is now working. I will add a switch statement for the version and submit a PR.
|
Be careful. If you hard-code 64 instead of 32, PS512 will work, but no longer PS256 and PS384. A possible working solution is e.g. to implement a function: int _getDigestOutputSize(String name) {
switch (name) {
case 'PS256':
return 32;
case 'PS384':
return 48;
case 'PS512':
return 64;
default:
throw ArgumentError.value(name, 'name', 'unknown hash name');
}
} (analogous to final salt = Uint8List.fromList(
List.generate(_getDigestOutputSize(name), (_) => random.nextInt(256)),
); and in verify() as follows: params = pc.ParametersWithSaltConfiguration(
params,
secureRandom,
_getDigestOutputSize(name),
); However, I have only tested this randomly. |
I am creating a client assertion signed JWT using RSA and PS512. The token seems to be fine if decoded and all the signatures verify in JWT IO and state the correct algorithm.
However when I attempt to use this as part of a client credential auth, I get an invalid signature error.
If I use exactly the same key kid, claims etc using KJUR library in js or postman, it works fine.
One thing I noticed is that the token size using KJUR us much smaller than using this library, even though the header, payment and and signing are all the same.
Are there any known issues here or something obvious I might be missing?
The text was updated successfully, but these errors were encountered: