How to verify a detached JWS signature that uses b64: false? #432

petkivim · 2022-07-31T06:53:06Z

petkivim
Jul 31, 2022

Hi,

I'm creating a JWS signature with unencoded payload option using compact serialization and a detached payload:

const jws = await new jose.CompactSign(new TextEncoder().encode(data))
    .setProtectedHeader({ alg: alg, b64: false, crit: ['b64'] })
    .sign(await jose.importJWK(privateKeyJwk, 'RS256'));

How should the generated JWS signature to be verified? When I try to verify it using jose.compactVerify, an error is thrown:

const { payload, protectedHeader } = await jose.compactVerify(jws, await jose.importJWK(publicKeyJwk, 'RS256', { b64: true }));

The error that is thrown:

/root/test/node_modules/jose/dist/node/cjs/jws/flattened/verify.js:85
        throw new errors_js_1.JWSSignatureVerificationFailed();
              ^

JWSSignatureVerificationFailed: signature verification failed
    at flattenedVerify (/root/test/node_modules/jose/dist/node/cjs/jws/flattened/verify.js:85:15)
    at async Object.compactVerify (/root/test/node_modules/jose/dist/node/cjs/jws/compact/verify.js:18:22)
    at async /root/test/issue-vc.js:76:40 {
  code: 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED'
}

Node.js v18.7.0

I'm using the version 4.8.3 of the library.

Best regards,
Petteri

Answered by panva

Jul 31, 2022

It is easier with a flattened JSON serialization.

const jws = await new FlattenedSign(new TextEncoder().encode('detached payload example'))
  .setProtectedHeader({ alg: 'RS256', b64: false, crit: ['b64'] })
  .sign(privateKey)

await flattenedVerify({ ...jws, payload: 'detached payload example' }, publicKey)
await flattenedVerify({ ...jws, payload: new TextEncoder().encode('detached payload example') }, publicKey)

It is possible with compact too but you need to add the detached payload to the token before verifying.

View full answer

panva · 2022-07-31T09:38:10Z

panva
Jul 31, 2022
Maintainer

It is easier with a flattened JSON serialization.

const jws = await new FlattenedSign(new TextEncoder().encode('detached payload example'))
  .setProtectedHeader({ alg: 'RS256', b64: false, crit: ['b64'] })
  .sign(privateKey)

await flattenedVerify({ ...jws, payload: 'detached payload example' }, publicKey)
await flattenedVerify({ ...jws, payload: new TextEncoder().encode('detached payload example') }, publicKey)

It is possible with compact too but you need to add the detached payload to the token before verifying.

0 replies

petkivim · 2022-08-01T06:45:34Z

petkivim
Aug 1, 2022
Author

@panva, thank you for your quick reply! The use case that I'm implementing requires using compact serialization for signing. However, it doesn't prevent me using flattenedVerify for verifying the signature. I was able to implement verification using flattenedVerify.

1 reply

trasherdk Aug 1, 2022

@petkivim I'm curious. What is your use case for this.

I have this as a code sample: trasherdk#10

petkivim · 2022-08-01T11:47:15Z

petkivim
Aug 1, 2022
Author

@trasherdk Thanks for sharing the code sample!

The use case is about issuing W3C Verifiable Credentials with the JsonWebSignature2020 proof typeusing JsonWebKey2020 verification method.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to verify a detached JWS signature that uses b64: false? #432

{{title}}

Replies: 3 comments 1 reply

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

How to verify a detached JWS signature that uses b64: false? #432

petkivim Jul 31, 2022

Replies: 3 comments · 1 reply

panva Jul 31, 2022 Maintainer

petkivim Aug 1, 2022 Author

trasherdk Aug 1, 2022

petkivim Aug 1, 2022 Author

petkivim
Jul 31, 2022

Replies: 3 comments 1 reply

panva
Jul 31, 2022
Maintainer

petkivim
Aug 1, 2022
Author

petkivim
Aug 1, 2022
Author